GET cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
200 OK 118 kB URL GET cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (65370)
Size 118 kB (117547 bytes)
Hash 516f35ea42aa797b3b106a8f108edb88
9b1313b221c5d59835c31da0327f4273a2647174
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1502573
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnSoDRtKlVJCHMXZhkzY%2FMSMa4O0b5vyrNFEqdJyfORbfY0vVkqSYtWXoaV8G6sqFRlby5123pgm%2FZ012vmfAvWXsrYVJp8LpmUTzJ%2Fj9dnDTyS6q94L%2BRI1jvomTCYRxBGtS4cz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e7f1ee61c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
200 OK 11 kB URL GET cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1105051
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONXy2U3lalvOt5p5%2BCVVqLeS33ShXDZHbjTz6T4hb44XESh6Dwu4dlcfyokhmwBQRRS0UtmOf1LOLNBzhR8tWCGaJ0UNAEJ8HzeqCkdeWmHhUnuV9xZ%2FbdAr0ANmiAXYveH%2Fq5R%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e81c8e91c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type JavaScript source, ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZNk96ixz7AfbCXfS32E%2FMr20niXGlgg%2BeZDPOyLcmQA9%2BGU6VfL9HR8o7wS8tK5JdLO57EthO95gJ%2BPSauPjAE8RHKEqGA1iuAOTPpWKQelus5Jf2G6fkhRMV7xXJYobw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a21e78ebbffeb3-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 04 Apr 2025 17:41:47 GMT
GET cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
200 OK 17 kB URL GET cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type assembler source, ASCII text, with very long lines (17282)
Hash 8eec69af8b7514e7980a5934d329404c
1e176e95fe692683e6e59bb467ec89464b1672f6
a620ee6349399f7d71768f23b38e7fe17f45a89f853288b309c2723af4eadea5
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/css; charset=utf-8
content-length: 2934
cf-ray: 92a21e79c94a1c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942a00-b76"
last-modified: Thu, 22 Jun 2023 11:01:20 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2842192
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmM0OQxoO1TOem1dvenMh8R2W%2B37CppWksUXgMQ7fQxDW6gc4Xd5Mi5zbTQFwxZCeIEB5xLGXnzOp1FBbWb%2BwY1r6SM0tRc2ehvMeuj%2B4JORf6rNrDm0AiUMzp7BHAxMYOWyaJ8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET my.rtmark.net/gid.js?userId=00819fc743164d36e02f7f2efe153135
200 OK 65 B URL GET my.rtmark.net/gid.js?userId=00819fc743164d36e02f7f2efe153135
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9
ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 622e9118a9de308659c1aa9d8e726b83
ff23210943ca88ee5b8c389a1c768a39182a9ea3
150fb69d372fcb11eee320accd731969e3fb2827a40eba44cbb651e7fa7a4184
GET /gid.js?userId=00819fc743164d36e02f7f2efe153135 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00819fc743164d36e02f7f2efe153135; expires=Thu, 02 Apr 2026 17:41:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92a21e7f2efc5691-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
200 OK 105 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 105264, version 768.66
Size 105 kB (105264 bytes)
Hash ef9332780500ea981e97dff51cc30669
4020ed1a099b98c421f09ceb9a92f4a1d8d5d9c8
ec372177b8e8df39d755e16551dfbbddcc53938ca52765fd730d0925885c964e
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105264
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-19b30"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 662888
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpm8HiATvq72oUabM1XtY2Y%2F8fF5UQ8gjyb5o59bwI7N7S06lGYXIVnvJmC2vw0bj%2F6R5mMdT0RMMA1P6NdaeKJgGOH4frbAsuZJJOx3rhffK3ptRlHN7b1%2BxKGExWN26AmjUbYi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e7979011c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 90 kB URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 666462
