URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Submission: On December 23 via api from US — Scanned from US

Summary

This website contacted 10 IPs in 1 countries across 11 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::6815:6001, located in United States and belongs to CLOUDFLARENET, US. The main domain is vikingf1le.us.to.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time vikingf1le.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 6 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
22 10
Apex Domain
Subdomains
Transfer
6 us.to
vikingf1le.us.to
57 KB
5 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31478
3 KB
4 vikingfile.com
vikingfile.com
7 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 discovernative.com
discovernative.com — Cisco Umbrella Rank: 486360
2 KB
2 superonclick.com
superonclick.com — Cisco Umbrella Rank: 300927
7 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 520175
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 33025
648 B
1 zjd-nmdong.xyz
zjd-nmdong.xyz
25 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
22 11
Domain Requested by
6 vikingf1le.us.to 4 redirects static.cloudflareinsights.com
5 youradexchange.com vikingf1le.us.to
4 vikingfile.com vikingf1le.us.to
3 challenges.cloudflare.com 1 redirects vikingf1le.us.to
challenges.cloudflare.com
2 discovernative.com vikingf1le.us.to
discovernative.com
2 superonclick.com vikingf1le.us.to
1 ufpcdn.com superonclick.com
1 pubtrky.com zjd-nmdong.xyz
1 zjd-nmdong.xyz vikingf1le.us.to
1 pagead2.googlesyndication.com vikingf1le.us.to
1 static.cloudflareinsights.com vikingf1le.us.to
22 11

This site contains links to these domains. Also see Links.

Domain
discovernative.com
ceveq.click
Subject Issuer Validity Valid
vikingf1le.us.to
WE1
2024-12-04 -
2025-03-04
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
youradexchange.com
WE1
2024-12-06 -
2025-03-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
challenges.cloudflare.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
superonclick.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
zjd-nmdong.xyz
WE1
2024-11-30 -
2025-02-28
3 months crt.sh
pubtrky.com
WE1
2024-11-09 -
2025-02-07
3 months crt.sh
ufpcdn.com
WE1
2024-12-21 -
2025-03-21
3 months crt.sh
discovernative.com
WE1
2024-12-22 -
2025-03-22
3 months crt.sh

This page contains 3 frames:

Primary Page: https://vikingf1le.us.to/f/LkWTKeCx9D
Frame ID: B629E34B8AD267B35DC961214E3501D6
Requests: 20 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/a44ad/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Frame ID: B0E1E4BF74D48E97E058CE71EBBE7FEA
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: FFC370D5408ACD8D79A5A3B4DD544CB1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Prey 1979 UNCUT vostfrMAISON.srt

