urlscan.io logo urlscan.io
SecurityTrails logo

anonymfile.com Open in urlscan Pro
2606:4700:3035::6815:24e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://anonymfile.com/y65kv/ioncube.zip
Effective URL: https://anonymfile.com/y65kv/ioncube.zip
Submission: On October 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3035::6815:24e, located in United States and belongs to CLOUDFLARENET, US. The main domain is anonymfile.com.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.
This is the only time anonymfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3035::6815:24e (United States)

ASN13335 (CLOUDFLARENET, US)
anonymfile.com
11    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:400d:c01::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
waisheph.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2607:f8b0:4004:c0b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2607:f8b0:400d:c04::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
2    2607:f8b0:400d:c09::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2607:f8b0:400d:c07::69 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
12 anonymfile.com
anonymfile.com
411 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
238 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
6 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
2 waisheph.com
waisheph.com — Cisco Umbrella Rank: 98464
30 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
196 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912 Failed
543 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
38 10
Domain Requested by
12 anonymfile.com 1 redirects anonymfile.com
11 cdnjs.cloudflare.com anonymfile.com
cdnjs.cloudflare.com
4 unpkg.com 2 redirects anonymfile.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 waisheph.com anonymfile.com
2 pagead2.googlesyndication.com anonymfile.com
pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 my.rtmark.net waisheph.com
1 code.jquery.com anonymfile.com
38 11

This site contains no links.

Subject Issuer Validity Valid
anonymfile.com
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
waisheph.com
R11		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
rtmark.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://anonymfile.com/y65kv/ioncube.zip
Frame ID: 463510032AD6BE2AA3642BDB87E083F3
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Frame ID: 5129C4D335E734D7B37E06B34F12316A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542483570255373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729916603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fanonymfile.com%2Fy65kv%2Fioncube.zip&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729916603107&bpp=4&bdt=1275&idt=276&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5851260395394&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95344189%2C95345271%2C31088249%2C95344979%2C95345788&oid=2&pvsid=451869436827311&tmod=312446429&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: 2041920F8591C01B8338EF3AAE946123
Requests: 1 HTTP requests in this frame

Frame: https://anonymfile.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js
Frame ID: 10E9C9791865C9AC01895F338126C5BF
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 00A061F2A263BB9D1455E28EB0A63A8D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 177113460A84D8E657522F55319EFC1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anonfile - Anonymous File Upload

Page URL History Show full URLs

  1. http://anonymfile.com/y65kv/ioncube.zip HTTP 307
    https://anonymfile.com/y65kv/ioncube.zip Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

