urlscan.io logo urlscan.io
SecurityTrails logo

anonymfile.com Open in urlscan Pro
2606:4700:3035::6815:24e  Public Scan

Go To Rescan Add Verdict Report
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Submission: On November 26 via api from BY — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3035::6815:24e, located in United States and belongs to CLOUDFLARENET, US. The main domain is anonymfile.com.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time anonymfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3035::6815:24e (United States)

ASN13335 (CLOUDFLARENET, US)
anonymfile.com
9    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
waisheph.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:3032::6815:1bb7 (United States)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
ep1.adtrafficquality.google
2    2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
238 KB
9 anonymfile.com
anonymfile.com
404 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
6 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 waisheph.com
waisheph.com — Cisco Umbrella Rank: 118279
30 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
196 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
952 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
33 10
Domain Requested by
9 cdnjs.cloudflare.com anonymfile.com
cdnjs.cloudflare.com
9 anonymfile.com anonymfile.com
4 unpkg.com 2 redirects anonymfile.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 waisheph.com anonymfile.com
2 pagead2.googlesyndication.com anonymfile.com
pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 my.rtmark.net waisheph.com
1 code.jquery.com anonymfile.com
33 11

This site contains no links.

Subject Issuer Validity Valid
anonymfile.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
waisheph.com
R10		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Frame ID: 4879A6E526FD4CB92757010E0C101625
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 37725D138B71A0C19026BC96B084811A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542483570255373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732634578&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fanonymfile.com%2FeKV6Q%2Fwwwdealplexuscom.txt&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732634577653&bpp=13&bdt=673&idt=763&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5916778961023&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95330278%2C31088249%2C95345967&oid=2&pvsid=4292012642459035&tmod=1776948747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1280%2C1170%2C1280%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=796
Frame ID: EB355E9D6BBB76632A969BDE52CCAA98
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 707775804B00116268C25C2CB6C41F5D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5208DE6AFEBBFAE3DA058B3419CD89A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anonfile - Anonymous File Upload

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

91 %
HTTPS

91 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

924 kB
Transfer

2596 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP 302
  • https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
Request Chain 17
  • https://unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP 302
  • https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wwwdealplexuscom.txt
anonymfile.com/eKV6Q/ 		72 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07c89097cb4e20d6b2912b42ff2b0acf476d059c3580a583f3c7698186f932d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e8ae07649859e08-EWR
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 15:22:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NF%2FCSoHB8ngjuOX2CbAU816b1Nr9YHYj7U7BjD1%2FFR97deznUMNYWvYJzHDyekSwKU15VjUlOe05h%2FnumTIAuQTJ6DvcwmhbysI4bnm7JUq0W4ZalqNnJzrDRD53Jt6hTgVWHA%2FXgPiDdWwNEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6266&min_rtt=3060&rtt_var=6808&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4277&recv_bytes=5724&delivery_rate=1008&cwnd=12000&unsent_bytes=0&cid=55377fae5ddced68&ts=395&x=1" cfHdrFlush;dur=0
theme.min.css
anonymfile.com/css/ 		882 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/css/theme.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b25181938196019c65f4505b5ae4eae4bbbc71b45e4b55672818043af2b4265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"668fdd6f-dc7b2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLCa5MNXO1mkp2ibaLE2E3tDdKuePANR1z5e91vYjmof3GI%2F%2F7RXUoRVsV%2FhawaQJiLeWUgJxhuOd6%2B2slX4HJsunb%2Fz6PVDF8Mbrim4vemjMbPUUsY5DHwqnd9%2BVQ1kHzYlIjmwIwn2BxCkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3141&min_rtt=2536&rtt_var=450&sent=86&recv=52&lost=0&retrans=0&sent_bytes=85512&recv_bytes=11057&delivery_rate=792259&cwnd=38400&unsent_bytes=0&cid=55377fae5ddced68&ts=1023&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
text/css
last-modified
Thu, 11 Jul 2024 13:26:07 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07a6f4b9e08-EWR
x-xss-protection
1; mode=block
server
cloudflare
rocket-loader.min.js
anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FG1cLs6MJdrDBtSVOiJJRinyttoEGm4oJprhnhIgsiIItQ05b2sY6K9%2FQVkquMNSNflY3pLX0mgKDmE%2F15sy%2FnzF5xRQHQjXcC9PqdLTcn49uotFxDyRMkW2uRazMoISVraqQI1ciC3OY6sc6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e8ae07a6f4f9e08-EWR
expires
Thu, 28 Nov 2024 15:22:57 GMT
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
server
cloudflare
vary
Accept-Encoding
favicon.png
anonymfile.com/img/main/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anonymfile.com/img/main/favicon.png
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

