ufile.io Open in urlscan Pro
2606:4700:3032::6815:4216 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ufile.io/2s5gbtpx
Submission: On September 11 via manual (September 11th 2022, 4:41:14 pm UTC) from GH — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3032::6815:4216, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufile.io. The Cisco Umbrella rank of the primary domain is 203793.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.

This is the only time ufile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3032::6815:4216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:5e00:e:be87:cd40:21	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.97.12 188.114.97.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.110.29 13.32.110.29	() ()
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:1d5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
63	18

21 2606:4700:3032::6815:4216 (United States)

ASN13335 (CLOUDFLARENET, US)

ufile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5e00:e:be87:cd40:21 (United States)

ASN16509 (AMAZON-02, US)

d3vw4uehoh23hx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lcreatessque.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.29 (None, )

ASN- ()

oulukdliketo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ufile.io ufile.io — Cisco Umbrella Rank: 203793	301 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	216 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 stats.g.doubleclick.net — Cisco Umbrella Rank: 188	11 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 23938	143 KB
6	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 126 adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	3 KB
4	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1568 cloudflareinsights.com — Cisco Umbrella Rank: 1554	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	lcreatessque.xyz lcreatessque.xyz	955 B
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 854787	101 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5202	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	639 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111
1	oulukdliketo.shop oulukdliketo.shop	485 B
1	cloudfront.net d3vw4uehoh23hx.cloudfront.net	53 KB
63	14

	Domain	Requested by
21	ufile.io	ufile.io
6	client.crisp.chat	ufile.io client.crisp.chat
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	ufile.io pagead2.googlesyndication.com tpc.googlesyndication.com
4	accounts.google.com	2 redirects ufile.io
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	www.google-analytics.com	ufile.io www.google-analytics.com
2	lcreatessque.xyz	ufile.io
2	pogothere.xyz	d3vw4uehoh23hx.cloudfront.net
2	static.cloudflareinsights.com	ufile.io
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	ufile.io
1	oulukdliketo.shop	d3vw4uehoh23hx.cloudfront.net
1	d3vw4uehoh23hx.cloudfront.net	ufile.io
63	19

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pogothere.xyz E1	`2022-09-04` - `2022-12-03`	3 months	crt.sh
oulukdliketo.shop Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh
*.lcreatessque.xyz E1	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ufile.io/2s5gbtpx
Frame ID: 2BB0611C0E82C65CE63F544B5116C275
Requests: 47 HTTP requests in this frame

Frame: https://oulukdliketo.shop/c0tkOEESKQdVfhJ2Bh40ASdZHXM1blZ+JUA9Eww0FiMLUHNAIxwWIh8kEVwnASQKTG8dLhAdczUbB385OgVUfRUyMj5qJxQaInQAA382VHhGD1d2FjEhEGENBAk2dQZHByFBJgsfHm0EMQghehsEGjN0AAMzMl8AAxw3Yg8gIlViCBh6AFotKichVAdLDjBtADIyKXMLIQ4ydHAifidpLhofVlsHNxMyWQ0UJCJyBwAsMm51PAoJAQAgEwtwICIoInItPj4mQHgHCTx9JDQMVH4iJg0HYiYXIDVBdAcJPH0JMRg9eiUlHQJ7KTkxNXoTVnkmeXMbHTxWbBscKWkAMgcxeSo2LAdQEEEZJ3MvQw4AVHQVLQxyOyIONVIZCR4AeQZDDSVUFxYuIksuNDwITAMrDjx7EgcoKFQtOS4DWyg0CVBWFhoZMmAmRwwHbRcwLiZUcSIdMgEGKwklYCxDDQdpDD0HCGE7NB4IDiIrGSBvcyoOAAkYKS81YWcZOAtWMU4zPXIiNzIcTDUbIlI
Frame ID: C1534BCC50BB5A3BE9B8AD2067C2486A
Requests: 1 HTTP requests in this frame

Frame: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662912000
Frame ID: 8F7497291AEDE2ACEF210371039017DD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: 756376F6BD6E586EBC70983CDAD50947
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&adk=1812271804&adf=3025194257&lmt=1662914469&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469490&bpp=2&bdt=403&idt=205&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6170935783321&frm=20&pv=2&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: C8BD3B1C7AD4A6CCEADE94892A0B4A7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=9984807553&adk=1930187984&adf=2617130762&pi=t.ma~as.9984807553&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469492&bpp=1&bdt=405&idt=227&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YXJmUlc1ti&p=https%3A//ufile.io&dtd=233
Frame ID: 441848E557EDAF5855AF77D9877B980F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=2601344819&adk=2030062158&adf=2221687645&pi=t.ma~as.2601344819&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469494&bpp=1&bdt=407&idt=358&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jDuGgEiDRj&p=https%3A//ufile.io&dtd=361
Frame ID: 87A72F25F7CCEE769D1A32FEAA4956F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=7662099808&adk=953870729&adf=2604863999&pi=t.ma~as.7662099808&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469494&bpp=1&bdt=407&idt=366&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gQeG3HeNJA&p=https%3A//ufile.io&dtd=369
Frame ID: 005ED2C885AA27DA3F7DC551B646304B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3987640334&adf=3418555885&pi=t.aa~a.3345392337~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&to=qs&pwprc=9642828768&psa=0&format=1110x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469891&bpp=1&bdt=804&idt=1&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddc15e7e6c950ada6-22656b671cce006c%3AT%3D1662914469%3ART%3D1662914469%3AS%3DALNI_MbfxDT0cQZvKe7HtaBKLeLc2cU17w&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=2&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O5H1ti0LA4&p=https%3A//ufile.io&dtd=19
Frame ID: 20E59D92CF2B57D693DEC95669FA0B43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D845A730F2A574C56D260CE4CEBC471
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47EA5EEBC4E2DDAEAAA1746DAEBF0C13
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upload files for free - bomb recipe.txt - ufile.io

