urlscan.io logo urlscan.io
SecurityTrails logo

vikingf1le.us.to Open in urlscan Pro
104.21.64.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://vikingf1le.us.to/f/w1dAV0styK
Submission: On December 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 21 HTTP transactions. The main IP is 104.21.64.1, located in and belongs to CLOUDFLARENET, US. The main domain is vikingf1le.us.to.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time vikingf1le.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 6 104.21.64.1 13335 (CLOUDFLAR...)
4 104.21.16.1 13335 (CLOUDFLAR...)
1 3 104.18.95.41 13335 (CLOUDFLAR...)
1 104.16.79.73 13335 (CLOUDFLAR...)
4 172.67.177.214 13335 (CLOUDFLAR...)
1 173.194.204.154 15169 (GOOGLE)
1 172.67.211.3 13335 (CLOUDFLAR...)
1 104.21.8.108 13335 (CLOUDFLAR...)
2 104.21.41.60 13335 (CLOUDFLAR...)
1 172.67.142.49 13335 (CLOUDFLAR...)
2 172.67.220.206 13335 (CLOUDFLAR...)
21 11
6    104.21.64.1 (None, )

ASN13335 (CLOUDFLARENET, US)
vikingf1le.us.to
4    104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)
vikingfile.com
3    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    172.67.177.214 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
1    173.194.204.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f154.1e100.net
pagead2.googlesyndication.com
1    172.67.211.3 (United States)

ASN13335 (CLOUDFLARENET, US)
xwzbpkku-i.site
1    104.21.8.108 (None, )

ASN13335 (CLOUDFLARENET, US)
pubtrky.com
2    104.21.41.60 (None, )

ASN13335 (CLOUDFLARENET, US)
superonclick.com
1    172.67.142.49 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    172.67.220.206 (United States)

ASN13335 (CLOUDFLARENET, US)
onclickalgo.com
Apex Domain
Subdomains		 Transfer
6 us.to
vikingf1le.us.to
58 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31478
3 KB
4 vikingfile.com
vikingfile.com
8 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 onclickalgo.com
onclickalgo.com — Cisco Umbrella Rank: 355946
2 KB
2 superonclick.com
superonclick.com — Cisco Umbrella Rank: 300927
7 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 520175
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 33025
644 B
1 xwzbpkku-i.site
xwzbpkku-i.site
25 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
21 11
Domain Requested by
6 vikingf1le.us.to 4 redirects static.cloudflareinsights.com
4 youradexchange.com vikingf1le.us.to
4 vikingfile.com vikingf1le.us.to
3 challenges.cloudflare.com 1 redirects vikingf1le.us.to
challenges.cloudflare.com
2 onclickalgo.com vikingf1le.us.to
onclickalgo.com
2 superonclick.com vikingf1le.us.to
1 ufpcdn.com superonclick.com
1 pubtrky.com xwzbpkku-i.site
1 xwzbpkku-i.site vikingf1le.us.to
1 pagead2.googlesyndication.com vikingf1le.us.to
1 static.cloudflareinsights.com vikingf1le.us.to
21 11

This site contains links to these domains. Also see Links.

Domain
onclickalgo.com
cpngiubbcnq.love
Subject Issuer Validity Valid
vikingf1le.us.to
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
youradexchange.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
xwzbpkku-i.site
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
pubtrky.com
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
superonclick.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
ufpcdn.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
onclickalgo.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://vikingf1le.us.to/f/w1dAV0styK
Frame ID: 9C8C9BC83C00CD03EA651FD59F0F6245
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q3oht/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Frame ID: DDBE8FBED5EAA3B0FB00F9519D442B76
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: C99B987121000938FDD61E7DE716EFAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