cf-cache-status
REVALIDATED
etag
"667f0ef5-9f19"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7UWfWClbaDTyUreXdlAeM7Umc06qXggMPcYBFXgb1MTPQoMwL7%2BGzfqetnTBu95Qnbbr4AR6mBtGSbY8XDBdmIxAcemdVEoeFM1o1MjeixSOSwi4DP2rs2WM0%2B%2FhgSRE%2FAN0LcJZk0kqTkGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3231&min_rtt=2536&rtt_var=142&sent=142&recv=64&lost=0&retrans=0&sent_bytes=152712&recv_bytes=11585&delivery_rate=13094196&cwnd=76800&unsent_bytes=0&cid=55377fae5ddced68&ts=1027&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
image/png
last-modified
Fri, 28 Jun 2024 19:28:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07a6f519e08-EWR
accept-ranges
bytes
content-length
40729
x-xss-protection
1; mode=block
server
cloudflare
footer.webp
anonymfile.com/img/main/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anonymfile.com/img/main/footer.webp
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

cf-cache-status
REVALIDATED
etag
"64ee4bbf-2b796"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciodTC5eeV7CsSNYuNcxWhFxPjMjLrMENeOinsB9JSLGf3TFxYVXh1w8iEH0O3jNluKglImPCrN72Kqe2bMcXxuJX3CIMbE7evnyYSjYJ1BKR2pK09ZoE7vIodA4Rq1nPfivCNWj0ALoPmc%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3076&min_rtt=2536&rtt_var=223&sent=214&recv=74&lost=0&retrans=0&sent_bytes=235883&recv_bytes=12039&delivery_rate=21874973&cwnd=88800&unsent_bytes=0&cid=55377fae5ddced68&ts=1038&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
image/webp
last-modified
Tue, 29 Aug 2023 19:49:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07a6f539e08-EWR
accept-ranges
bytes
content-length
178070
x-xss-protection
1; mode=block
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/ 		80 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61498362-3826"
age
38935
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrhsmNNJO5jl68jK%2Fv3mTlfevyl0Mxxs76iJoBA312pXnFyUQWCJVQ7MhzQCveniNMD%2B9JiMgBi2QNlRzUXNvOkItWvQn1iVqiwq4Pk9Ncd0fH7Gwn2aVi%2BLK%2FjqzWj6SxU%2BL6BtMgj126vbHlHlREwO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
priority
u=4,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae07d4ef1c407-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14374
server
cloudflare
wwwdealplexuscom.txt
anonymfile.com/eKV6Q/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3MTaSLaVsaZVjMBz5rUdUbcsFH02Gyk1H%2ByohaSodmo0%2BE%2Fq7iDNGIgyXzLdmpnJevdPfd318tkAqUh%2FUwrdMuVoq%2BfCTxggUu0657vf6eDhoVSC2cHx0QuYP%2BsVQHqCe4Q4bEaeV1TTd1QPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8ae07d1afd9e08-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3519&min_rtt=2536&rtt_var=294&sent=378&recv=95&lost=0&retrans=0&sent_bytes=426115&recv_bytes=15564&delivery_rate=540522&cwnd=136800&unsent_bytes=0&cid=55377fae5ddced68&ts=2411&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6542483570255373
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fddf35ff18a4c57b995ecf642782b64a26b854e2c0a63b81d4b1166b63cd8330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer
https://anonymfile.com/