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFBSsJaTygRHtZMOjWq3l%2BqwTLx4WUpaCBH4Zq8gX01UCCLSZH9DuL4i9YalLzDHoN7y%2BHBJ04oFLeWiciSzymMjxLbnFZu9ElZzaH1Lsz0OaYCtIgSOGgTG30JbFgG4giKbJBRt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e7a49bf1c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
200 OK 6.8 kB URL GET unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint8D:8A:98:6F:BC:BA:F3:49:3A:22:84:A9:92:79:74:9E:D7:28:73:12
ValidityTue, 01 Apr 2025 17:36:26 GMT - Mon, 30 Jun 2025 18:36:22 GMT
File type JavaScript source, ASCII text, with very long lines (6956), with no line terminators
Hash 2964c1b66e9c36689daebbdfbea84799
89393d72d187aa650719a0a32659362d8b8d096f
636574376dfe7d10656e8dcfb551d2be45602894de5bb718d1ffba3e5be3a6f3
GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 92a21e7bb9b8b4f3-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 139372
cache-control: public, max-age=31536000
last-modified: Tue, 01 Apr 2025 02:58:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: *
content-digest: sha256=:hFsjaNzgJrcvGXFdbegfA/7wVuSnnHGKZYFhofewOzs=:
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
200 OK 8.8 kB URL GET unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint8D:8A:98:6F:BC:BA:F3:49:3A:22:84:A9:92:79:74:9E:D7:28:73:12
ValidityTue, 01 Apr 2025 17:36:26 GMT - Mon, 30 Jun 2025 18:36:22 GMT
File type JavaScript source, ASCII text, with very long lines (9075), with no line terminators
Hash 3726e9e2cf816c10b2f4dfa30764cf39
200a1d7bf01700ae7a8f7411828d2df94569dd29
567ea025a6238c9b5cf5d7301816bca348f26dadad449d0f6f9d005db4c8a9c8
GET /filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 92a21e7c6a8fb4f3-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 139372
cache-control: public, max-age=31536000
last-modified: Tue, 01 Apr 2025 02:58:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: *
content-digest: sha256=:0l4wCQeBh14TbiKe2SrfJUesj0Zw9SZE+FracJjSwwE=:
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type JavaScript source, ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BS6UZU4m1X%2BKxgLMYYg4rsgbRbLpLTfh%2FxqR6XhNRWR6bLU8InHZ%2FsPkiIUnvMkjjn%2Ff4%2F2ZKQYNskk24XfbRKthh%2Bi4fTzIV2aIoMXJga%2F2O2oWhGlPNZh621ORzgj02g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a21e75c9ddfeb3-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 04 Apr 2025 17:41:46 GMT
GET anonymfile.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET anonymfile.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type HTML document, ASCII text, with very long lines (1271), with no line terminators
Hash 40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6%2BrbwFxwo4DZbSgFqSjI%2BPCKXNB7%2BKNopP4EPZai%2Bw6Z2wnQlACfKQ71UVJRwfTQgF2lylnn%2BuXxrbyZR6q1qstw7B7KhSbPLME%2F900kaxWl3HAZNSKYUGvV2MRVvQ4Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a21e75d9e3feb3-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 04 Apr 2025 17:41:46 GMT
GET cdn.jsdelivr.net/npm/sweetalert2@11
200 OK 75 kB URL GET cdn.jsdelivr.net/npm/sweetalert2@11
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File type JavaScript source, ASCII text, with very long lines (48298)
Hash aca8f94219cbf6fb606fafa6717e1c7e
1c3de1377a7871721f497216e420a8189f0e996e
9421d3fcb7ee663469f8f7695a7b3fbcaae74a7dfaec3fe0d44e89bb5f30887d
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.17.2
x-jsd-version-type: version
etag: W/"124ad-HD3hN3p4cXIfSXIW5CCoGJ8OmW4"
content-encoding: br
accept-ranges: bytes
date: Wed, 02 Apr 2025 17:41:47 GMT
age: 36655
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19118