87 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

931 kB
Transfer

2708 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://anonymfile.com/y65kv/ioncube.zip HTTP 307
    https://anonymfile.com/y65kv/ioncube.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP 302
  • https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
Request Chain 18
  • https://unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP 302
  • https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
Request Chain 30
  • https://anonymfile.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://anonymfile.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ioncube.zip
anonymfile.com/y65kv/
Redirect Chain
  • http://anonymfile.com/y65kv/ioncube.zip
  • https://anonymfile.com/y65kv/ioncube.zip
73 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790e8201e86c3d9259c073a2bc48cdc7c1672df9eaed69463433f31866299b14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
BYPASS
cf-ray
8d87aba71d8c1778-EWR
content-type
text/html; charset=UTF-8
date
Sat, 26 Oct 2024 04:23:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pqmz%2B8%2BVLCymmiPXi7c90LJY%2B0FQcbhHb05KD6dtFLONiK2h17PDfXZBvIdBxaXJ2eoVxb2nP3QVEVAo%2FSGmNPIZIY%2FJeESZSWgsJ8zaxoLKs0BqwRxf0X%2B7MRpBZH8Bz0yIpeKhP7rp6K17jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=9486&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2362&delivery_rate=373455&cwnd=254&unsent_bytes=0&cid=76a4f2dffcf1a8c9&ts=456&x=0"
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://anonymfile.com/y65kv/ioncube.zip
Non-Authoritative-Reason
HSTS
theme.min.css
anonymfile.com/css/ 		882 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/css/theme.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b25181938196019c65f4505b5ae4eae4bbbc71b45e4b55672818043af2b4265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"668fdd6f-dc7b2"
age
2309
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gb6oQVF0avXtsrVEvJuolBiA7rzr6W%2BQ6ufttQwrFZnKGQk6cx1aNsIWxDe1RY6%2BxxBWK1FaofXwy84BXEgS73s9bSaUpmTQCx1NVajsmCkeNYEO435ceDxD1VUZu%2F3Sah5h9D7MDgJjmRancw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9318&sent=76&recv=10&lost=0&retrans=0&sent_bytes=65778&recv_bytes=3332&delivery_rate=2671249&cwnd=254&unsent_bytes=0&cid=76a4f2dffcf1a8c9&ts=509&x=0"
date
Sat, 26 Oct 2024 04:23:21 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 13:26:07 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87aba98f061778-EWR
x-xss-protection
1; mode=block
server
cloudflare
rocket-loader.min.js
anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67180f7e-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljX3atj5ImkaWBDD8UEg2CxaKYC00xsZazEYIzTmjsKZWZdBOHryu3jGr0A6TqZqgiLIk6gkK3ItIUARNYCTYGxPbvMP75rt%2FTOVDZrkoQey%2BApamJYwgiHyvOQlB%2BXEcdghf7eTVOFRepw2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d87aba98f071778-EWR
expires
Mon, 28 Oct 2024 04:23:21 GMT
date
Sat, 26 Oct 2024 04:23:21 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 20:47:58 GMT
server
cloudflare
vary
Accept-Encoding
favicon.png
anonymfile.com/img/main/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anonymfile.com/img/main/favicon.png
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

cf-cache-status
HIT
etag
"667f0ef5-9f19"
age
5815
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQxAuw9LFmZ6saHeBl27wK8phOp6raWEV%2FcXKHBv2W7nZyNJpXA%2Bg3WDvunHvZxwwlG5zBTfH1g%2BudCShnSbkA3Q5AD%2Fr0GZatOwogQBbWXuzCXN1QWvwWs758F6HhT%2B3Z3aaOkZliKGMheGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9318&sent=31&recv=10&lost=0&retrans=0&sent_bytes=23875&recv_bytes=3332&delivery_rate=2671249&cwnd=254&unsent_bytes=0&cid=76a4f2dffcf1a8c9&ts=507&x=0"
date
Sat, 26 Oct 2024 04:23:21 GMT
content-type
image/png
last-modified
Fri, 28 Jun 2024 19:28:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87aba98f081778-EWR
accept-ranges
bytes
content-length
40729
x-xss-protection
1; mode=block
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/ 		80 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61498362-3826"
age
216862
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXaPRDvZNdBHcdgNqE5EBHSqe4MdCGU2e3NuGfVG%2Ba8sEwbnRAvEhZlnTtI6JycjgcpSLTVsSIRWPlTPtpauH7cUIhRCcpDX%2BsFt6hcq%2FIuTRs%2BoozzOTab%2Fc1FedKU4jS%2BkEQ0JkFh2g2B5LUhRMaDR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:22 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abaaad35428f-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14374
server
cloudflare
ioncube.zip
anonymfile.com/y65kv/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/y65kv/ioncube.zip
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoVBNtwQXqP61F6G%2BkgqOlXlKhw8KkJBy871zB6gEmGk%2Bc%2FtCUbNlHaDjl9msuDW6DpmgUAFg9eirl3%2F7EYNoT54lhlqKkUdd7zPBS5mWG%2Byru5lA7doKT99JHvTllqSDvimJTVtLgYibsgpRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d87abad1c138c2d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29408&sent=181&recv=68&lost=0&retrans=0&sent_bytes=194774&recv_bytes=10084&delivery_rate=168443&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=1867&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
footer.webp
anonymfile.com/img/main/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anonymfile.com/img/main/footer.webp
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