Response headers

content-encoding
br
etag
3612586939216682843
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:22:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53341
x-xss-protection
0
server
cafe
/
waisheph.com/5/6301577/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/5/6301577/?oo=1&aab=1
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
521c8e4ed36b2904ad1f5e8cdd5d770a136177f647600cd94edfb9084f0561dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
8949e5e3d2c57b53cd073905e02626a6
access-control-allow-origin
https://anonymfile.com
server
nginx
tag.min.js
waisheph.com/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waisheph.com/tag.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
8a5207b901e68e199998d8a7eeea2e34b81fad5696cfe70440b891e4a24fb97c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

access-control-max-age
86400
content-encoding
br
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 12:19:22 GMT
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
97a02d2fa361cbeefc396ffbd89842db
accept-ranges
bytes
access-control-allow-origin
*
content-length
27257
server
nginx
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Origin
https://anonymfile.com
Referer
https://anonymfile.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
1157868
x-cache
HIT
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
155743
x-served-by
cache-lga21980-LGA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732634578.572532,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
filepond.min.css
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613afc53-b76"
age
5816370
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wNvDtsjFw7r1Bb52zVIEys3cVHrSSTW93%2FhLrpJZ5zMaG9OWraW0PQuEHM2juXFt%2Fqm5aQDjH0mSHsGQpVjC0fRambhF5cF2v%2FuiO5o8RWczZWi6H7EPXOyDhKwOoaSYUPLhkJQrsQvsBEwkvlkBXwky"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 10 Sep 2021 06:33:55 GMT
vary
Accept-Encoding
priority
u=4,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae07e3f7c43c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2934
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6542483570255373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
br
etag
1457345766710809803
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:22:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147621
x-xss-protection
0
server
cafe
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"61498362-1df88"
age
35570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ga1gEkxx9dYGbXS4U0HpjAvKLcT8%2F9ma7oF%2BIw7MsH92bt0sd3lJLSZGlQBo3mL2nRUkyvJcXnG4CdSbvgysUaVb9LHIuyU1pTIpf93tcgqopkQpeeFcCoHmgk0NdTLLzCiBgb0Fkamj5kYlVeT2vGcU"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae07e7fe243c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
122760
server
cloudflare
md5.min.js
anonymfile.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/js/md5.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6164d009d3fcf65edd5c47c4b76a0d0580dea4bce929eec89bec744fdec10e15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"66916f44-28a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clwXb3oyQXrrkQR2PVheSxqC2PU5u1tHFzjOajI1o8GW%2FEYHeKwr3fwvwHAYOoEkY2enECrWL%2FxICa5fX9tJ%2FGZCLY8HFVB49hAFupQpY4JlUKhpZZVIf4ieiLWXo3uqU1Q0%2BQKTy60nTHvVSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3534&min_rtt=2536&rtt_var=218&sent=371&recv=93&lost=0&retrans=0&sent_bytes=418721&recv_bytes=15474&delivery_rate=31233606&cwnd=136800&unsent_bytes=0&cid=55377fae5ddced68&ts=1676&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/javascript
last-modified
Fri, 12 Jul 2024 18:00:36 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07e7cc59e08-EWR
x-xss-protection
1; mode=block
server
cloudflare
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/axios.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"664d13d0-4072"
age
509318
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4hbKkSoCNIXrOPpYaltLk12B7cwpmCgPIPnToe%2FM6bBYOJ1J9lAtdpV3Tqli%2BRT4OjZuGIkVXBcJNQ07pTVlOEKMG4TjJ5Fl8e%2F168OtJP8KEl9HM2cZPy4Aw2zDBgpv2BXHlT2%2BmzTZkaXPG9425Cw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 21 May 2024 21:36:16 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae07e78fac407-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16498
server
cloudflare
site.js
anonymfile.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/js/site.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524fcae3468beb724c12b61925a2c1dcdb482f37783cd9d3f7630ae8bafa3d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"64ee4478-2487"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amfh3CInGfeOmUr2%2F2NeNPHVKmyZJpKmQFSKZBXFRlf8TvcsYFpfyeoopIwU0CPEAlErYXanRqkc5VmX18JFCaFTAKT4kzqBsgiYZs2VGY0yITeINHpqh3EKwBHdEuORmlBF5%2BD3SfI3tW6Yjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3476&min_rtt=2536&rtt_var=279&sent=375&recv=94&lost=0&retrans=0&sent_bytes=423027&recv_bytes=15519&delivery_rate=6781&cwnd=136800&unsent_bytes=0&cid=55377fae5ddced68&ts=1685&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