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

95 %
HTTPS

82 %
IPv6

14
Domains

19
Subdomains

18
IPs

5
Countries

861 kB
Transfer

2334 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S503442293%3A1662914469467580&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBgaCaVkis-qur-ihesLbwVl7Wo40yLWPsO0ZTQ1Yh-u1T_YtezShmL6xMrpto-U4gvHmdNQ

Request Chain 23

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S100734689%3A1662914469465532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrpPfipsRx1YU76zBR79mnndhDWKLe2XnJ04UFzetjbFGFbrIkwD0VKxltT4TE7HrGkPHvoIA

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2s5gbtpx Show response
ufile.io/ 83 KB
21 KB 421ms
342ms Document
text/html 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.24

Resource Hash

4c3a42376af45dadcf2b15c411dde5e45eba379f44c3a6c4f30bca414db06a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7491d965cc0d3747-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Sep 2022 16:41:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRqlGTI0te21tla%2F5gsp7teUoxCsQM3RxiiGjNOZiJJ8Om9NlqUZaqYtdhwCxiXRWhU1%2BUOEjnWd9%2FUmr5s8bUpinUJJYXxMvzxMzjKSRjcY7aSaDs56JfCv3yoCs45sQZD5z%2FP5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.24

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 336ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31049e6e1e8cbc79efb2c0c05695c5ebdbe072f10c6fa5cfc6b838158b007760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57498
x-xss-protection: 0
server: cafe
etag: 10399123758793713615
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:41:09 GMT

GET
H2 200 roboto-v20-latin-100.woff2
ufile.io/assets/fonts/ 15 KB
16 KB 47ms
46ms Font
font/woff2 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/roboto-v20-latin-100.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/2s5gbtpx
Origin: https://ufile.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15808
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3dc0-5e27de0365600"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55um1gvU%2F2rfcrOyt87bmvXFKFnr5jRgFVvPjxUps7OHCtHaJVPPUDw%2FW0bSSFkQTR4K%2BAHAtuZBRlDeMDQC5ZG0M2vsBPXcwq0XGr%2F68AIjdRbrkhqPqg%2FxTrPxxRTZiQDq1Gs0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7491d967efb63747-MXP

GET
H2 200 11.jpeg
ufile.io/assets/img/backgrounds/ 24 KB
25 KB 39ms
38ms Image
image/jpeg 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/backgrounds/11.jpeg

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93afee0ec34bc8658e6ce2655a1b78a443ee5b0dd2f9e9290faf9e1464dafac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67210
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24779
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60cb-5e27de0365600"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7Ab4R1a3iHkUbDB%2B1niSLvYX20nRCv3swFX7VSFk6pUueCJdDcrJqZjaJFLH3Ekfzjjed08naG55dqbF3eAVOGSFFW7oFGMbYM%2FPf5zcwnj73y7T38CKTdzjVongrVrjPbAPX7O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7491d9680fe93747-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 spacer.png
ufile.io/assets/img/ 34 B
422 B 59ms
59ms Image
image/webp 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/spacer.png

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84858
cf-polished: origFmt=png, origSize=152
content-disposition: inline; filename="spacer.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "98-5e27de0365600"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9BpfLcqF13VjDbgBbktKHSkUq1BtnczEP4yAlbPW2wzoS%2B0q99IBKJDiEzxFfQfIBpG2uXjpxPviBM81018kKYwaSHHR4NZ1qxzy7m4ORrCHUxyhEN%2B7UvZirP4zTbE2OCuo2HN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7491d9680feb3747-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 download.js Show response
ufile.io/assets/js/ 5 KB
2 KB 43ms
42ms Script
text/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/download.js?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624120
cf-polished: origSize=10696
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pw9mvK9XjraoO%2FvQDZix7kq6QSL7Nykt2MoIzUkaAl7o4b6LgvWeORShN7eoAemiyDC3UwBtbJDfwNdWKr493ReUFCvaq3L%2FpnzQ889fDpulr2QbmCuTZsH1BYzob85ZpAmqRVcL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-bgj: minify
cache-control: max-age=2678400
cf-ray: 7491d967efbf3747-MXP
expires: Mon, 22 Aug 2022 21:30:43 GMT

GET
H2 200 bootstrap.css
ufile.io/assets/css/ 31 KB
6 KB 50ms
49ms Stylesheet
text/css 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/bootstrap.css?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624120
cf-polished: origSize=41042
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYjmrI8eYUj30chNQ16%2FIhspfpFxUJnn2W%2FwYCTmSyMUh%2BdilyZes1alLNFK8w%2FQglbP5mQsZrlTEmJl6i6w676YUfavyDvEhfXHJemDWfnzvyuVxhHwIzPCy0IQlSxmRf7dUIrt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=15552000
cf-ray: 7491d967efb83747-MXP
expires: Thu, 19 Jan 2023 21:30:43 GMT

GET
H2 200 theme.css
ufile.io/assets/css/ 86 KB
18 KB 44ms
43ms Stylesheet
text/css 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/theme.css?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624120
cf-polished: origSize=114399
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gTwnr5PARqlUr6lZ8i9S8LW1yhg2OzAEjtIkgLDMDhedzE5oYS5SmJjRytdgXwHjxtWYQsY9%2Bn708EzEvWqkcU4WIZy6SYfkyzAXCAwKmgtIYpsX2E9JAJPMXmqMIxZ6Uq4xZGa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=15552000
cf-ray: 7491d967efba3747-MXP
expires: Thu, 19 Jan 2023 21:30:43 GMT