cf-cache-status
HIT
etag
"64ee4bbf-2b796"
age
2310
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80lix2Ek40kB%2FZ2pGsPtjSxM6I8duhbw%2F3%2FP1fh1h8CZ5%2B5TG7EUzWREsDgkQ6ps9SK2Awa%2BuLH2KzjANOLPWP7cA%2FEsZYvByLLZ7gGXwLf1Dxpdm9Vs2g06n%2FZpDa5LUcpaxYt3%2BqPt8%2Fmp2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33457&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4256&recv_bytes=5884&delivery_rate=541&cwnd=12000&unsent_bytes=0&cid=f4f7979dd35a708c&ts=541&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
image/webp
last-modified
Tue, 29 Aug 2023 19:49:19 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87abad1c1b8c2d-EWR
accept-ranges
bytes
content-length
178070
x-xss-protection
1; mode=block
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6542483570255373
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24f86a120cf2de850bb0386be213e16afb43b766e3b4823f29b2b7bd63ff5572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer
https://anonymfile.com/

Response headers

content-encoding
br
etag
13171083692413780770
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 04:23:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53217
x-xss-protection
0
server
cafe
/
waisheph.com/5/6301577/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/5/6301577/?oo=1&aab=1
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b8e1dc92908f4beef860cec977e1bc31b3a0425538ee9ffa75ef99ab6030430e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
b1b0b9a3d10cb9cbb18489c6d6521886
access-control-allow-origin
https://anonymfile.com
server
nginx
tag.min.js
waisheph.com/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/tag.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4afd2b8e97f4b8035d72b09efb6a7594838ebf85cac34036fc65fe80d84d47bf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