X-Firefox-Spdy: h2
GET anonymfile.com/js/md5.min.js
200 OK 10 kB URL GET anonymfile.com/js/md5.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type JavaScript source, ASCII text, with very long lines (10209)
Hash b53bae9c825e536962e82c39ecf0de4f
8da7dbb31aa34c14c245fb7b071fa2f1edea0e39
6164d009d3fcf65edd5c47c4b76a0d0580dea4bce929eec89bec744fdec10e15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/md5.min.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2Ffcy80bWrQ5%2BV%2FuJwaU4N%2B%2BvgkylErKZexpo5De1F4dZVlctglDwvHDgctxrM65V7p2kBHjsGe%2BwqlYVu8AWJzTFA7hXpfAcEIVYSQRbAsHyeh6mx3%2BvwOZZiZuiGfdCg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 12 Jul 2024 18:00:36 GMT
vary: Accept-Encoding
etag: "66916f44-28a8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
age: 5186
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 92a21e79ec6ffeb3-AMS
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET anonymfile.com/img/main/favicon.png
200 OK 99 kB URL GET anonymfile.com/img/main/favicon.png
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Hash d1af002b1ef0a95ef467617f18c2f75e
21df85c924281de7d66523b58862b2a91765f9d5
661ba893a18680188c86da0b5cd8682341aec2cc3a2765bdfb885acfa530ab96
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/main/favicon.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: image/png
content-length: 98701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJrwLLEtP9ruVE8pG5t9r%2BrMBfsvWQTJTjaIIhGS4H8CaTZPnMjzdY8udPwRq6mRE4PrnpAhGY0mc87fJp4EQBcBH9NZb2wVOBvI%2B6%2FzbXuuN%2FgD6g6v2rsoYgOxYrQn6w%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 05 Jan 2025 13:45:11 GMT
etag: "677a8ce7-1818d"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5620
accept-ranges: bytes
cf-ray: 92a21e7e1eb7feb3-AMS
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
200 OK 59 kB URL GET cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (58940)
Hash 259e416ef6833be43801b8b68a93b008
19080c3b817985336aab5e1ce6925c99803f2efd
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1042753
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtMMrn0xgvzYkUBoJELEGnk06VLSCZbV3dZwpsDFA1Szx542oLzMxz2FUMRQpY09T0ZGJ3OIm86YX0acrQWqlmLh6a9UZ5FsTLKaI87jnLy46Opq6m3offVoTAykfqGKhWkaj%2Bnu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e8168b31c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET anonymfile.com/img/main/favicon.png
200 OK 99 kB URL GET anonymfile.com/img/main/favicon.png
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Hash d1af002b1ef0a95ef467617f18c2f75e
21df85c924281de7d66523b58862b2a91765f9d5
661ba893a18680188c86da0b5cd8682341aec2cc3a2765bdfb885acfa530ab96
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/main/favicon.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: image/png
content-length: 98701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Sj1BJF8ep4XpDX2BawA0OKT1nZTk9lfwTmZV320qAo2WqfWbe0Y8FdGXMWpbP8iIZfDw4G5%2BXyEh0frWJ2H%2FaRg5w0baXZ24N4tj%2B%2F%2FI5CiX%2B3kYy9cZkr22OI38Xe1Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 05 Jan 2025 13:45:11 GMT
etag: "677a8ce7-1818d"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5619
accept-ranges: bytes
cf-ray: 92a21e75d9e1feb3-AMS
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
200 OK 24 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 23456, version 768.66
Hash e3e5eef95eb3652d939b8c86ecb47fac
ff36e7b2a956a05de0b94dbe7b1bf7e2d6d44cb2
445189de22489c06a549b75c8f8e95cc56639d4128cd72e76896b4d2a7c40ce2
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 23456
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-5ba0"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1041010