GET
H2 200 utils.css
ufile.io/assets/css/ 60 KB
14 KB 45ms
45ms Stylesheet
text/css 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/css/utils.css?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624120
cf-polished: origSize=76432
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwHbuNHeb8KSP9YwDuaec5%2Bch3krheaUhOBFDl4br5Aosr4hdVijWvUxH9KhYsUUUhWQrXTEZcpKUEewlaf02rYi%2BV5EttBhiIp7RqWluKHFRvMa7GN7pG79I6lUEmwyBohqeZIQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=15552000
cf-ray: 7491d967efbc3747-MXP
expires: Thu, 19 Jan 2023 21:30:43 GMT

GET
H2 200 / Show response
d3vw4uehoh23hx.cloudfront.net/ 162 KB
53 KB 229ms
169ms Script
text/plain 2600:9000:2156:5e00:e:be87:cd40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:e:be87:cd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a32fabfd198003ac56c20988afa917dd72c88489d7942f1245c0b8e4570037e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 54052
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-id: qvTzFlN4uVDQX5B_mgh0Vbkz-4xXiyr6zvUKJ5FQoLaDY6TNhsnu4g==

GET
H2 200 logo-dark.svg
ufile.io/assets/img/ 2 KB
1 KB 57ms
55ms Image
image/svg+xml 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/logo-dark.svg

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2288779
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLqsAATfpuUQ5l9GL%2FoPLgKlVKXRt873sUs7kDA856lB02G1eUBbMFz9v%2F2AxLXY59xguLphiKL84IcdEJ%2BtB68NaDw5I8WlHDEV%2BNvO3Y4LjHxzUeYl0DXKZ8MioAiuJmDvlncG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 7491d9680ff03747-MXP
expires: Sun, 16 Jul 2023 04:48:11 GMT

GET
H2 200 jquery.js Show response
ufile.io/assets/js/ 87 KB
32 KB 58ms
57ms Script
application/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/jquery.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780241
cf-polished: origSize=89500
vary: Accept-Encoding
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15d9c-5e27de0365600-gzip"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PItv1TdjS6DnbH%2By6NhdaVLK%2BydeaiPeIxs9gFjIrcNtLx4pUEoacGg%2BBag%2BRGqt5n%2Fa6MlF9G2shy6Ha2Fai5StQLaqnvwbKzkJ0OE7WFtScePytyEFArTrZPSs13ex2O7oBEC7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2678400
cf-ray: 7491d9680ff33747-MXP
cf-bgj: minify

GET
H2 200 utils.js Show response
ufile.io/assets/js/ 33 KB
12 KB 114ms
113ms Script
text/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/utils.js?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1709865
cf-polished: origSize=47601
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5YbRXlnttYyn0cNkJdRXczuPcXSyGDZw1N4p68D9BRUdJLA7Jzu5MPk2L359baqHdGI7sOwTVaRKm6M03C7s%2BSDpo2o3asZyHyyzgDjPADXFz8xhOruz7VOW7vkztRxqd8Vkr7j"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-bgj: minify
cache-control: max-age=2678400
cf-ray: 7491d96888833747-MXP
expires: Sun, 21 Aug 2022 21:43:03 GMT

GET
H2 200 global.js Show response
ufile.io/assets/js/ 22 KB
6 KB 129ms
128ms Script
text/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/global.js?v=1563114509

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624131
cf-polished: origSize=36623
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5neKa4QqruhUolcANKBmt4Syo1TLohtLcVceZltPWHjbOs3DNansWUczrUGtJKUpF4zO5pmPCdgY%2FvQIjETh%2F7JUSmvHjSJ7FkVr5Lvo2kvzvi0JscTs5kYsJev4c69ooZHFO%2Fj3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-bgj: minify
cache-control: max-age=2678400
cf-ray: 7491d96888883747-MXP
expires: Mon, 22 Aug 2022 21:30:43 GMT

GET
H2 200 ab.js Show response
ufile.io/assets/js/ 3 KB
1 KB 117ms
116ms Script
text/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/js/ab.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1708168
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B336U6g4zBH92qXO%2B0xjgDBQ2%2FpkhbpPjeCul28UQDB1G0IxxMVc5J%2BwJfmE70ZkUd0rIoAuck9V96tAkmxJAhccL8aEWM9CKxDzDvEmvYiK7KGFJrDe7SF8cjoD16stWYU5CPiI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-bgj: minify
cache-control: max-age=2678400
cf-ray: 7491d96888863747-MXP
expires: Sun, 21 Aug 2022 22:11:21 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 146ms
85ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7491d9686f1a23f7-ZRH

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 154ms
93ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://ufile.io/
Origin: https://ufile.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7491d9686d7d0225-ZRH

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 79ms
23ms Fetch
binary/octet-stream 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Sep 2022 15:38:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcIRImKbnYIiVehUoGQpkeKQMrfPwi1NUtyCJayXy0ekydruqMEkscgClATiKpC39HFA42gITSxKhJBCLPpK9N%2FGD9ZkCPnIZS2%2FnHklP77VGwIS9zN9Iz%2FgNtny%2BMi0"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://ufile.io
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7491d969ed659024-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
365 B 184ms
129ms Fetch
text/plain 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0894609eee07d4835b65e70959e2efb7bbbc917b3002ae0109db135ef38c1b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://ufile.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edE0i20d2NqsViq4er57BvOtjnbX%2FnRkMbsth0TWrn9tWyeUX5fJmTxlLZxgAvxdcHKVlGvN0w94aqmxNdse8E2c0d7XVYsPQE%2B46ioDcmObYBRZ%2FbmjSVk5QJSyWXrP"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7491d969ed669024-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
oulukdliketo.shop/ 0
485 B 4448ms
218ms XHR
text/plain 13.32.110.29