access-control-max-age
86400
content-encoding
br
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 19:22:59 GMT
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
e2dce84bfa599bf8b311a814380b8f53
accept-ranges
bytes
access-control-allow-origin
*
content-length
27246
server
nginx
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Origin
https://anonymfile.com
Referer
https://anonymfile.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
3868059
x-cache
HIT, HIT
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
508945, 139066
x-served-by
cache-lga21931-LGA, cache-ewr-kewr1740068-EWR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729916603.825551,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"61498362-1df88"
age
198249
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yAPFKfyyQ%2BgBBHdlPryjr0C5x2Q3axCFUVx33n6KM1DDMYF7LKqBT4fixolMnmGX8Cf0%2BlV6AuXE%2BOMwEk%2Fai97BN3zlddzckQLUVIQF62a7PTx%2BNY4vZcMc9SgHFyo8T3nIxxm75BlD4sb7IcbhqVf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:22 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:22 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abad88284362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
122760
server
cloudflare
filepond.min.css
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613afc53-b76"
age
3098396
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLf0jyrnMQypzRz8KN5NNe%2BL%2Fn94zYIAniCdpP0e%2FEmGP%2BXWo5shXvibnIIhq%2Bzz3LyyNl8W7SWCQ6SvrQs81VQvKP7U4HUQkHxAOAlTxs%2BFLdi%2BVE0cSMc8j%2BD61Aq6FTUUz4aPv4NZbsljj1l8vLFU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:23 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 10 Sep 2021 06:33:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb16afc4362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2934
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6542483570255373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
528138919125b20d77e6369167e942ab812f565c4e81b685552be9a71c056848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
br
etag
6916633306105110495
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 04:23:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147863
x-xss-protection
0
server
cafe
gid.js
my.rtmark.net/ 		0
0
md5.min.js
anonymfile.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/js/md5.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6164d009d3fcf65edd5c47c4b76a0d0580dea4bce929eec89bec744fdec10e15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66916f44-28a8"
age
2311
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7FVaaScUjOG5B5aO1DctZgcuTYdzSN7IZ2t4v7DtEPHCUr5g%2FRPrP1C67h3GSZ9RvjZy6AdOOQ%2F5tn4V56xJxGMJR8LGnDzEQi6V2OutgYvALi7C79zduldxmpP%2BSEsHWhEus61BQx2iF5czA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29628&sent=174&recv=67&lost=0&retrans=0&sent_bytes=187351&recv_bytes=10039&delivery_rate=2457759&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=1306&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
application/javascript
last-modified
Fri, 12 Jul 2024 18:00:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87abb1e8598c2d-EWR
x-xss-protection
1; mode=block
server
cloudflare
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/axios.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"664d13d0-4072"
age
123190
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mPe%2B%2BDHjGpN4Kra0AiSX64wcXEYP76idxVmQ%2BpQU%2F1qNtG8fuhTFUEcKpFW8pCLKzO996eh5554IgKTPSn0UzBG9Bg6cWJfMswYlWdJivcqlwqedfrHeh2fAzTx4qChTqC%2FY4PPBcDzM%2BbcdF4yBhhF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:23 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 21 May 2024 21:36:16 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb1eb9b428f-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16498
server
cloudflare
site.js
anonymfile.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/js/site.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524fcae3468beb724c12b61925a2c1dcdb482f37783cd9d3f7630ae8bafa3d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"64ee4478-2487"
age
2311
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQ1%2BfSDtJNSLvWZ3sAYYV8g2hlh1ZnguDXupy37ix5S5znNZLyI87bCwQWXqGI4IV7CJzTm6jj935qpV0hYNjzM5l4UsXZVdNcO%2BplkizbaAGJw72kr8%2BGQ7MUVBYOr7be5bq24YWmzJ4H2%2BrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29628&sent=178&recv=67&lost=0&retrans=0&sent_bytes=191667&recv_bytes=10039&delivery_rate=2457759&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=1308&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
application/javascript
last-modified
Tue, 29 Aug 2023 19:18:16 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87abb1e85f8c2d-EWR
x-xss-protection
1; mode=block
server
cloudflare
filepond-plugin-file-validate-type.js
unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/
Redirect Chain
  • https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
  • https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25e30090781875e136e229ed92adf2547ac8f4670f52644f85ada7098d2c301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"228a-696Brs+wkAyjCuxTQj19JWGYPn4"
age
799755
x-content-type-options
nosniff
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JABPAF7JDPAAZ7NJG0FFT76E-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d87abb32c5b425c-EWR
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
content-encoding
br
cf-cache-status
HIT
age
581
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d87abb28bfb425c-EWR
access-control-allow-origin
*
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JB3GFB9NR57J83T5XMPAXMWA-lga
server
cloudflare
filepond-plugin-file-validate-size.js
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/
Redirect Chain
  • https://unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
  • https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
age
19558856
x-content-type-options
nosniff
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWM855A88Q5RW14TFW43FKV-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d87abb32c5d425c-EWR
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
content-encoding
br
cf-cache-status
HIT
age
291
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d87abb28bfd425c-EWR
access-control-allow-origin
*
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JB3GR717KASEJRTP55AT1D1H-lga
server
cloudflare
filepond.min.css
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/ 		17 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/y65kv/ioncube.zip
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613afc53-b76"
age
3098396
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLf0jyrnMQypzRz8KN5NNe%2BL%2Fn94zYIAniCdpP0e%2FEmGP%2BXWo5shXvibnIIhq%2Bzz3LyyNl8W7SWCQ6SvrQs81VQvKP7U4HUQkHxAOAlTxs%2BFLdi%2BVE0cSMc8j%2BD61Aq6FTUUz4aPv4NZbsljj1l8vLFU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:23 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:23 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 10 Sep 2021 06:33:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb16afc4362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2934
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/ Frame 5129 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241023/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
46647
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 15:25:56 GMT
etag
13108003645644964576
expires
Fri, 08 Nov 2024 15:25:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2041 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542483570255373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729916603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fanonymfile.com%2Fy65kv%2Fioncube.zip&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729916603107&bpp=4&bdt=1275&idt=276&shv=r20241023&mjsv=m202410220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5851260395394&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531705%2C95344189%2C95345271%2C31088249%2C95344979%2C95345788&oid=2&pvsid=451869436827311&tmod=312446429&nvt=1&fsapi=1&fc=1920&brdim=130%2C130%2C130%2C130%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Oct 2024 04:23:23 GMT
expires
Sat, 26 Oct 2024 04:23:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
filepond.min.js
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"615c7e96-740b"
age
8077499
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9mKGGpMOaC65bsdOvXLXSc6Ka6UmeomzAs3G%2B295ALgO%2B9jvhvE%2BWZ6jJqO8qvBjqu9v8FIQPCsIscTBZC4wHcaMaY3G8nG6iq4uYFkSS4RfT47HHeYbhHpjs6Xp4d9oOM%2BxJ6lW7VqSdOOwChdJDbZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Oct 2021 16:34:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb798a04362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
29707
server
cloudflare
favicon.png
anonymfile.com/img/main/ 		40 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/img/main/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/y65kv/ioncube.zip