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tc%2B6yX6CThE8aIOML3n3%2FZqnU3hLRR%2BIJp7l2ov0nl0zPaKCUWayugg5fg3fVCIWKkkBLs8dF26HXVBBIbl9S9dIhvAByGI%2FhbW27ajG%2F%2FL9rIw0ZBqjxkzGo82tAKCdW0RdGlD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e7968ef1c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET waisheph.com/tag.min.js
200 OK 102 kB IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (102460 bytes)
Hash 5a7a4a0b80ecd5485f0912e5fca5942f
91cc8ef42adcd944a84e74f07d111dd7ec0857b5
950aea9f21617ad95753af7af5d42e4cc502831f33c465838bba10ff8f6285f3
GET /tag.min.js HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 38142
content-encoding: br
x-trace-id: 3d643589de2a9992b1f20680a3e48139
accept-ranges: bytes
last-modified: Wed, 02 Apr 2025 15:53:54 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
200 OK 11 kB URL GET cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
cf-ray: 92a21e79e97c1c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1105050
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kJXGDWIxZS5upcWW4MkOgRyOgmbiSRZwfO%2FfDNbV%2FwIR4mRNnCqx9amFHAHa2q9YaHLPdrrpIHA81W4bp6AhF6nKkd%2FzB9fHGlfvE9Q0SWZiobTSWPxKc1Kxlem8xVhL99wO5U1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
200 OK 19 kB URL GET cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (18706)
Hash 541aecc95a7faeef0fc27558070f3647
0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
cf-ray: 92a21e7a29ad1c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 669662
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2FfAq%2Bvgp7An1lyxaiYC6kt7dUJO7NM4HIcTExuoqRPhq3Z2yQ4ci%2B1RVeTvUDwXt4KoHyPwsp7nGm%2BcYJq8YWO8TUSj%2B41RO9NVSpYnm9OIVFNEodtJ%2FDDN7IHu1GIiN3wm1hZH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 90 kB URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
cf-ray: 92a21e80e8551c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 666463
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFxixd2%2FokxQSHEEsGHbIuYoyb3aB37uD1BegKQ3NFK9kedlsXR3SUp%2FIwssPbUPA6qtNI5daGAgDmtu7GOB2xt0I6ys6CPbIlImrcBkUsC0UIuCqBtRnf8wRIex8VzLhO1wfcoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
302 Found 6.8 kB URL GET unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint8D:8A:98:6F:BC:BA:F3:49:3A:22:84:A9:92:79:74:9E:D7:28:73:12
ValidityTue, 01 Apr 2025 17:36:26 GMT - Mon, 30 Jun 2025 18:36:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 116
location: https://unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92a21e7aec1fb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET anonymfile.com/img/main/favicon.png
200 OK 99 kB URL GET anonymfile.com/img/main/favicon.png
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Hash d1af002b1ef0a95ef467617f18c2f75e
21df85c924281de7d66523b58862b2a91765f9d5
661ba893a18680188c86da0b5cd8682341aec2cc3a2765bdfb885acfa530ab96
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/main/favicon.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: image/png
content-length: 98701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1294NKDzNzX1oq6EQp2G3SlEooe%2B3RXnw2cOqpJsehKWxfkZj7XZowyEhifhJZXewq%2BwxyJU3ibJR7mkfm3c4sM3quVXqW5sJH9GpkloXAj6vQerTKMvhxQyInbNA8Ksw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 05 Jan 2025 13:45:11 GMT
etag: "677a8ce7-1818d"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5620
accept-ranges: bytes
cf-ray: 92a21e7e1eb8feb3-AMS
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 90 kB URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 666463