General

Check archive.org

Show headers Download Go to

Full URL: https://oulukdliketo.shop/utx?cb=hnjcDk2ofOWk&top=ufile.io&tid=963182
Requested by: Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.29 -, , ASN (),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 16:41:13 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://ufile.io
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: cjE-rOTA-hiIQxy8hySWS7Sie3NeAYr76_yOyYMF6EITHEu5f-SLoA==

GET c0tkOEESKQdVfhJ2Bh40ASdZHXM1blZ+JUA9Eww0FiMLUHNAIxwWIh8kEVwnASQKTG8dLhAdczUbB385OgVUfRUyMj5qJxQaInQAA382VHhGD1d2FjEhEGENBAk2dQZHByFBJgsfHm0EMQghehsEGjN0AAMzMl8AAxw3Yg8gIlViCBh6AFotKichVAdLDjBtADIyK...
oulukdliketo.shop/ Frame C153 0
0

GET
H2 204 Z2lTR01IVjA0cDNYGTcCMRlhJiEAJjJ0dBY+EgUkAj4RIwlVJHUzJANUanF+VlFhYT0ODW52axQdMjM4FFRiYSQJDzx6axFUYml+U0dhf2NWTyZ6fEEdIyYqWlh1NzkTBW52e1FbanZ5U19qdHtQ
lcreatessque.xyz/ 0
410 B 177ms
124ms Image
text/plain 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lcreatessque.xyz/Z2lTR01IVjA0cDNYGTcCMRlhJiEAJjJ0dBY+EgUkAj4RIwlVJHUzJANUanF+VlFhYT0ODW52axQdMjM4FFRiYSQJDzx6axFUYml+U0dhf2NWTyZ6fEEdIyYqWlh1NzkTBW52e1FbanZ5U19qdHtQ
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkCDKO%2BqqvP2ZRL%2BlrzaELMiDyFukaO6TtE01QCKTR2QgSNLGNBL0df%2FNehFim%2Fm057QR%2FIHyfCqf9uuBgJpmrKuQ5%2FVdfalHFcnr2iS4W0vpo4s5TC7L2jpPqjQ5Y4SRrwx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7491d96a0c4a5b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 235ms
141ms Image
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S503442293%3A1662914469467580&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...

0
0

137ms
103ms

Image
text/html

2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S503442293%3A1662914469467580&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBgaCaVkis-qur-ihesLbwVl7Wo40yLWPsO0ZTQ1Yh-u1T_YtezShmL6xMrpto-U4gvHmdNQ
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H3
Server: 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Sun, 11 Sep 2022 16:41:09 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S503442293%3A1662914469467580&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBgaCaVkis-qur-ihesLbwVl7Wo40yLWPsO0ZTQ1Yh-u1T_YtezShmL6xMrpto-U4gvHmdNQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-uY_M_2iaQLy1XEvSarcXaQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S100734689%3A1662914469465532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSi...

0
0

141ms
107ms

Image
text/html

2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S100734689%3A1662914469465532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrpPfipsRx1YU76zBR79mnndhDWKLe2XnJ04UFzetjbFGFbrIkwD0VKxltT4TE7HrGkPHvoIA
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H3
Server: 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 397
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
date: Sun, 11 Sep 2022 16:41:09 GMT
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S100734689%3A1662914469465532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrpPfipsRx1YU76zBR79mnndhDWKLe2XnJ04UFzetjbFGFbrIkwD0VKxltT4TE7HrGkPHvoIA
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce---qQsEXFhsoboX7yTcVNZg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5949
date: Sun, 11 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 11 Sep 2022 17:02:00 GMT

GET
H3 200 invisible.js Show response
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8F74 38 KB
14 KB 33ms
33ms Script
application/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662912000

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a12fddda6d7f64718bd408111ee832ea608606b0773a9b7f333e0c7f762e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTJPP6t1sQ2JfVnCzRAMKbv72hNp65BrvnQy1XgBvnT105X0ONyZF5EyLRR6KLh6JupJZxqDNSqaiFHTg4Cc6Z5GsjrOVgr1hNnyxPk3xBP1%2B4BaRlZgWSfa9TLVmAerVNkMJ7lW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-control-type-options: nosniff
cf-ray: 7491d96a2b2e59a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fa-solid-900.woff2
ufile.io/assets/fonts/ 74 KB
74 KB 53ms
53ms Font
font/woff2 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/assets/fonts/fa-solid-900.woff2

Requested by

Host: ufile.io
URL: https://ufile.io/assets/css/utils.css?v=1563114509

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ufile.io/assets/css/utils.css?v=1563114509
Origin: https://ufile.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "126b0-5e27de0365600"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Dt8Hmyr792iWsfBuOYaR%2BwC4Q0fG%2BhPgEOTDMwbPwGLUdgc6g4bUb%2BeKS9Vhx%2FarSCi924mVFOyaTvTlLm5IzTngJgOOgNE013KKVq22Lf0OPNm1YW%2BNhx4Dif9L2RcXE%2BVPeab"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7491d96a3b4759a7-MXP