Response headers

cf-cache-status
HIT
etag
"667f0ef5-9f19"
age
5815
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQxAuw9LFmZ6saHeBl27wK8phOp6raWEV%2FcXKHBv2W7nZyNJpXA%2Bg3WDvunHvZxwwlG5zBTfH1g%2BudCShnSbkA3Q5AD%2Fr0GZatOwogQBbWXuzCXN1QWvwWs758F6HhT%2B3Z3aaOkZliKGMheGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9318&sent=31&recv=10&lost=0&retrans=0&sent_bytes=23875&recv_bytes=3332&delivery_rate=2671249&cwnd=254&unsent_bytes=0&cid=76a4f2dffcf1a8c9&ts=507&x=0"
date
Sat, 26 Oct 2024 04:23:21 GMT
content-type
image/png
last-modified
Fri, 28 Jun 2024 19:28:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d87aba98f081778-EWR
accept-ranges
bytes
content-length
40729
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
124939
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQwnxwdujLq1kDKrheQ8vh7CUZdM6HPuG49o7R0CM9oupB5y%2FyBs9k7hvtPG6L0aD07qha4os%2FYaqem0KVg3WS8sTNVHy4tY6d5Qyql86uKV39qF4f3ZwrWr%2Fgb0oroU0tFg59YYiZuz0CvTLhoclj7e"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb7e90a4362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=n3wn307771bs807755279e1b5rmds870
Requested by
Host: waisheph.com
URL: https://waisheph.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4f3392b149ba1bac56b4d4eea5043c02321850d998164ba89d38c141ab01a16d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://anonymfile.com
content-length
65
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
124939
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQwnxwdujLq1kDKrheQ8vh7CUZdM6HPuG49o7R0CM9oupB5y%2FyBs9k7hvtPG6L0aD07qha4os%2FYaqem0KVg3WS8sTNVHy4tY6d5Qyql86uKV39qF4f3ZwrWr%2Fgb0oroU0tFg59YYiZuz0CvTLhoclj7e"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb7e90a4362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6155af49-1795"
age
1402808
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8wGigWlMLVk4qPZPuhzpiDYYW11xIuyUZfKb2Mp1rK31ORdzG0DH3HiDVim3r1yOv0cZSSQRmxnzwWqc8Wm6%2FJKG9CmX%2FStye8Rz8onpFDQW2HrvMB122optQ9OGwfJheUOr%2BbIH5Yuuo6A6kG3ZcFp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 30 Sep 2021 12:36:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb849654362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6037
server
cloudflare
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6161dfe3-38f8"
age
118689
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QI0J55ZDeE1MHFSbmuGrT6bZHjTR1rHvlWblRRo2e9A5dPTuNNqqtf9eQRMOcA97T01VRdxtLLczIfByhUocsIdXMJdgqLEbNz9DHvH2q36WKDxeDv94%2FcZWTWLhOpJEXRA%2BmVhQ5Z1rh4BxqyB69Kp8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 09 Oct 2021 18:30:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb899b74362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14584
server
cloudflare
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6049431e-29b4"
age
214587
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJyZZH15%2FtURrv06ieXWRjL%2FYedQ1jlIMQ6liYtKAPUYMXy0rQZ%2BVpsh%2BLdnIcdpASM2epNohrRH590Mr3XQYHEuYEswTnFdEQLc4o%2BjQgzrXehvs36NIh0h7ta6rO7p42JRl4UIgepcsZnHfoXqjMuD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 04:23:24 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Mar 2021 22:07:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d87abb8da064362-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3000
server
cloudflare
main.js
anonymfile.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/ Frame 10E9
Redirect Chain
  • https://anonymfile.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://anonymfile.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?
Protocol
H3