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

22
Requests

77 %
HTTPS

100 %
IPv6

11
Domains

11
Subdomains

10
IPs

1
Countries

175 kB
Transfer

536 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css HTTP 301
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Request Chain 1
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js HTTP 301
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Request Chain 2
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Request Chain 17
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request LkWTKeCx9D
vikingf1le.us.to/f/
187 KB
56 KB
Document
General
Full URL
https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:6001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195c7e8c4f64c1fc3abac808ac18b81db1400e71d6439b6c5e976298df1b90f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8f6898b5bea45e65-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 13:11:16 GMT
expires
Mon, 23 Dec 2024 13:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YV6ISelwwQGqtAZvZSHXtZ3bX9yOob1lIuq9XeAdFN1njHifDM1aP3%2F8s7bqFBhURxhytbEHctdTbW66r%2FbT8WE5YjUWUFR6wyR0lIjkBlYQ9as%2FDZ7NXbm8ZggiOba7KPROYuab2%2FZcNi1%2By1da"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
vary
accept-encoding
app-8d25417b523b1c5329702f7be101aa30.css
vikingfile.com/assets/styles/
Redirect Chain
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
4 KB
2 KB
Stylesheet
General
Full URL
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e9c692595ca3860b557a48d0b0f7486202586b05a68f818187010bdce970ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6762db00-11ba"
age
5922
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2df1TLP5X4LX%2Br6PrV%2FErTPNTAde8vQEzSUJi1ocf%2BBc2ksJ0tIZTL9ZglVge4edHtwhTWdLIMAfiaYRHImxq0HaUYtXT6nUtxMVDef1bWzsKN7C%2F%2BZqEy6ns5lUAl6gM77C2m3QzazkmTUNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b9cec942eb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 14:24:00 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
cf-cache-status
HIT
age
762
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lg%2Bm4EJDOz907GcHERNs8IFUt5H9YVOTSkAE%2BoU2aCsOvkEqokz%2BipPee1UtmMGRa9oQ3zTHQwjQ7vUr%2FuvUhDHbGFzt916vr1iINPyTifuwljrbEatU4F0VxRtEu8HtCgExqbFA3tNcCbMRyzA7"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b90ea55e65-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
custom-0b295c18913e200a4e6c987fa3eedf57.js
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
12 KB
3 KB
Script
General
Full URL
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6749c703-2e34"
age
5922
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7b4C29mbTT2DwQfmE1fL9uIU%2B2YIoZXeq8%2Bjg0Au3W3fXVA5HXVPfUFaccsP4vKkiQy5rfUGO%2Fo8NT6vChgskqu16twFejxXtoeZwrChssFmc4M71KlLCTWp2qBONAyudZEBsw1NjtXNx%2BTUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b9cec842eb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:52:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
cf-cache-status
HIT
age
762
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HR6dpbNnF90M%2Fm1pvos1dT5BnpDDcTdyyzlCritiUYaGDgScB9MBbAZTHDKw2RV9aUmc21NW9jIfaO2OWib8a7NM4n6GfrMMvJ8sTf9Mk%2FbI%2FtATHggQvoXctD7J5meNJd%2Bre4bzzcRLilYpnpP"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b90ea65e65-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
2 KB
Image
General
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
1636
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AH6woJn%2Fo3dERVN843M0zni5Lz8cBncPNGnIRMXr0CTiRj%2BMshANVoZjBc4Xhiiv4XJ3TWRWTBehmgos1vWTmKGSQ1Di0tA0HnjskJpdutXDTeyEC8GVATAPECmcFo%2BUDNOyC0vThhtBUuYeKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898bc5ed042eb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
EXPIRED
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8vKtH7N1eGmnvztGl6XcBe57I7ZYLQhJV0p1GFptjks%2BkF51FBvcmILRIno3Bc9a9JAFMrki5N89fi67qwS5TM8%2F1WAoF%2Btgx%2Btiw3XGPApF0b%2BLWKRGs2jnAf0%2Bn%2B5Rqdu52APAVw%2F7Pla5KMv"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b9fea75e65-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H2
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f6898ba59fe0fab-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/787bc399e22f/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8f6898ba39f10fab-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 23 Dec 2024 13:11:16 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vikingf1le.us.to
Referer
https://vikingf1le.us.to/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f6898ba3c767293-EWR
access-control-allow-origin
*
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
czcf.php
youradexchange.com/ad/
891 B
1 KB
Fetch
General
Full URL