76 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

175 kB
Transfer

537 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vikingf1le.us.to/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css HTTP 301
  • https://vikingfile.com/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css
Request Chain 1
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js HTTP 301
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Request Chain 2
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Request Chain 16
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request w1dAV0styK
vikingf1le.us.to/f/ 		187 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc14db5048c8745ba15f17264900e89913f3f911ac4f1367c0628044e40bbe89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8f0b2c8cc84b6393-ORD
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 05:04:30 GMT
expires
Thu, 12 Dec 2024 05:04:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHoJTFZH0FkhYEzP895h%2FehrgmqBCyYnlXiq1HkRaT2e39hZCaIh0TsWCxHTNxOC1jNlj6YYk5gkMuka%2BbK34VOtZmSb%2F2Fp9afEw5GUZ6RiCbzViaYr8xit3HikttRVEsgl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=26707&min_rtt=21237&rtt_var=16819&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3931&recv_bytes=2300&delivery_rate=192535&cwnd=198&unsent_bytes=0&cid=a05244a1ce4e9a9d&ts=1241&x=0"
app-b84a432c63a28e0335ff2e0c741b92f6.css
vikingfile.com/assets/styles/
Redirect Chain
  • https://vikingf1le.us.to/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css
  • https://vikingfile.com/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css
4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dce2881591bfd6d7bad46566633ef3ca9dc8d042bb5ce5f21e9cf854114ea75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6749b687-117c"
age
2227
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMYzBKm3S4p7DRB48Ni2dg9%2BPu4PmOZCQw0E4YfGi%2BiUosQXfp%2Fl5Vsl5%2BGUBXSaC1ZzQNFlphYZk9VVmjdQuUQ%2BRKT0agbZv39pFvfC20bwqEnaNwLJZoVg5emIhAN85Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2c9e78806179-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=111799&min_rtt=19031&rtt_var=63885&sent=6&recv=6&lost=0&retrans=0&sent_bytes=3909&recv_bytes=2284&delivery_rate=230150&cwnd=244&unsent_bytes=0&cid=2bbd1fd28ab67233&ts=278&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/css
last-modified
Fri, 29 Nov 2024 12:41:43 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/styles/app-b84a432c63a28e0335ff2e0c741b92f6.css
cf-cache-status
HIT
age
906
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWDvmWMHrwGxTYUBveuxdDjuZ3jb0TRjMXP9CdCRt%2FcAc0Q2wPqZ3dNvm9YdJqGMKuVW9xgFeLGSjDfsbfBW9YzhU8mLrriVYoOUK0aGCzcEOiXl%2BISzjecnwd%2FzYmLKA12O"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2c964f366393-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=27107&min_rtt=21237&rtt_var=7869&sent=52&recv=22&lost=0&retrans=0&sent_bytes=61736&recv_bytes=2553&delivery_rate=1200904&cwnd=198&unsent_bytes=0&cid=a05244a1ce4e9a9d&ts=1998&x=0"
date
Thu, 12 Dec 2024 05:04:31 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
custom-0b295c18913e200a4e6c987fa3eedf57.js
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6749c703-2e34"
age
2227
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZodVgnKcxX1pZf2nvYGeg9Z2%2F%2F52xhbYlprxcqHx3sSYm%2BtbsjQlid7Lm%2FAMeCSJc8TR20MVP53nt3fxHlVRop%2B3mBqBEIwyCTytl0%2Bqwh9pnPDLCYa8aUATQCw%2FKtUAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2c9e78826179-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=111799&min_rtt=19031&rtt_var=63885&sent=9&recv=6&lost=0&retrans=0&sent_bytes=6021&recv_bytes=2284&delivery_rate=230150&cwnd=244&unsent_bytes=0&cid=2bbd1fd28ab67233&ts=278&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:52:03 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