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d390f64b6cfa79d97b6eddb5005188bf66247fd2fb32716e4207bd3fa4ce06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jP7SvbtgUq6TYTZXHOYphYAB8kUeHtfT2F%2BAcmJNquzRE1eQR0ydPr7hfDwIOfi1OEknrRjgsx2elEiv3XxV1LRuRaot4OQIckSK%2B0uuWXGxN02aDuoLRL2lVWMl1F4PlKQqNTp1jmhVXsgohA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d87abb96ff68c2d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28836&sent=186&recv=71&lost=0&retrans=0&sent_bytes=196962&recv_bytes=11865&delivery_rate=20819&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=2500&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NrA0w%2FI4ong0Uj9UN%2BIRhEbors78KzL4h3%2ByOy8fGBxPOcdmpMMc9JBY%2FL87NWXW4u4qn4JWoczBxfAPyi%2FfxvkeVVy787auGjSixjLWsW2HNPAm9PhmskXdefBN%2F3D3VgYJ9jkrIEosIXbObQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d87abb92fc38c2d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=29108&sent=184&recv=70&lost=0&retrans=0&sent_bytes=196214&recv_bytes=10987&delivery_rate=41148&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=2462&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 04:23:24 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241023&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5856b5b4513e29db44f0bff14a58c4775cbbfcafb8d821c00a6c0c48e367cd17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13056
date
Sat, 26 Oct 2024 04:23:24 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
8d87aba71d8c1778
anonymfile.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 10E9 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d87aba71d8c1778
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUN0zrIZ7PJeECNhkzhOJzI2Q7atyDxKTKO0SnoUYqquBtDLEz6PfxKoJuMMQ1lI2Y2%2BltXD1CroWiz1v4KSkMoEegzoB%2F1McoZA1eFIEk%2BJWOBcewPuuMPWH3gC9cwP2RX7360yfsNS58gMgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d87abbb598e8c2d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28619&sent=203&recv=87&lost=0&retrans=0&sent_bytes=201767&recv_bytes=29660&delivery_rate=110081&cwnd=88800&unsent_bytes=0&cid=f4f7979dd35a708c&ts=2821&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 04:23:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 04:23:24 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 00A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Oct 2024 03:33:33 GMT
expires
Sat, 26 Oct 2024 04:23:33 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1771 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qsb_OnF8JRlThZ8GYd3BMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qsb_OnF8JRlThZ8GYd3BMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Oct 2024 04:23:25 GMT
expires
Sat, 26 Oct 2024 04:23:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?userId=008101bef4a74bf4eead3eed319c959d
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241023&jk=451869436827311&bg=!MTKlMn3NAAZ-RxQpXkc7ADQBe5WfOCPtJb2aDEPROFTquArC_-AnbLFwSxI1_IGBAsR-cj_HlRArM3JviUoO-zoTwXTmAgAAAEhSAAAAA2gBB34ANgcdk1N3XZyI6U9OcI-YOi1-p3FxB59QwKiAMPMKZCZYVc5k6g1o4v6C4jDsQ1tD1SWoRWpx8woAS4x-5-_qAPwFsX7mZb6n-fLtAkpk2hlb9p1CeQ9gaknSL3RmA7nVOoUamRoS31A1eqjbPC22Ke6iWOmh02f0Kpty21ppWf2Xi2yMRJkCjBJYL6FfOrQtW5Pn1GlxCmeSJNATqF4xO2XgA_vSLUnmSxrAIJ43bYDY74uTTS5_EYB855zTKTyHrmWZRjVgzkdNdQ5-k3CI0KsZja00zJ2eqAbDEtYXn_pyDKcM4-U6XRipSr5jIOGANpLwu2YR5W0S2u4L0pziGn3dXXtD3qsnrncD2W8iBEEpCPOKY7UtW9II6Q0ljQHULvKpLUbsMVx8UKAocdvBFdHV96hffJMNJwARK9FtlwZQl-J9q2FDZ8Qz_0jEzhoRKqpC_4frNEpyeRQL2sQ_e6QD4H3aqqckyCwXzgCbO_-PpR7e4Yh1xx4xfJPP8ibMUYpNRXOxtV-PavmD1HgRvEsLxesoibyh41a0xsRUEs4QsB5JCs8_WhTWPmEQfOJiY4w9Drc4kEcY3uqnoIqj9nwK_4Kbbbqow4qi6cLFfksxsbxM_TR1RjF4smxORt2bZpVyouJAz3CNa_0hAgdHf4fZHfZz3tylbAR_MAG29Xboe5rN5PMCX6TkOmTHZJMFES8C7YJZTA-GDgak0hbLdiMJstHojsANkmyYt9DHeTn5l2vRaiwbRNOfShzLOWlBmEv3IIQzi6DQO86Yh92sVKtGmJ4gIFG-y2xHsAE1W91shhF2eC-f9DEtMvzcvRus9ZJSCrK1C9G-0XWGlTD5DaMIXC6c8cYt1ZnFhvOeTZT34Z27P4IBXAE6xbMl1GijXlqjcoiHraJN8OlDBNer32VBFJygZHvLfK9Ed1YGflcp4bANNfz9G0hIyjtfnglO7nyiiQe8Lis62_ER_4Ci5R3JgBovaKY8PdwO2S94dRcvKQfO_NDUFDf9WmM0JjGzmlVqRMN8wvw_iL_b6tdkRhk6SrA