application/javascript
last-modified
Tue, 29 Aug 2023 19:18:16 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07e7cd19e08-EWR
x-xss-protection
1; mode=block
server
cloudflare
filepond-plugin-file-validate-type.js
unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/
Redirect Chain
  • https://unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
  • https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25e30090781875e136e229ed92adf2547ac8f4670f52644f85ada7098d2c301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"228a-696Brs+wkAyjCuxTQj19JWGYPn4"
age
2102128
x-content-type-options
nosniff
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBNWB83799ETGFD1C38N6QYF-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8e8ae0837d6f32d9-EWR
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
content-encoding
br
cf-cache-status
HIT
age
386
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8e8ae0832d3732d9-EWR
access-control-allow-origin
*
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JDMGQARR1JB4QG36YEE7320T-lga
server
cloudflare
filepond-plugin-file-validate-size.js
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/
Redirect Chain
  • https://unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
  • https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
age
1849404
x-content-type-options
nosniff
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBXDBQR7FHK4V42D514N36MC-lga
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8e8ae0837d7232d9-EWR
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
content-encoding
br
cf-cache-status
HIT
age
386
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8e8ae0832d3632d9-EWR
access-control-allow-origin
*
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JDMGQARSYPQTN3XK6ZVJ9CE3-lga
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 3772 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 15:17:12 GMT
etag
17661348622971093804
expires
Tue, 10 Dec 2024 15:17:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EB35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6542483570255373&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732634578&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fanonymfile.com%2FeKV6Q%2Fwwwdealplexuscom.txt&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732634577653&bpp=13&bdt=673&idt=763&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5916778961023&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95330278%2C31088249%2C95345967&oid=2&pvsid=4292012642459035&tmod=1776948747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1280%2C1170%2C1280%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=796
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 15:22:58 GMT
expires
Tue, 26 Nov 2024 15:22:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gid.js
my.rtmark.net/ 		65 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=0081201a2b2549f2fba6bf4b20651bee
Requested by
Host: waisheph.com
URL: https://waisheph.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1bb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ca09a99ef0141722ecf27973c1262099b2b2998a8d1b7412a67dd33bfc741c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxYglqW40RDtV5ZB5qeX4qbyHwy6QDn2oPd3nmLnSyqcaAyP3wwfluz2VbW8824oL0B1Uw1JKvgF%2Bny6iVHao6qZSktYUNh3ebOwPpa06aZNeH4SHLIJtW22kw9SfkM%2BPx33rn6qXxYQFN3b"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=4192&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4272&recv_bytes=5650&delivery_rate=807&cwnd=12000&unsent_bytes=0&cid=d83beb19ac261139&ts=134&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e8ae0855c2d8cc3-EWR
access-control-allow-origin
https://anonymfile.com
server
cloudflare
filepond.min.js
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/ 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"615c7e96-740b"
age
499341
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTaqSCkplKsK4PcUHGy4in4XfxwAwFSJ4cqv0rgr1YLRl8pIrcQKIX8oGC9yy1wZohA9%2F6F%2BBdDEm6tUHT6JXDKgB%2Bwz0Dw0llncK%2BvCYfH1wZMCvzrse1Sit5cSRJpUkzAqpm7QFWa8AJyJFMEVVJM9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 05 Oct 2021 16:34:30 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae0854ae943c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
29707
server
cloudflare
favicon.png
anonymfile.com/img/main/ 		40 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://anonymfile.com/img/main/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt

Response headers

cf-cache-status
REVALIDATED
etag
"667f0ef5-9f19"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7UWfWClbaDTyUreXdlAeM7Umc06qXggMPcYBFXgb1MTPQoMwL7%2BGzfqetnTBu95Qnbbr4AR6mBtGSbY8XDBdmIxAcemdVEoeFM1o1MjeixSOSwi4DP2rs2WM0%2B%2FhgSRE%2FAN0LcJZk0kqTkGNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3231&min_rtt=2536&rtt_var=142&sent=142&recv=64&lost=0&retrans=0&sent_bytes=152712&recv_bytes=11585&delivery_rate=13094196&cwnd=76800&unsent_bytes=0&cid=55377fae5ddced68&ts=1027&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 15:22:57 GMT
content-type
image/png
last-modified
Fri, 28 Jun 2024 19:28:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8ae07a6f519e08-EWR
accept-ranges
bytes
content-length
40729
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
1618613
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YitzLtkpbD2PQHlaO%2BHlrv59SMMPlj6sYbvCkDfVbS2BjDaZxgStDnsweM2fBLZNN6sv1KUFnP0Zdzuqr%2BEFaluPiIvr1%2Fof3adtkUPLd0cWo%2FW4%2FTbIeBx%2FVNVNcIXt9AfcdHrJlFMOVp8m0SG0Hpy%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae0858b6843c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6155af49-1795"
age
2090981
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nVp5ezeAyRYMp%2B8PXfQ4N289U6NmHSaDRWanbXUtJ9OTMozO1J73bAMTjNe1KTNUp21TmtgZBcDxXXn1Uw%2FOyvWYeqN%2F25shR%2BVxl9VrfhVGTJ66hRGCtSgZshM9tuuxI5Vw2JTM%2BCahtvZcg3KrNH8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 30 Sep 2021 12:36:25 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae085fbff43c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6037
server
cloudflare
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6161dfe3-38f8"
age
327919
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOAzDF6fihpw%2BAFPeVsx%2BA%2BbJ5ADN45CPfB9tkRurplZqLI09aZae8SGCUFxxvMdVQKHRHB4dr3zby1ESY4bU996QjWkrsOT%2B7klQUVx1mJEfvfHYUw4x4zEYCCbBZc10n8uwuWHQThCI0l6awYtPxBu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 09 Oct 2021 18:30:59 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae0862c4e43c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14584
server
cloudflare
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
Requested by
Host: anonymfile.com
URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://anonymfile.com
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6049431e-29b4"
age
85118
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9i45qg1trQJ0%2FQvtfC9FzWeV1Suizgo9775%2BUGm2lYqJeSYMIkk6dbhJzb9Nvhs0cjwVTvy%2BZnfcnURFfB9Q64jmvEhLiduCKxkPWPYL0sB09dqZxg7IYn53Sl0eC5BAAorV7QPC3%2F%2BHiuuByxQTk5w5"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 15:22:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 15:22:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 10 Mar 2021 22:07:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8ae0865cb443c8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3000
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c6fc73d16e01c41d7c69f2e40776fbe9b4c9f9ba6877bfaa11d5f1046ef51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12842
date
Tue, 26 Nov 2024 15:22:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://anonymfile.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:22:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 15:22:59 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 7077 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 15:17:13 GMT
expires
Tue, 26 Nov 2024 16:07:13 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5208 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SLDM03myJK7HDdz4b3BJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://anonymfile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SLDM03myJK7HDdz4b3BJuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 15:22:59 GMT
expires
Tue, 26 Nov 2024 15:22:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=4292012642459035&bg=!ubqluvXNAAaIaF9IqGg7ADQBe5WfOFBKDLxaJXWzGNKW_Dg7bkolgh3rFf8awxiopM16EQd5APKNJA5B90EMP2-VwMtKAgAAAm1SAAAAB2gBB34ANjw40ymCQfx1awSCFDTldpVsZEgU5ugotjHoNjFgoE1mjy6n98XnCi6syp0boS9UWDnLy8dvIZkCoQ3MiprSn2JbU97YQCllYIExioaZauVPgyEeWfAJ-HYtF2WpoQESz3dDwfZHgvBW2Kucm_LeWMN1i0xBwJ339HDFqDZ5HAxbh1Yf3L5dOn6Kk9f0o_Dl69MOQGNs_iiy6w1lPPjtNLp8YuJO3M3uwIQ3AA6UT4P0U_w4bNlbaIg9mibE6MmbnP1mLstZaId29g8G1jwiIMKn7XQcHSBROeTr4x7Zi9BqyGspeMCA8d0USg2q4DU9S9Ie1XFDW4xvKO5Nw6JaA3A1-J3tipyQ3pxX_lvd-mj6J1KRnsuLW-pqOFJjXIkCR-0UmdLE9QYebR1hrkmxCu1hFUxgE9OBYXYm3-Le-cz48F7mLCqFsWTfYFeBkuPk-Rav_sxGXZQV5R5c9xIEowY7LF6K1IguTOFy7BhrSswg7LHuYKcwQi8UUjIiBtNmkXSg3xwF5SnQFFW38hxymlPcO6Z7jpC6t1fYzy-bgqUfiHWmw8giu32simwAgLOKHFtF3Hd7AjFcrarmqTLC3KZs28CcCmJ-c1ELyKUEkLUYq7Al8fbDnVfKI2vUjInxRP7gBHU7mRLa9cSBcuShvPihbSvvvRW_U6Xd7tt3MBpgJLXC23QVkS2C3At97GW5r9zHm3JTJGTAL3tMHPr7JHosbpXoz1-QkTFhA_gCFNtvA_mjYRuK3GcJgLcnqPAjRZhMamIKKeTLniQFb-l2jLdFRTeuQlI6Q9g1gv5CMjQPQ0batOVBkLJ_rWzlrEVk3V_8A8n9PRKzeqQDOvqGzT0vfNkqchHERW636xxBb6UIBkDUWGSRgiMBGZbAXS0al8Sq4gt-09e0rx34290BmeeADtXZphOZ5n9DaNQGU7Kr-DRniyUR7DVYgo27F3psa4jpH_Pze_xloOs