cf-cache-status
HIT
age
906
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s48l2rXZqZy8S9aOMQAsC12NkVl6Ir2nD1SDne6Fto3qquaxiB5dW3l5JiHtu5BUoaR%2FK2fn7tfFWmhFSksiLn3JR50wc%2FenwsTXMzD0YOexU6R%2Fytz%2Fwv985UpC7WnBcWT8"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2c964f376393-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=27107&min_rtt=21237&rtt_var=7869&sent=55&recv=22&lost=0&retrans=0&sent_bytes=62513&recv_bytes=2553&delivery_rate=1200904&cwnd=198&unsent_bytes=0&cid=a05244a1ce4e9a9d&ts=1999&x=0"
date
Thu, 12 Dec 2024 05:04:31 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
2226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5vEEa6nuyLuBXoZjCMLVmD1OWkU6XjaaQRqYMp0UGvSthZvmbLNnxEWbg2zpMgFga8a2KWfqK8r8NCjvLmQBBcUQcOsP837BgDoH%2Fi8HbZq9WKD3MJcl%2FBUNr%2FROq7NcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2ca2bbfb6179-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=101251&min_rtt=16458&rtt_var=64525&sent=15&recv=9&lost=0&retrans=0&sent_bytes=9517&recv_bytes=2465&delivery_rate=426059&cwnd=244&unsent_bytes=0&cid=2bbd1fd28ab67233&ts=961&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
908
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpQdGq6NZa6IaqSMUBq4PqBXoolwqz%2F75fHYvxdvLuBd6n8IuqmqWTsIC12NwAy77DMgajGfOXwMejK45%2BalffExIKxRTdaOrjt9Tt3jzB2JDRn36z%2BvsZgqkOS7swNmDWqN"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2ca0eefa6393-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25937&min_rtt=21237&rtt_var=6493&sent=58&recv=25&lost=0&retrans=0&sent_bytes=63219&recv_bytes=2699&delivery_rate=1200904&cwnd=198&unsent_bytes=0&cid=a05244a1ce4e9a9d&ts=3699&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
  • https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f0b2ca53a648cee-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 12 Dec 2024 05:04:34 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/g/f9063374b04d/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8f0b2ca2e81f8cee-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 12 Dec 2024 05:04:33 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vikingf1le.us.to
Referer
https://vikingf1le.us.to/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f0b2ca41f2b8cba-EWR
access-control-allow-origin
*
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
czcf.php
youradexchange.com/ad/ 		891 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ad/czcf.php?cz=er5fduxplw&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721c1b520b999c4be8ad8e4b247ffc2bf612929326446977c63df1c6d0b43aa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ka3bSn3QffG%2B10OOayw%2BXIalDkkTUsGJZhultMuqcSircHFDZrld8sG%2FAeyYLhpRvxPG3Pr2mVC6k8dAARvfI768A73un8SAfxwtIAblKI%2B9gVOkgf7AFBL0HqBIqa7ySOu6Ufo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2ca21c6342b5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=179383&min_rtt=178795&rtt_var=67468&sent=9&recv=8&lost=0&retrans=0&sent_bytes=4084&recv_bytes=5055&delivery_rate=19048&cwnd=12000&unsent_bytes=0&cid=c2f64f33e4527ef5&ts=233&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/html; charset=utf-8
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f154.1e100.net
Software
cafe /
Resource Hash
97ea971043e3b9776e401b7a7f2c62ab79a824471ed641869d6d031d9c31abd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
br
etag
3981738865116717484
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 05:04:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53356
x-xss-protection
0
server
cafe