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 345 KB
121 KB 106ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8453236626207385&plah=ufile.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124232
x-xss-protection: 0
server: cafe
etag: 2742981689124652378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Sep 2022 16:41:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame 7563 10 KB
5 KB 67ms
15ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 15:34:28 GMT
etag: 8616628553774171045
expires: Sun, 25 Sep 2022 15:34:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 55ms
23ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=43950683&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2F2s5gbtpx&ul=en-us&de=UTF-8&dt=Upload%20files%20for%20free%20-%20bomb%20recipe.txt%20-%20ufile.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1420442767&gjid=181488570&cid=784504051.1662914470&tid=UA-73416834-1&_gid=29731187.1662914470&_r=1&_slc=1&z=1056132015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 16:41:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ufile.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8F74 19 KB
7 KB 85ms
84ms Other
application/javascript 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922b316a07cc2aa7cd6ebbcd53daf0f310ffd43b17b89b7666cf55ea89a1e14a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gchDym2AWF%2BvPg8VhH%2F31bk6vtV0Q2JljuVRLDfOtX%2BMuUQyDx4bDfQbqb7UVxQQs43MMC%2BGS2jU2LGQOAicERJAsp6v1i8tkK9lJWiiorafzdlAAlSIvyKLKoyYH3N44tpIR30Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-control-type-options: nosniff
cf-ray: 7491d96a9c3459a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 82ms
27ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73416834-1&cid=784504051.1662914470&jid=1420442767&gjid=181488570&_gid=29731187.1662914470&_u=IEBAAEAAAAAAAC~&z=1415858708

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufile.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Sep 2022 16:41:09 GMT
content-type: text/plain
access-control-allow-origin: https://ufile.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
639 B 100ms
23ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ufile.io&callback=_gfp_s_&client=ca-pub-8453236626207385

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8453236626207385&plah=ufile.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3bcbcef8e810011e46da848f90841d3d4dd479b1db005573923cc3e7146b2740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 866ms
738ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ufile.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 16:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
27ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ufile.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8BD 18 KB
5 KB 146ms
114ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&adk=1812271804&adf=3025194257&lmt=1662914469&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469490&bpp=2&bdt=403&idt=205&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6170935783321&frm=20&pv=2&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea21b05a8af98278a0daab38fe1c760f64af946bb4308c9137aa1512ab19732c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5091
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:09 GMT
expires: Sun, 11 Sep 2022 16:41:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4418 436 B
236 B 188ms
168ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=9984807553&adk=1930187984&adf=2617130762&pi=t.ma~as.9984807553&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469492&bpp=1&bdt=405&idt=227&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YXJmUlc1ti&p=https%3A//ufile.io&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e09aa7bf34ebb30613f136ecaced824720e189210a85a64e709425dc5ddd8b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:09 GMT
expires: Sun, 11 Sep 2022 16:41:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7491d965cc0d3747 Show response
ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8F74 2 B
682 B 57ms
57ms XHR
text/plain 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/7491d965cc0d3747

Requested by

Host: ufile.io
URL: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662912000

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Sep 2022 16:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAM731WlfhAPkVy6t3oT9PG%2Be0dNBZ%2BFQfOwb%2B7agvJEXJiIQcP1g%2BAT8sPaAyhKy%2BPx7zLxyI6VBoqYKNwbU9OGX3%2B5Spcf2mhQsdnwn%2F8vjE8VOeX5RY3WwBkkvaTAYwL0E7Ws"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7491d96ca90059a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87A7 436 B
236 B 165ms
165ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=2601344819&adk=2030062158&adf=2221687645&pi=t.ma~as.2601344819&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469494&bpp=1&bdt=407&idt=358&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jDuGgEiDRj&p=https%3A//ufile.io&dtd=361

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3080dcea6d377f95038db1e20e6dd84ed2edf92f81d6ed7a5f1ea5dbfff7a8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:10 GMT
expires: Sun, 11 Sep 2022 16:41:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 005E 436 B
235 B 175ms
174ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=7662099808&adk=953870729&adf=2604863999&pi=t.ma~as.7662099808&w=1140&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469494&bpp=1&bdt=407&idt=366&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=1&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gQeG3HeNJA&p=https%3A//ufile.io&dtd=369

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32e39e67e19043a67a13f79d429f9d66111413f537dbcbee18e1d01c058fe79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:10 GMT
expires: Sun, 11 Sep 2022 16:41:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20E5 436 B
237 B 211ms
210ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3987640334&adf=3418555885&pi=t.aa~a.3345392337~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1662914469&rafmt=1&to=qs&pwprc=9642828768&psa=0&format=1110x280&url=https%3A%2F%2Fufile.io%2F2s5gbtpx&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662914469891&bpp=1&bdt=804&idt=1&shv=r20220907&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddc15e7e6c950ada6-22656b671cce006c%3AT%3D1662914469%3ART%3D1662914469%3AS%3DALNI_MbfxDT0cQZvKe7HtaBKLeLc2cU17w&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=2&correlator=6170935783321&frm=20&pv=1&ga_vid=784504051.1662914470&ga_sid=1662914470&ga_hid=43950683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773260%2C31068920&oid=2&pvsid=1841450131231120&tmod=1376780787&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O5H1ti0LA4&p=https%3A//ufile.io&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7962750b6eb25ac75daff00de2f1fbec3b83ff69b14ffd67ef9b03b54792589e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:10 GMT
expires: Sun, 11 Sep 2022 16:41:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 popunder.gif
lcreatessque.xyz/ 35 B
545 B 50ms
26ms Image
image/gif 188.114.97.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lcreatessque.xyz/popunder.gif
Requested by: Host: ufile.io
URL: https://ufile.io/2s5gbtpx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: public
date: Sun, 11 Sep 2022 16:41:10 GMT
cf-cache-status: HIT
last-modified: Sat, 10 Sep 2022 11:35:21 GMT
server: cloudflare
age: 104749
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDAcyylOaSUhgAlQHP1jgi5jLO38Ryn07Kxfkh2%2BsBiyBssJicogKlOGP4M0Z6mokhPv86mcwiwsc2Eh%2FV2evzXK18ZxrruZNBGp7sFGwNmAEkf7uYGg7h5DB5PMyRlDg6mQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7491d96da9de9c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
ufile.io/ajax/analytics/ 0
558 B 443ms
443ms XHR
text/html 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ufile.io/ajax/analytics/