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| k object| _0kcthaz4gren object| 5tns6dpvyle object| zfgformats function| setImmediate function| clearImmediate function| _vzlevky function| _ldyxxjkw function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| __cfQR string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst function| _p57t8t47s5k object| syncCallbacks object| FilePond object| __framePainter object| Popper number| uidEvent object| bootstrap function| FilePondPluginFileValidateSize function| FilePondPluginFileValidateType function| ClipboardJS object| clipboard object| isMobile object| tooltipTriggerList object| tooltipList function| camelize function| getData function| _classCallCheck function| _defineProperties function| _createClass function| DomNode function| getItemFromStore function| setItemToStore function| getStoreSpace function| initialDomSetup function| changeTheme function| themeControl function| axios function| md5 boolean| __cfRLUnblockHandlers object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
waisheph.com/ Name: OAID
Value: 0081201a2b2549f2fba6bf4b20651bee
waisheph.com/ Name: oaidts
Value: 1732634578
anonymfile.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkNRUEhFZmlvd0FRVnhjRXcwQUN3MFE9PSIsInZhbHVlIjoiaURjS1dzZGNRZWxPVHZTamxuMVlCUjNKTTlFQXVrdVFCbC96T2ljcjRnd2RFSFRENlVmUGtRUENjdnk0N3J1M2VmdlVyZlFzV0NCVEtHVlBVOXBIaG5BcVNBUHlvdWpmTWs4UjNSelRrR05CdzQ3ejdHWERVMGRzbStTTkZzdWkiLCJtYWMiOiIzMjdmNDExOTRmZjNjODRjOGZhMTFmZjFjNzI1OTU4OGVjZWQ5YmI0Y2QzZGExOWQ2NWI2YTI5ZTM5OWNmMDg2IiwidGFnIjoiIn0%3D
anonymfile.com/ Name: anonymfile_session
Value: eyJpdiI6IlgrOUJtVmRKcmUyRDhKR3NQRFVtdkE9PSIsInZhbHVlIjoib0QyazhqeUVYZ29CVXVFOFpuY2xRbkFoNUtJeExXT2hmcDhCOVhvWGVmQlFRd000bTUwZzd6Q0NKYWV2bFErODU3cURwWHJsbVJEMndiQ2p1NkZINDlJdzRudUFsbmd5Z1ZpQlVUd1F4UERHVTY3VUdLWXZ3dUFqR01HdjJsRksiLCJtYWMiOiIzNTUzZjQ4ODllN2IxN2Y0NjViNzk4Mjk1MGE1ZDU3M2JkMTllMDk4Mjc5MjIzZGI0YjgxOWNjOTFkYWMwNzIzIiwidGFnIjoiIn0%3D
my.rtmark.net/ Name: ID
Value: 0081201a2b2549f2fba6bf4b20651bee