banner.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/banner.php?r=9154930&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2Fw1dAV0styK&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbtitle=C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar&srs=95f4eaa30c0dba4679d96529e797085e&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&atv=57.0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM2ErSAr5rQSwclxwE2EYX82nka0HAMFmm347FwYliyJvWSdo7jaGA%2BvSTkingREeJ92KOkXrQsDUqfevjvs9Mge6dOYCBJFk7WPOWZcVEEUSuD%2BKAVEAa0uOnA6XZKEEw8r99g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2ca21c6142b5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=179383&min_rtt=178795&rtt_var=67468&sent=10&recv=8&lost=0&retrans=0&sent_bytes=5137&recv_bytes=5055&delivery_rate=19048&cwnd=12000&unsent_bytes=0&cid=c2f64f33e4527ef5&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:33 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
ut.js
xwzbpkku-i.site/script/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xwzbpkku-i.site/script/ut.js?cb=1733979873472
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.211.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
cf-cache-status
HIT
etag
W/"4afa2ac99f97331dc98263d49022a958"
age
2574
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmFYfa0%2FXdL2EHsFUADMuwGBWuC7B%2BH9imMFpmjwJ3ouvlO3xwq25P1%2BtIWUnnQ%2BL0j4HmaqeMey2lMImbGmUnsSf4Lf7Ab8vNSABnIAChTj84jHjShndzUWVgCkmcWSXQc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 12 Dec 2024 05:12:18 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
66473
server-timing
cfL4;desc="?proto=TCP&rtt=1317&min_rtt=1238&rtt_var=257&sent=6&recv=9&lost=0&retrans=0&sent_bytes=4011&recv_bytes=2214&delivery_rate=3367441&cwnd=243&unsent_bytes=0&cid=8929a5c4b8c8bb64&ts=374&x=0"
date
Thu, 12 Dec 2024 05:04:34 GMT
content-type
text/javascript
last-modified
Mon, 02 Dec 2024 08:21:47 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7YT73i4lBZncAAb6pZeaz6QO3HG1Ya8L8zrmXwm8sWdl3YpGRYUIKqE9MCTJPTYHzPsMUIl2s
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f0b2ca49ed30f60-EWR
access-control-allow-origin
*
x-goog-generation
1733127707295818
server
cloudflare
suurl5.php
youradexchange.com/script/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=9113586&chmob=%3F0&atag=1&cbur=0.6437656934892191&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2Fw1dAV0styK&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbcdn=xwzbpkku-i.site&ts=1733979873845&atv=57.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&srs=95f4eaa30c0dba4679d96529e797085e&abtg=1&aggr=3&czid=er5fduxplw&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0&adbv=3-cdn
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999bdddb431ce0192565ee93847806fdedb511d8ee73f83580b76ffa015fb451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BJBPn%2FX4W4ASUgZ5NBseLHYnvyy4uVT7fgO%2FxmIgQVVPTZ58wVgPlf8id0rJ5G0Jh3oGD3%2FKvWCLUqrycBIBaaYHqcyNpy5XTQrQUDNviW%2FcKOmjH2NVAyi0%2FHpa78VgP5MIII%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2ca39d9b42b5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=198148&min_rtt=169573&rtt_var=61674&sent=14&recv=13&lost=0&retrans=0&sent_bytes=6523&recv_bytes=6674&delivery_rate=13575&cwnd=12000&unsent_bytes=0&cid=c2f64f33e4527ef5&ts=536&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
application/json; charset=utf-8
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
push.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/push.php?r=9113578&ipp=1&mads=2&position=top&czid=er5fduxplw&atag=1&aggr=3&abtg=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&adbv=3-cdn&srs=95f4eaa30c0dba4679d96529e797085e&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2Fw1dAV0styK&atv=57.0&cbref=&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HklbVJDm6rIvV2nef%2FlmOidYQKGMY95SHqWwR3aqx9ZxjY7GA6v%2Fvj2jMMJCykFKW%2BlNUoNFDUg2eL2rC2zUv2DwPM223CWZGjpU18qO1V9clpPatgLmkQPkhx%2F0kYeTOjQpYTY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2ca39d9d42b5-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184393&min_rtt=169573&rtt_var=45552&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5854&recv_bytes=6630&delivery_rate=9647&cwnd=12000&unsent_bytes=0&cid=c2f64f33e4527ef5&ts=480&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:33 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