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Heo4OvCXkd8BsnW3dAoL0PiBE2aJqFKX2q4bWopW2p4Z71J4qln0bqvJuFm%2F8sqMwJE71dmmQaCDAvPERH06Hc8p4%2FqJ6iKu5kp1IVbx3XSBWcmHFGfIR%2FGKf5MO1yx42WGMCALp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e806ff01c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
200 OK 19 kB URL GET cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (18706)
Hash 541aecc95a7faeef0fc27558070f3647
0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 669663
expires: Mon, 23 Mar 2026 17:41:48 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Gsg0CyI%2FV5sIIAT8l%2FEee5Ced6fGvav6XjMLPyMqoycSfrE%2FQ9zW4OFFgvpbziFs0ekRTTgOJBHK9TBsitBluoOtwPl6HC25KLwBQWRxjZp8DuBiPJ0UZ5mLnZap8yaAMrYx%2FGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e8138921c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
200 OK 82 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type ASCII text, with very long lines (65345)
Hash b94102c568b10816907c96d987fc156c
033d2cf8dc346fc5ae26677bb877155ecf3e72e3
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1807617
expires: Mon, 23 Mar 2026 17:41:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAVsk9j8dJrxCMgkaem6qCBznVKt5SoDFQt4AS1B0Td4kxdsJsgzkH%2FIyQNVYiLCR1E2ZSkIa7sKa3YJzg55VHk%2Fzh%2FB9jkLmGniIS54OpvrNSGIW5X1g4GVllRFE1afmQlFyQM1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e781bed7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET anonymfile.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type JavaScript source, ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 21:24:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d49e82-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oj1E7tMqUZQ0mqENcE1dPaf4i%2FxlYBuMamHIAVO9TqEJbP8P2c88GnhzeHwY%2BNWyXNsyUj9bvzHgOol6AEyVWTNOye5giAGyyqLw8n%2FaU%2FA1KM9OffMT5TqgXZqChP5y2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a21e78ebbdfeb3-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 04 Apr 2025 17:41:47 GMT
GET anonymfile.com/js/site.js
200 OK 9.4 kB URL GET anonymfile.com/js/site.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type JavaScript source, ASCII text, with very long lines (9669), with no line terminators
Hash 53fbd7ec3564e9eace6cc150441ae6e0
1b0179094541162f986581cf93561b24d78fab2c
9929e8ec1f73bb530fc9c9a350ca107e69e26d41a235dd766ec5d895591c68c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0hmFioIihreAnZAXGws79n0%2FLN1%2Fen4ck%2B8ha27BwdUuceQX%2BeBcr5EmeCaZnyoCknoj0W9vuhRdKSQauBFU9mcVwNOMmdV0fiezOhVFZe7BzRot2v6EdKTrIvV%2B6J9Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 29 Aug 2023 19:18:16 GMT
vary: Accept-Encoding
etag: W/"64ee4478-2487"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5186
cf-ray: 92a21e79fc78feb3-AMS
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
200 OK 123 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type Web Open Font Format (Version 2), TrueType, length 122760, version 768.66
Size 123 kB (122760 bytes)
Hash d1bea16f470ff27ca26131a867131fda
c1e34985d239716f1f236b932f2ecf4fb4c167d2
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 122760
cf-ray: 92a21e7968eb1c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-1df88"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 664483
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXgw8DKe8tPlVsJ3pum8D7iHwnVIPwsxTshfUAFDnGYYXYNUS%2BfTdmY5yFkxAEnGvyApCctvlqniwCVSAz8VOTcgcheaCVfyoWFh9jyBxJNT87N1VVPFwnmiFRNCQxUGmPeL1Q%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET waisheph.com/5/6301577/?oo=1&aab=1
200 OK 4.5 kB URL GET waisheph.com/5/6301577/?oo=1&aab=1
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type troff or preprocessor input, ASCII text, with very long lines (4503), with no line terminators
Hash 4a52bf009a517587642d691fe18a460c