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| k object| _e3uci37v4rr object| nsj4it1asei object| zfgformats function| setImmediate function| clearImmediate function| _vzlevky function| _ldyxxjkw function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst function| _p91s3sp043g object| syncCallbacks object| __cfQR string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| FilePond object| __framePainter object| Popper number| uidEvent object| bootstrap function| FilePondPluginFileValidateSize function| FilePondPluginFileValidateType function| ClipboardJS object| clipboard object| isMobile object| tooltipTriggerList object| tooltipList function| camelize function| getData function| _classCallCheck function| _defineProperties function| _createClass function| DomNode function| getItemFromStore function| setItemToStore function| getStoreSpace function| initialDomSetup function| changeTheme function| themeControl function| axios function| md5 boolean| __cfRLUnblockHandlers object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
waisheph.com/ Name: OAID
Value: 008101bef4a74bf4eead3eed319c959d
waisheph.com/ Name: oaidts
Value: 1729916602
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
anonymfile.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Iko5cXY3OEtRUUFKcTVXYlBLb1g3QVE9PSIsInZhbHVlIjoiYjlmKzRLdFMyb0dsZXdtZ2lac0drd21PQnB1V2xDZWJxQ1BsWjVnV3ExYjVTQ0NNN2dNSU1KMTM1U3lOUWN3ZG9ZdkJJaEl4azR3dlZvL2pnNUtadjVNVUMzZjRXSXZjSENqSUgyTUQyVmRNZEdxY0ZYOSsyTy9IMGVGUVdaMWkiLCJtYWMiOiJkYmI3ZTA5YzI4YTgwYjFiMDQzOWE5YTdjMGUxZGM3ZmNiY2E0NTA3ZDZiYmY3ZGU3OTFhYzczZGQ4MzQyZmNhIiwidGFnIjoiIn0%3D
anonymfile.com/ Name: anonymfile_session
Value: eyJpdiI6IkwzaTc5Z0R0dVdhSDd4NFVkTFluTXc9PSIsInZhbHVlIjoieHpuTzlDZlVUK1RuRm1HQytKQWFwL1B4NVpXK2liajVyaW81eitpeXVKelJ0dnlLQWtYa2ROV3lPR1FVemY3MWY0NXVJK1RSdmdtck1maVoyK0VYZHVUZmVGNUU2RytxODdhdmdPUXo2NFpMYng0eGpNNjJKMlRneWpjR1pBZ2QiLCJtYWMiOiJmOTE2ODdhM2ZlY2FhMzE5MzQxZDFkZTNlZTVjOWUyZjcwZGIxZWM1MzEwZDkyNGIxMTdkOTk4MTI2NzViNTM4IiwidGFnIjoiIn0%3D
my.rtmark.net/ Name: ID
Value: n3wn307771bs807755279e1b5rmds870
.anonymfile.com/ Name: cf_clearance
Value: hgl.4Dfv0e._bOHrzk3p0DhEWot5iHrwR_HLLDfoE3U-1729916604-1.2.1.1-Tr6vXDy2gxwpFEZpjUCnoY5sFQcaDfoHahOm7QxLXxtKlcNTqTyxRHgB0S5WhdVFYzgcvIvtfK5SZEsKqwjQ_HyW87_Gk2_7hC25hRAZhmi5gRwUQto8PQ_WWE0D3SE3UWX6mIpgKbhAEdC6zXLOz.FI8xYsYjxE__ge_NiylgFt1mWwvMf_7xTyCqBRH4.NIQGJT75L0QB5Eac9.yd06C4cmM3iCyu4kQURkbINGiyhZOOyw_v7DuZ89cFGi2JuyGtzisv7zK9TVHF1dvDH5E7dMPzenrjG2h75sqwlg9bhy6wl6fEytKaZxsMcnWZPxXlpDyWFcxRVqr1QcvYNyziqWN.SnUN3oq_eKVV2kJxX1GhXN7ggcr9OzntCVptT