hb.php
pubtrky.com/ut/ 		0
644 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pubtrky.com/ut/hb.php?cb=0.5226314383358197&v=1
Requested by
Host: xwzbpkku-i.site
URL: https://xwzbpkku-i.site/script/ut.js?cb=1733979873472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.8.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdwpD7hk9YpGuV8lJD%2B%2BggHhL9v0A2Yp9G2RtxqMIUSwFBRjWfHi4AGVscdKuGOt2gv6xtIBdgAHD0%2FjyPMiE%2FtaycNMhSxkWJGLt3NuH0QSLXV0S88AyttRj67JzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f0b2ca84f967d06-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=166617&min_rtt=166607&rtt_var=62496&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4171&recv_bytes=5620&delivery_rate=20128&cwnd=12000&unsent_bytes=0&cid=c0feac93adcdb394&ts=223&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:34 GMT
server
cloudflare
priority
u=4,i
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q3oht/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ Frame DDBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/q3oht/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f0b2ca8fb374294-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 05:04:34 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
native_render.js
superonclick.com/script/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
cf-cache-status
HIT
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
age
384
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iutf5tXGj8OU%2BDTF%2BSdJpJJ9HWJV3GiErxitdHe6yHeIsycaoNw6x4CBs45e7n%2BCIIEu2rb3D1yzQfuyU%2F%2FFEUCQ4MZWLhl4W8Zb%2BAddRI3wMkQyu%2FD%2BELBdM4BNvNUMfZAk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 12 Dec 2024 05:32:55 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
4285
server-timing
cfL4;desc="?proto=QUIC&rtt=172442&min_rtt=172429&rtt_var=64685&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4509&delivery_rate=19413&cwnd=12000&unsent_bytes=0&cid=835833c4211e2357&ts=191&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:34 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4ovz0jjHtTdkBCgVz7gCxeyVnPCUebV2No1NObRLjDwnIRLZfJUKLTsmyKqjKRZDUTYtyEkN0-WQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f0b2ca95f7942be-EWR
access-control-allow-origin
*
x-goog-generation
1550052950916101
server
cloudflare
native_server.js
superonclick.com/script/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
cf-cache-status
HIT
etag
W/"51d87e9ebd831fccab6a016079a60793"
age
1357
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYc4pcAEPpbAs2XsOu1F6O%2FiFY4AuZm3Mvq06efQ54wy1fBHX9fJcZ9nw6o401w94GesY9FfwRO4WO%2B0sCcsCn5DwFb5TmWleFxq6eZ%2FTQfcNozte0wJDMp2DyRmHFMbHfKq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 12 Dec 2024 05:41:57 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
9260
server-timing
cfL4;desc="?proto=QUIC&rtt=172442&min_rtt=172429&rtt_var=64685&sent=14&recv=8&lost=0&retrans=0&sent_bytes=6988&recv_bytes=4509&delivery_rate=19413&cwnd=12000&unsent_bytes=0&cid=835833c4211e2357&ts=194&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 05:04:34 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC50JMhuBtIBWEbqXvkYHflOJ1CUyRnyBjgk8sCZ3JokuPjGJ4pcQ2cL8Do_94DPF5klhGUgq0AviQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f0b2ca95f7b42be-EWR
access-control-allow-origin
*
x-goog-generation
1550052952705094
server
cloudflare
rum
vikingf1le.us.to/cdn-cgi/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://vikingf1le.us.to/f/w1dAV0styK