520e572a88e633a393a7faca71a6b2ec00bc5184
3225075a2041b3e82a80298b552644c2ba6bd824bd57b3ebcba0ef6cdae51e6f
GET /5/6301577/?oo=1&aab=1 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/json
x-trace-id: 2d77915489af6844a3fada86dffe1657
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00819fc743164d36e02f7f2efe153135; expires=Thu, 02 Apr 2026 17:41:47 GMT; path=/; secure; SameSite=None
oaidts=1743615707; expires=Thu, 02 Apr 2026 17:41:47 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/axios.min.js
200 OK 52 kB URL GET cdnjs.cloudflare.com/ajax/libs/axios/1.7.2/axios.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (52208)
Hash 99714d221df650b50da3b7bf97e2987d
493b74178a63429fff2aab081b3a1ca73d362085
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
GET /ajax/libs/axios/1.7.2/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 16498
cf-ray: 92a21e79dcb3568d-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "664d13d0-4072"
last-modified: Tue, 21 May 2024 21:36:16 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1792296
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJR8SQVVbxBVm8ONt%2B4dGC0CkJ5Bbhy402ZBtSgQH7wnazUkJl3poOflzMIZYh121ZpAs38jMeq2lTHjt4S85eYh8d%2BzmNKKgNTOrZ0xOhM8abPO3UYzoDN6CZ0hgYwz5wqYIEFf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
302 Found 8.8 kB URL GET unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectunpkg.com
Fingerprint8D:8A:98:6F:BC:BA:F3:49:3A:22:84:A9:92:79:74:9E:D7:28:73:12
ValidityTue, 01 Apr 2025 17:36:26 GMT - Mon, 30 Jun 2025 18:36:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 116
location: https://unpkg.com/filepond-plugin-file-validate-type@1.2.9/dist/filepond-plugin-file-validate-type.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92a21e7acbf9b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
200 OK 118 kB URL GET cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (65370)
Size 118 kB (117547 bytes)
Hash 516f35ea42aa797b3b106a8f108edb88
9b1313b221c5d59835c31da0327f4273a2647174
9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1502572
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGwOtR3RQETF6BrZ6059i8W%2BWZObNdUv55pvFwU9IgiEokZ%2B0a27aND6qe%2BhrkvqLMSr%2B27jHnfbLGyTsoaHdSM0CnJbcUbkvzJEOfAPLGe7CCe58k1CPY4BqShD8iA6mPowsxDO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 92a21e7a49c01c12-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
200 OK 80 kB URL User Request GET anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
IP
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /adNQ6/oldmarketsimulatorv155build17505971-csf.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: BYPASS
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; SameSite=Lax; Secure; Path=/; Max-Age=2678400; Expires=Sat, 03 May 2025 17:41:46 GMT
anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=2678400; Expires=Sat, 03 May 2025 17:41:46 GMT
cf-ray: 92a21e723971590c-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET anonymfile.com/css/style.css
200 OK 903 kB URL GET anonymfile.com/css/style.css
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
Size 903 kB (903090 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/style.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCjcuzTBkDHVCOZuGt6Iemgcen9K%2BAyKGSQBlHUW2s9f39bPm%2BsP8w9lDuNc9Lu7ST22LAGuNGMZAnl8Yb935k6xgguiKsT1NrJ7nIP7LkyCIr33nZQxWrbR9J%2BIdyWiqg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 22 Dec 2024 06:20:29 GMT
vary: Accept-Encoding
etag: W/"6767afad-dc7b2"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 5189
cf-ray: 92a21e75c9dcfeb3-AMS
server: cloudflare
alt-svc: h3=":443"; ma=86400