Requested by

Host: ufile.io
URL: https://ufile.io/assets/js/jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.24

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ufile.io/2s5gbtpx
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZigogYdboEefAVCeh5bvshNGEQzT6G%2B4AnQrrkJZyMipcP5yNWPo8uYjoqBwLp1PzMwXFCiNEeC8EImS4FmHPv5IwakBWfQ53%2BVeNQv3ZFxRyeBeROJ95B04faMuhe84HebAZhp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7491d97aa90d59a7-MXP
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 105ms
46ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: ufile.io
URL: https://ufile.io/2s5gbtpx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d250d2e97e39039f13651642e7877bc1da24918a8f0131bc12b4503d5928524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16001
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
server: cloudflare
etag: W/"622f402b-1f63"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 7491d97b08ff23f7-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Mon, 12 Sep 2022 16:41:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 94ms
62ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a278468ee4eb45cf9d6fa6122bbe81c5e067853c9d72b3cc5ad63c1b264f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11060
x-xss-protection: 0

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 49ms
49ms XHR
text/plain 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ufile.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
content-type: application/json

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://ufile.io
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7491d97aef710225-ZRH
vary: Origin

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 38ms
24ms Preflight
text/plain 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ufile.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ufile.io
access-control-max-age: 86400
cf-ray: 7491d97acf300225-ZRH
content-encoding: gzip
content-type: text/plain
date: Sun, 11 Sep 2022 16:41:12 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 payment-options.png
ufile.io/assets/img/ 26 KB
26 KB 45ms
44ms Image
image/webp 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/payment-options.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261455
cf-polished: origFmt=png, origSize=32805
content-disposition: inline; filename="payment-options.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26398
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "8025-5e27de0365600"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w79IhYXizY6wbutLbLGJj9Oi%2BEg8R7nQihu%2FAdPfchVe6c8%2FfdwLrcXRtbbNjYcOVdFDQT3nEd3mwHJBua2FdrjFlJyI%2BehZn2hwzVHIJQfrGg%2B%2F4m2%2F6CvDvCtZcP35fCWPL6R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7491d97ac94659a7-MXP
cf-bgj: imgq:100,h2pri

GET
H3 200 banner.svg
ufile.io/assets/img/ 17 KB
13 KB 47ms
47ms Image
image/svg+xml 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/banner.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Jun 2022 08:32:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"431c-5e27de0365600"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4X1usrD2P4luzq0aVKe2LEPAR%2B7CMtzXWD67vsq46v0K3d4d4Yd6w6lrcCrIiGZE2vfBN5IZjBGx%2FTB04c7RRGLcWUzqscVvcp4aqge43HUON41LnI79oeh433ooq9o8i4GC9zS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2678400
cf-ray: 7491d97ac94959a7-MXP

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 16:41:12 GMT

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 379 KB
95 KB 108ms
76ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?8ce76c3

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58f0ec557278fc87b72c5fe3c29ccf4386693d5bec9c8015826e97e0fcbca5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15995
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-5ec2b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 7491d97b8c85cc4a-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Wed, 08 Sep 2032 16:41:12 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 327 KB
40 KB 174ms
143ms Stylesheet
text/css 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?8ce76c3

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ae72d5e95bee6d5da95925534e2db5ff0fb9cb5b76d8920cac9330d9f93785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15999
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Sep 2022 12:13:29 GMT
server: cloudflare
etag: W/"63173969-51a35"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 7491d97bdd01cc4a-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Wed, 08 Sep 2032 16:41:12 GMT

GET
H3 200 file-types.svg
ufile.io/assets/img/icons/ 29 KB
12 KB 46ms
45ms Image
image/svg+xml 2606:4700:3032::6815:4216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ufile.io/assets/img/icons/file-types.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/2s5gbtpx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 16:33:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vih%2BBWLeOrl9hRK332SwGe87bHpfKY8f9870CvMploTP1aAJ41HCWT5UnIpYbdxkjPmHUE7EePqYLf6v2BBU6WS23g3S4Mf3aX8%2BAsz5IDBT%2BnLV6gnYgC2jWntvfRBVeSqy2ocw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 7491d97bbb9959a7-MXP
expires: Sat, 08 Jul 2023 21:02:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D84 13 KB
5 KB 50ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 15:20:00 GMT
expires: Mon, 11 Sep 2023 15:20:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 47EA 783 B
1 KB 81ms
26ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e004d88e0a9b047e87bd7533473e9ac54d4748dcc1f64bec21ebc4b9c3a1301

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K-_ycsDqHeSOenDzC27FnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ufile.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-K-_ycsDqHeSOenDzC27FnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 16:41:12 GMT
expires: Sun, 11 Sep 2022 16:41:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D84 36 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 20:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 20:15:44 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/ 213 B
524 B 52ms
52ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-8-11-16-41

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?8ce76c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a14100f222a17b1eb489c807cbb02ce82d6eb8c17413b9743e35e175a66d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Sep 2022 16:41:12 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 7491d97cce5fcc4a-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Sun, 11 Sep 2022 20:41:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 47EA 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=1841450131231120&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D84 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RZ74tQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 / Show response
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/ 1 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1643547457112