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8f0b2caf19186393-ORD
access-control-allow-origin
https://vikingf1le.us.to
date
Thu, 12 Dec 2024 05:04:35 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Protocol
H2
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
2226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5vEEa6nuyLuBXoZjCMLVmD1OWkU6XjaaQRqYMp0UGvSthZvmbLNnxEWbg2zpMgFga8a2KWfqK8r8NCjvLmQBBcUQcOsP837BgDoH%2Fi8HbZq9WKD3MJcl%2FBUNr%2FROq7NcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2ca2bbfb6179-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=101251&min_rtt=16458&rtt_var=64525&sent=15&recv=9&lost=0&retrans=0&sent_bytes=9517&recv_bytes=2465&delivery_rate=426059&cwnd=244&unsent_bytes=0&cid=2bbd1fd28ab67233&ts=961&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
908
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VpQdGq6NZa6IaqSMUBq4PqBXoolwqz%2F75fHYvxdvLuBd6n8IuqmqWTsIC12NwAy77DMgajGfOXwMejK45%2BalffExIKxRTdaOrjt9Tt3jzB2JDRn36z%2BvsZgqkOS7swNmDWqN"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0b2ca0eefa6393-ORD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25937&min_rtt=21237&rtt_var=6493&sent=58&recv=25&lost=0&retrans=0&sent_bytes=63219&recv_bytes=2699&delivery_rate=1200904&cwnd=198&unsent_bytes=0&cid=a05244a1ce4e9a9d&ts=3699&x=0"
date
Thu, 12 Dec 2024 05:04:33 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
identify.html
ufpcdn.com/script/ Frame C99B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0b2caf58a90f8d-EWR
content-encoding
zstd
content-type
text/html
date
Thu, 12 Dec 2024 05:04:35 GMT
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3%2BNKKhcHhSzlyB7lQnuxmMcPBlDsqX44mQIZFZL5pL5oEUHkREzmuL%2BX0GcOKg5aOqg3DUZAK9hchTEToSUBZcP8re5dGkmE7hV1wDqr2PO3SpGgReBf4ALTsOO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=103471&min_rtt=68225&rtt_var=42796&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4184&recv_bytes=4469&delivery_rate=8530&cwnd=12000&unsent_bytes=0&cid=ad5110e7b6086ab3&ts=213&x=1" cfExtPri cfHdrFlush;dur=0
native.php
onclickalgo.com/script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickalgo.com/script/native.php?nwpsv=1&r=9154938&cbrandom=0.9168402455041702&cbWidth=1600&cbHeight=1200&cbtitle=C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&callback=jsonp449294
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/w1dAV0styK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cce169f6d4adafd903a9a7b756b7b852c50a8572a9aa5a2357a93e6ac07df27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcE%2FB9dTAt5ID7J47qhIXpE64QDmw6dpvZVk%2FP4qt5sbRf4h2VfLWNlJM%2FY7yf4yXmKz6iN62yunm4MR68voTB6nmVe9A%2BtaC8r%2BJbuL51v0fh9fLjM9GHJ%2BoE5GF8qQm8k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2cb0ddef4241-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6455&min_rtt=1362&rtt_var=10328&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2498&delivery_rate=3042016&cwnd=254&unsent_bytes=0&cid=42581283d2a62340&ts=159&x=0"
date
Thu, 12 Dec 2024 05:04:36 GMT
content-type
application/javascript; charset=utf-8
server
cloudflare
access-control-allow-headers
Content-Type
native.php
onclickalgo.com/script/ 		0
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onclickalgo.com/script/native.php?nwpsv=1&r=9154938&cbrandom=0.9168402455041702&cbWidth=1600&cbHeight=1200&cbtitle=C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar&cbref=&cbdescription=Share+large+files+anonymously.+No+mail+required.+No+speed+limit.&cbkeywords=file+hosting%2C+cloud+hosting%2C+secure+file+sharing%2C+anonymous+file+sharing%2C+large+file+sharing%2C+no+mail+required%2C+no+speed+limit%2C+fast+file+sharing%2C+reliable+file+sharing&cbiframe=0&callback=jsonp449294&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits
Requested by
Host: onclickalgo.com
URL: https://onclickalgo.com/script/native.php?nwpsv=1&r=9154938&cbrandom=0.9168402455041702&cbWidth=1600&cbHeight=1200&cbtitle=C.K.3.W.N.CB.V1.14.0.1.B16241063-GDZ.rar&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&callback=jsonp449294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBFm6enLX1AfXv6p6BAGg2UygvJFJO6uvYWhZ3PwdoPy4SNXWuiYhP%2BcbvgSKSIow68%2B%2FqC4J5f5jGwXawojbLBzFSWsv%2F%2B3HPefsZe7mhzw%2BeW%2BzFTRr41RbG9G8JJqBGA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f0b2cb27f964241-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=4766&min_rtt=1319&rtt_var=6894&sent=11&recv=15&lost=0&retrans=0&sent_bytes=5480&recv_bytes=3006&delivery_rate=3096222&cwnd=257&unsent_bytes=0&cid=42581283d2a62340&ts=409&x=0"
date
Thu, 12 Dec 2024 05:04:36 GMT
server
cloudflare
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| 9dfPzM7tpa function| showCaptcha object| adcashMacros object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers function| cloudflareCallback object| files object| links function| getServer function| uploadNextLink function| uploadNextFile function| formatFileSize boolean| user_engagement1211 string| utsid-send object| turnstile object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach function| native_request string| zone object| adcashUfp function| jsonp449294

1 Cookies

Domain/Path Name / Value
vikingf1le.us.to/ Name: adcashufpv3
Value: 9712742095536380951229860079