5 Console Messages

Source Level URL
Text
network error URL: https://anonymfile.com/y65kv/ioncube.zip
Message:
Failed to load resource: the server responded with a status of 410 ()
javascript warning URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://anonymfile.com/y65kv/ioncube.zip
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00B42E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://anonymfile.com/y65kv/ioncube.zip
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anonymfile.com
cdnjs.cloudflare.com
code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
my.rtmark.net
pagead2.googlesyndication.com
unpkg.com
waisheph.com
www.google.com
ep1.adtrafficquality.google
my.rtmark.net
139.45.195.8
139.45.197.245
2606:4700:3035::6815:24e
2606:4700::6811:180e
2606:4700::6811:f7cb
2607:f8b0:4004:c0b::9d
2607:f8b0:400d:c01::9c
2607:f8b0:400d:c04::9c
2607:f8b0:400d:c07::69
2607:f8b0:400d:c09::84
2a04:4e42:400::649
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a
24f86a120cf2de850bb0386be213e16afb43b766e3b4823f29b2b7bd63ff5572
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
4afd2b8e97f4b8035d72b09efb6a7594838ebf85cac34036fc65fe80d84d47bf
4f3392b149ba1bac56b4d4eea5043c02321850d998164ba89d38c141ab01a16d
524fcae3468beb724c12b61925a2c1dcdb482f37783cd9d3f7630ae8bafa3d2a
528138919125b20d77e6369167e942ab812f565c4e81b685552be9a71c056848
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
5856b5b4513e29db44f0bff14a58c4775cbbfcafb8d821c00a6c0c48e367cd17
6164d009d3fcf65edd5c47c4b76a0d0580dea4bce929eec89bec744fdec10e15
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
790e8201e86c3d9259c073a2bc48cdc7c1672df9eaed69463433f31866299b14
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
83d390f64b6cfa79d97b6eddb5005188bf66247fd2fb32716e4207bd3fa4ce06
845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
9b25181938196019c65f4505b5ae4eae4bbbc71b45e4b55672818043af2b4265
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
b8e1dc92908f4beef860cec977e1bc31b3a0425538ee9ffa75ef99ab6030430e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d25e30090781875e136e229ed92adf2547ac8f4670f52644f85ada7098d2c301
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99