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?8ce76c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2025
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Sep 2022 16:07:27 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 7491d97d1edccc4a-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Sun, 11 Sep 2022 20:41:12 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?8ce76c3

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?8ce76c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a367d60c5c510ae8dca636b0cd0cbbc7a047514e5e4361eed6fbb389f6699fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 16:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15952
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
server: cloudflare
etag: W/"62a737a2-182b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 7491d97d5f1ecc4a-ZRH
access-control-allow-headers: Content-Type, Origin
expires: Wed, 08 Sep 2032 16:41:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=1841450131231120&bg=!MTKlMnbNAAZTikH4c4o7ACkAdvg8Ws-5lj5UnyW73zHuXzzjXpwz7BkN59dNCdwi4RwLCIvOwTlobgIAAABuUgAAAAJoAQcKAJHZPcN2lJSg-ySehm0MuPfGhSji9WyMkCwcV9wb1lkY0WEuM5bZH5u0empOShQ_Qi4fW_X4B3kMM5JMlZnWx0UgELKfbl-7SN7iVyz517sCj0OzRztysGmDZ_ZIVDBCY81wwNxnLQFd2JRQ1umTULy14e2JA8k3KbN8ARH6wwKQDY9-UoHOkmNB9qzc0YNmXlfQmQLh0M-x9SG6IN5x_9AYtvRTMbH034JD92bAluRW0p4-oLZHr9aqTZkGxHy_R9HIS0eYZzYSc97YmlGcPh3SyXGDN4NjRFWv-OunIDu1hdg-WleqZlVkWEsXsbYgrqv9W77_g11vxCeQXr-EdFYoWAl3yJWrWyj1xQoUroEHcLD9whoH2PNZc5Oyuam3etlAjK7flu_Q6tOn7grknQxmTyObOxQenjnhZ_pl_IXVEdmlIra0dv2iziKdT6Ei1CEtXB2e5R5XBcoHLP52RtGz99t93CWuF-sktBKKYc1axw7kUJnIUQ1bhdvBbcpa3MZ2UyR-L3xtwLdShPXzzPZPL8p9LjMj2SXt23i6mBY-UM9swTB0Nbudbg46QSfXRqOtxBbs1VxA5U183ELCn1FagUkYuYOpprh9ZaiNe7EWHBsxXu3PaMpxyTVujJXJvjjpGbtOJ3Wi7AQoXN1EF5xnXtl7bdB3f9CsYxG-BLTsSVmn38ncmb7V8mRWaXCPjt7vABcHb2j1QoKgmTpe5qBsAME8R17y5EG4KgpcupD6-DXunWebhFhOrpItJi0Fiaqb_0anGESIM-vupln_Mb5jM24_mVOeMbh9ihxGkYyj7lcpZaKaxqkAR4wJ5EPCFHJhhi7tDT-81MSHLZeFcn0VFUg6ysoILSiz0TYcEpVxXQo1LWJXoKAjY5lSXcqBpYp6VR0VQ9xLq8upc7mcBhGNL1yReTH1_bjaxnONf9vUpZ1fBgYlZMIF3mhvGzce3stAaKoAUior2x2IQN8gOy8HKTFVa6PgmDoRS4B1i6Dnzln6q27l9Tjdu1S5urqYMT9a3-vJ5jjbbnnUhve7Jz9sOuNluAEdOK5cDtdcin5Hil5rj-JZ90VCn2ULxyPysAaGnHbpq-kdrGpHxIrso32z_Bzb1cidnlgUa7-nMc-Y1lz84nLbI2SQ-oBCoUgVoY_WoABka35-CdHSGcFGupw1fTK1NlU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufile.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oulukdliketo.shop
URL: https://oulukdliketo.shop/c0tkOEESKQdVfhJ2Bh40ASdZHXM1blZ+JUA9Eww0FiMLUHNAIxwWIh8kEVwnASQKTG8dLhAdczUbB385OgVUfRUyMj5qJxQaInQAA382VHhGD1d2FjEhEGENBAk2dQZHByFBJgsfHm0EMQghehsEGjN0AAMzMl8AAxw3Yg8gIlViCBh6AFotKichVAdLDjBtADIyKXMLIQ4ydHAifidpLhofVlsHNxMyWQ0UJCJyBwAsMm51PAoJAQAgEwtwICIoInItPj4mQHgHCTx9JDQMVH4iJg0HYiYXIDVBdAcJPH0JMRg9eiUlHQJ7KTkxNXoTVnkmeXMbHTxWbBscKWkAMgcxeSo2LAdQEEEZJ3MvQw4AVHQVLQxyOyIONVIZCR4AeQZDDSVUFxYuIksuNDwITAMrDjx7EgcoKFQtOS4DWyg0CVBWFhoZMmAmRwwHbRcwLiZUcSIdMgEGKwklYCxDDQdpDD0HCGE7NB4IDiIrGSBvcyoOAAkYKS81YWcZOAtWMU4zPXIiNzIcTDUbIlI