5 Console Messages

Source Level URL
Text
network error URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Message:
Failed to load resource: the server responded with a status of 410 ()
javascript warning URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Message:
Failed to load resource: the server responded with a status of 410 ()
rendering warning URL: https://anonymfile.com/eKV6Q/wwwdealplexuscom.txt
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0ED00FC0A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anonymfile.com
cdnjs.cloudflare.com
code.jquery.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
my.rtmark.net
pagead2.googlesyndication.com
unpkg.com
waisheph.com
www.google.com
ep1.adtrafficquality.google
139.45.197.245
2606:4700:3032::6815:1bb7
2606:4700:3035::6815:24e
2606:4700::6811:180e
2606:4700::6811:f7cb
2607:f8b0:4006:808::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:822::2001
2a04:4e42:400::649
10c6fc73d16e01c41d7c69f2e40776fbe9b4c9f9ba6877bfaa11d5f1046ef51b
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
4bf167774e13c97ed87fac15142657c51e15371a12ed4880922fb58cbe3aeaa3
521c8e4ed36b2904ad1f5e8cdd5d770a136177f647600cd94edfb9084f0561dc
524fcae3468beb724c12b61925a2c1dcdb482f37783cd9d3f7630ae8bafa3d2a
55ca09a99ef0141722ecf27973c1262099b2b2998a8d1b7412a67dd33bfc741c
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
6164d009d3fcf65edd5c47c4b76a0d0580dea4bce929eec89bec744fdec10e15
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b
8a5207b901e68e199998d8a7eeea2e34b81fad5696cfe70440b891e4a24fb97c
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
9b25181938196019c65f4505b5ae4eae4bbbc71b45e4b55672818043af2b4265
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d25e30090781875e136e229ed92adf2547ac8f4670f52644f85ada7098d2c301
e07c89097cb4e20d6b2912b42ff2b0acf476d059c3580a583f3c7698186f932d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
fddf35ff18a4c57b995ecf642782b64a26b854e2c0a63b81d4b1166b63cd8330
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99