HEAD anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
200 OK 0 B URL HEAD anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
HEAD /adNQ6/oldmarketsimulatorv155build17505971-csf.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHwUlyCL71jFfWY5EGExHZBWPHkUQev6CB66dpjyA5AfSTW3DksmUXHgt1O%2FkCl9pGprNrseSvwcyFUflRuZda1RcoHrmIjFGpHErs%2BDcvmIPO938wESmRjo05ENgqNdwA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6ImhTSjZwakpwN1dXMU52ZmpmZkcrSkE9PSIsInZhbHVlIjoibWR1emRzbHpqdGFqbnFqN1JXMDB5YnlxbjBaSTNxaFArNDFWd014VXhVK08xZnFTZDNqRXNuYmhYL3kwVkJaWGdUQVVNTXk1SnlRaFFObWZKOWVBR2FLdTJaS3pacCtRRThmQVJDblZKYlYreFVwamxmOWhsWDJXTUsxWjBIeVEiLCJtYWMiOiJkOTM2MTQzNTlhZWY0YzM2ZWQxN2U2MjRmMTkzNDM3ZDkxODA1MzY5ZDljODUyNDE2MzkyNDBjNTQwMzU4Y2Y5IiwidGFnIjoiIn0%3D; expires=Sat, 03 May 2025 17:41:48 GMT; Max-Age=2678400; path=/; secure; samesite=lax
anonymfile_session=eyJpdiI6IjAzaTBIeDEzSHh2cVIwMzN3SVhNVUE9PSIsInZhbHVlIjoiQmRwT1hhWEtzVlZIbUZRKzNWWk56Z0EwTmR6VWh2Smw2bVdPSzNVeEd0UGVYeUx4R3ZNVVRhWC9hWUE5WnpxMVgxaG9JRHFoT01DRjNsYitjVkVycHZYaDNiZ00xc3dGQW1TS2NIN0p3OFRFMnJmdW9pMnZLL0tKSllSSWg4NzAiLCJtYWMiOiIxODg5YmYxNzJiNTUyMmQxNzQyYmYzYjBiZDI1ZTBjOTBlY2RjNTYzMGFhYzU4OGU2NzhlYWZhNjk3YWIxNTM2IiwidGFnIjoiIn0%3D; expires=Sat, 03 May 2025 17:41:48 GMT; Max-Age=2678400; path=/; httponly; samesite=lax
content-encoding: br
cf-ray: 92a21e78cbb5feb3-AMS
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
GET waisheph.com/?rb=fY91zqaoYksUPIx9JM5QxKzLDmzyavXgbvMAf3d8vQGx4qG8zRoy9iYltlPorKh3EAS4_lCrCc8YiGj1wPs4_Cz6ber7sm5P4xWdD3N3x1kzqoiEAnlglOHtnedR28S-F0KvBiGEtTfSa-rT6VfjFK2sdtr4Mi3hSRVN25Y_hx4_zmCClIc7Q8Q8bq43FIFJ4l1_ns9wmRO8Bh_MfRlSnTokHlKiN65TFr2EM7qQsee7Dl6f-qASD5e-QgU8KZlJS8E2RaIz7Bjd2-zPmYjJooP8ZIYoHGDxreafXDLI6u0%3D&request_ab2=0&zoneid=6301577&js_build=iclick-v1.1120.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FadNQ6%2Foldmarketsimulatorv155build17505971-csf.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=llvmpipe&js_build=iclick-v1.1120.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=62eaee07-06c2-48d1-85c5-10ad4317b663&wasm=1&userId=00819fc743164d36e02f7f2efe153135&m=link
200 OK 3.3 kB URL GET waisheph.com/?rb=fY91zqaoYksUPIx9JM5QxKzLDmzyavXgbvMAf3d8vQGx4qG8zRoy9iYltlPorKh3EAS4_lCrCc8YiGj1wPs4_Cz6ber7sm5P4xWdD3N3x1kzqoiEAnlglOHtnedR28S-F0KvBiGEtTfSa-rT6VfjFK2sdtr4Mi3hSRVN25Y_hx4_zmCClIc7Q8Q8bq43FIFJ4l1_ns9wmRO8Bh_MfRlSnTokHlKiN65TFr2EM7qQsee7Dl6f-qASD5e-QgU8KZlJS8E2RaIz7Bjd2-zPmYjJooP8ZIYoHGDxreafXDLI6u0%3D&request_ab2=0&zoneid=6301577&js_build=iclick-v1.1120.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FadNQ6%2Foldmarketsimulatorv155build17505971-csf.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=llvmpipe&js_build=iclick-v1.1120.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=62eaee07-06c2-48d1-85c5-10ad4317b663&wasm=1&userId=00819fc743164d36e02f7f2efe153135&m=link
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type troff or preprocessor input, ASCII text, with very long lines (3329), with no line terminators
Hash f8344ab21908c84812e4ca80677cff2b
b824c4b394eb5081fdf215207c0f38f7f561a191
9da21703a17e50a382044f23d99bbf1b23da576ea1a6676bc004d903aa89586a
GET /?rb=fY91zqaoYksUPIx9JM5QxKzLDmzyavXgbvMAf3d8vQGx4qG8zRoy9iYltlPorKh3EAS4_lCrCc8YiGj1wPs4_Cz6ber7sm5P4xWdD3N3x1kzqoiEAnlglOHtnedR28S-F0KvBiGEtTfSa-rT6VfjFK2sdtr4Mi3hSRVN25Y_hx4_zmCClIc7Q8Q8bq43FIFJ4l1_ns9wmRO8Bh_MfRlSnTokHlKiN65TFr2EM7qQsee7Dl6f-qASD5e-QgU8KZlJS8E2RaIz7Bjd2-zPmYjJooP8ZIYoHGDxreafXDLI6u0%3D&request_ab2=0&zoneid=6301577&js_build=iclick-v1.1120.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FadNQ6%2Foldmarketsimulatorv155build17505971-csf.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=llvmpipe&js_build=iclick-v1.1120.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=62eaee07-06c2-48d1-85c5-10ad4317b663&wasm=1&userId=00819fc743164d36e02f7f2efe153135&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Cookie: OAID=00819fc743164d36e02f7f2efe153135; oaidts=1743615707