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ufile.io/	1970-01-20 05:55:36	Name: csrf_cookie_name Value: b8bcabd3f8d501d826a2ac0353c2bc82
.ufile.io/	1970-01-20 05:56:40	Name: _ci_sessions_ Value: 7otrcuee2g2n4njehfo79gvievmj80ja
.ufile.io/	1970-01-20 15:31:14	Name: _ga Value: GA1.2.784504051.1662914470
.ufile.io/	1970-01-20 05:56:40	Name: _gid Value: GA1.2.29731187.1662914470
.ufile.io/	1970-01-20 05:55:14	Name: _gat Value: 1
pogothere.xyz/	1970-01-20 14:33:38	Name: csu Value: 659361866765241@1@1662914469
.google.com/	1970-01-20 10:18:45	Name: NID Value: 511=UJmrKEu6ZrHiYrTuB2nDMMcek-x3obj8FeRWZUYo9ZT9PXdpVNPahEdMBC7rM3yNwNs7Dihp_TdRj3MU1zux1nebswx0U_jiKQCr5kNIlsjbwkMlO8wif21hCMgxsHYdNss1NKQGjudN_q8g-y5OkiuQ0Kv0cqHqUwfptr4vm6g
.ufile.io/	1970-01-20 15:16:50	Name: __gads Value: ID=dc15e7e6c950ada6-22656b671cce006c:T=1662914469:RT=1662914469:S=ALNI_MbfxDT0cQZvKe7HtaBKLeLc2cU17w
.ufile.io/	1970-01-20 05:55:16	Name: __cf_bm Value: 3RE8lFyEs2xx4kJH6Qv5Y_yfO8cAm4fRU55E4BXR_tQ-1662914469-0-ASBy0gNSSo6Dm1rMO5n8k5ho1kMPymlXoc5PJ9B7GFsds3pvgDlm09Ng54YmLU+YA22HXl3XJIlH5GyB6+uu8u324hJR6VpNPXekRpLGx6QWjFoTXV0I34kvSsccz5/xcw==
.doubleclick.net/	1970-01-20 15:16:50	Name: IDE Value: AHWqTUmwuC32z4z8XQJ6y7_qQAo0SKmXcdduiJHZOHDhqClXZen59Gex4D_j0FGkx_I

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S503442293%3A1662914469467580&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBgaCaVkis-qur-ihesLbwVl7Wo40yLWPsO0ZTQ1Yh-u1T_YtezShmL6xMrpto-U4gvHmdNQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S100734689%3A1662914469465532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrpPfipsRx1YU76zBR79mnndhDWKLe2XnJ04UFzetjbFGFbrIkwD0VKxltT4TE7HrGkPHvoIA Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
client.crisp.chat
cloudflareinsights.com
d3vw4uehoh23hx.cloudfront.net
googleads.g.doubleclick.net
lcreatessque.xyz
oulukdliketo.shop
pagead2.googlesyndication.com
partner.googleadservices.com
pogothere.xyz
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ufile.io
www.facebook.com
www.google-analytics.com
www.google.com
oulukdliketo.shop
13.32.110.29
142.250.181.226
188.114.97.12
2600:9000:2156:5e00:e:be87:cd40:21
2606:4700:3032::6815:4216
2606:4700:440e::ac40:9c1a
2606:4700::6812:1d5b
2a00:1450:4001:802::200d
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2001
2a00:1450:400c:c06::9c
2a03:2880:f107:83:face:b00c:0:25de
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
0894609eee07d4835b65e70959e2efb7bbbc917b3002ae0109db135ef38c1b0d
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7
0e004d88e0a9b047e87bd7533473e9ac54d4748dcc1f64bec21ebc4b9c3a1301
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d250d2e97e39039f13651642e7877bc1da24918a8f0131bc12b4503d5928524
3080dcea6d377f95038db1e20e6dd84ed2edf92f81d6ed7a5f1ea5dbfff7a8cb
31049e6e1e8cbc79efb2c0c05695c5ebdbe072f10c6fa5cfc6b838158b007760
32e39e67e19043a67a13f79d429f9d66111413f537dbcbee18e1d01c058fe79e
3bcbcef8e810011e46da848f90841d3d4dd479b1db005573923cc3e7146b2740
4c3a42376af45dadcf2b15c411dde5e45eba379f44c3a6c4f30bca414db06a2f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f0ec557278fc87b72c5fe3c29ccf4386693d5bec9c8015826e97e0fcbca5c4
5a6b44f20836bb0cc7a629d225348730be0b603b1da1764d6d361fb657d98e02
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
73a12fddda6d7f64718bd408111ee832ea608606b0773a9b7f333e0c7f762e96
75a14100f222a17b1eb489c807cbb02ce82d6eb8c17413b9743e35e175a66d77
7962750b6eb25ac75daff00de2f1fbec3b83ff69b14ffd67ef9b03b54792589e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
922b316a07cc2aa7cd6ebbcd53daf0f310ffd43b17b89b7666cf55ea89a1e14a
93afee0ec34bc8658e6ce2655a1b78a443ee5b0dd2f9e9290faf9e1464dafac7
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
9d8a278468ee4eb45cf9d6fa6122bbe81c5e067853c9d72b3cc5ad63c1b264f7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32fabfd198003ac56c20988afa917dd72c88489d7942f1245c0b8e4570037e4
a367d60c5c510ae8dca636b0cd0cbbc7a047514e5e4361eed6fbb389f6699fb8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6ae72d5e95bee6d5da95925534e2db5ff0fb9cb5b76d8920cac9330d9f93785
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e09aa7bf34ebb30613f136ecaced824720e189210a85a64e709425dc5ddd8b87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea21b05a8af98278a0daab38fe1c760f64af946bb4308c9137aa1512ab19732c
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

ufile.io Open in urlscan Pro 2606:4700:3032::6815:4216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

82 %IPv6

14 Domains

19 Subdomains

18 IPs

5 Countries

861 kBTransfer

2334 kBSize

10 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ufile.io Open in urlscan Pro
2606:4700:3032::6815:4216 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

82 %
IPv6

14
Domains

19
Subdomains

18
IPs

5
Countries

861 kB
Transfer

2334 kB
Size

10
Cookies

63 HTTP transactions
0 data transactions