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 02 Apr 2025 17:41:48 GMT
content-type: application/json
x-trace-id: c7ddc682b2cab62791b79a5050536390
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00819fc743164d36e02f7f2efe153135; expires=Thu, 02 Apr 2026 17:41:48 GMT; path=/; secure; SameSite=None
oaidts=1743615708; expires=Thu, 02 Apr 2026 17:41:48 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 09 Apr 2025 17:41:48 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET anonymfile.com/img/footer-info.webp
200 OK 112 kB URL GET anonymfile.com/img/footer-info.webp
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectanonymfile.com
Fingerprint8E:D2:0E:6D:52:31:FA:71:F1:01:8C:CF:DC:06:29:D0:36:17:99:47
ValidityTue, 11 Mar 2025 22:43:29 GMT - Mon, 09 Jun 2025 23:40:43 GMT
File type RIFF (little-endian) data, Web/P image
Size 112 kB (112396 bytes)
Hash f7abf79da11df5fe1a0eecaf781ead0c
29a71f28e60508d5bb2d8c48243ddec48e38befb
466bf7bfdaa3cc67c8de25f503fcda8eb13906138ddd1f13fb09fabd59588d7f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/footer-info.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Cookie: XSRF-TOKEN=eyJpdiI6Ii9oVFZYNUhLL3V2cG1tTXAxRHA2SGc9PSIsInZhbHVlIjoiMlEyT1Axamd4S1JCZjAveTgxUVFmUXZ3S2Z5azZ0b2w4bTR3K2xhZ0t3Nm52b28xdXhwSGczM2tmcjVvdm9RWHJxcXRPcmxabzNIckdNY2ZkVGx1L1lUYXhHM3FXVFMwWW1DUEFjaU5GTmVSSTFmUFd1djNmRUdoY056ODJGQzQiLCJtYWMiOiI2ZjUxYzZhOGVhMmYxNTVhOTUxNWMyNjEyMTFmOTM1ZWJkYWRmOGI4ZjA4NjU1NzJjNmUyZTA3YmJkNzdlY2QwIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im5DUGEzL09abS9zU3loaWcxYUlXWmc9PSIsInZhbHVlIjoiV2VqMHUxdGxvSlhQRU50OE13emFVUjdpMmpEV2pOVExSUzU1TUJSOEV4SXB0T1ZXUERCakxNOUppaGlKSDBQVlJOd0x4LzhOU1ErRjM2Q1h5YmowVjBubXRQSm1vWXJEbFM0VWlpb1lGZkpHTUtkdGFOV0ZFVnV0MWJmdUFVZUEiLCJtYWMiOiJkNzk0Yzg4ZWM2ZDE0OGNkNzQ0NDI5ZmQ5ODliYWRhYTNiY2RlYWIyZTUyMzc0NzQ5ODVhNjgxZTcwYmRiODgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:46 GMT
content-type: image/webp
content-length: 112396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB7ifKVEmg6IHYdp3u5ZRF9aOIb7zLGxMElzm12%2BOlplXdfdXA%2Fz3AXK70RqVNSfnKbgRvANJua4dh3NtPOgsKZ381NHqILDXwJ%2BZ%2BfbUvPHv1WKT2oVkWX4f7BiEHz%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 29 Aug 2023 19:18:16 GMT
etag: "64ee4478-1b70c"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5188
accept-ranges: bytes
cf-ray: 92a21e75d9e5feb3-AMS
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
200 OK 59 kB URL GET cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
Requested by https://anonymfile.com/adNQ6/oldmarketsimulatorv155build17505971-csf.zip
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT
File type JavaScript source, ASCII text, with very long lines (58940)
Hash 259e416ef6833be43801b8b68a93b008
19080c3b817985336aab5e1ce6925c99803f2efd
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
DNT: 1
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 02 Apr 2025 17:41:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
cf-ray: 92a21e79f9901c12-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1042752
expires: Mon, 23 Mar 2026 17:41:47 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I53L2BcBIgtLxXrs2avlEFOz9qy0mScb%2BsnZICiZEtjOtSX7Bafjjb66j6xoV4776mZl4peCK2WE1L3zKEyqT7mELKFZ2jVnAG5qIIIztvQDJ%2BMw7ab%2FI%2FanH7Fx5ngdl%2F9ClMAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
104.21.2.78
151.101.1.229
139.45.197.119
0.0.0.0