https://youradexchange.com/ad/czcf.php?cz=5cjbr1mglc&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e8d07eb62e09c0dea5f53b23d55e362e4e8877ede390427cbeb746bea7d5d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCDivtFLJIx1XNfZgVBa1ebe0KYa5kWUdPqb6L0bBz62w3K52KnPvPCoGctaMx2dFIyVwt%2BX6OJxe%2FvVcL%2Bya26gxWpFaaLOcq7ui8r4%2BogtArzD1JIW67EyOdmxZZR%2F8HDIkJxoYNl%2BDK%2BU3%2BGLKQo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2996&min_rtt=2687&rtt_var=940&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4261&recv_bytes=6361&delivery_rate=959&cwnd=12000&unsent_bytes=0&cid=7793de749ba2e98b&ts=57&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/html; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f6898ba3e9e726f-EWR
access-control-allow-origin
*
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b727371a3604524116d8bf0e8b049f05fe9217ffdda14d0defd3891128731cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
br
etag
1350231187462006163
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 13:11:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53250
x-xss-protection
0
server
cafe
banner.php
youradexchange.com/script/
0
0
Fetch
General
Full URL
https://youradexchange.com/script/banner.php?r=9198926&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FLkWTKeCx9D&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbtitle=The%20Prey%201979%20UNCUT%20vostfrMAISON.srt&srs=31f07c77f8a6034e5c3b8b0c52445c17&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US81624%20bits&atv=57.0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lxv91VbiIzzvDhLK2u5H7%2B4CD66UTGOt34FFxTqVZXdyQmX%2FRTiYxVunlW4Db9C2D%2BYpE7USNOMCVBv%2FR%2B9N%2FW6X20eQCz8vkwC1FU7BFEibcvvaLnqCZjwwzsZPb41VJH0HBaLPi0tL6IZq7WHRB0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f6898ba3ea0726f-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2996&min_rtt=2687&rtt_var=940&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5331&recv_bytes=6361&delivery_rate=959&cwnd=12000&unsent_bytes=0&cid=7793de749ba2e98b&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/a44ad/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ Frame B0E1
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/a44ad/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f6898ba98ec43d6-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 13:11:16 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
suurl5.php
youradexchange.com/script/
1 KB
2 KB
Fetch
General
Full URL
https://youradexchange.com/script/suurl5.php?r=9198862&chmob=%3F0&atag=1&cbur=0.58395357935549&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=The%20Prey%201979%20UNCUT%20vostfrMAISON.srt&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FLkWTKeCx9D&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbcdn=zjd-nmdong.xyz&ts=1734959476887&atv=57.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US81624%20bits&srs=31f07c77f8a6034e5c3b8b0c52445c17&abtg=1&aggr=3&czid=5cjbr1mglc&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0&adbv=3-cdn
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6e1ccc5e1316fc11f2bbe7646c083c2234e3e9388f23ed0a72dd71c7d953b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsZfVnmACFhx8UDXZAylmsbyQssZr%2BvcclZk1yhh%2B%2F%2BuTIOkFSWlWYuqTx234XGeZCXorzFz9Gze7syP8DDEUJyk3D853CAqhjjfBjgzaLnsLfnEF5hOWArFVhhC9G%2Be6%2BD5n9iFkSqpTWSD7VpxKS8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3346&min_rtt=2687&rtt_var=1059&sent=18&recv=15&lost=0&retrans=0&sent_bytes=6715&recv_bytes=7892&delivery_rate=25443&cwnd=12000&unsent_bytes=0&cid=7793de749ba2e98b&ts=146&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f6898ba9ee9726f-EWR
access-control-allow-origin
*
server
cloudflare
push.php
youradexchange.com/script/
0
0
Fetch
General
Full URL
https://youradexchange.com/script/push.php?r=9198854&ipp=1&mads=2&position=top&czid=5cjbr1mglc&atag=1&aggr=3&abtg=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&adbv=3-cdn&srs=31f07c77f8a6034e5c3b8b0c52445c17&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US81624%20bits&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FLkWTKeCx9D&atv=57.0&cbref=&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0a8Dpt0QiOy6pyiBQxAOuBYlwGjM%2BWbNTrPyhug8CJaJ6GAS6IFoBmt99fA%2FTsBsM0cR7v%2FG9%2FkbtvJXrcM%2FAiTyPa5a5DW9msiigMEQ0%2F4LLFPxl5qabjIfiW0g6Gnjn%2FfLqctwQKujF2PfgdGTpNo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f6898ba9eed726f-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3346&min_rtt=2687&rtt_var=1059&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6035&recv_bytes=7892&delivery_rate=25443&cwnd=12000&unsent_bytes=0&cid=7793de749ba2e98b&ts=123&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
native_render.js
superonclick.com/script/
4 KB
3 KB
Script
General
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
cf-cache-status
HIT
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
age
2748
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YImZ0WCQm9PyrrSHI3hnrs3tuzR6CnabS%2B07sp8IeIu1lf3js6UB01CYbwEE30GfvK0fYtihMLaj15XBnLSRxxWmsI623yhnPGjm%2BJnMvVBBfPIiDvW9k%2BS4OA0WELOH5lrDGMEmAH5xCfD2TAqD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 12:39:15 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
4285
server-timing
cfL4;desc="?proto=QUIC&rtt=3453&min_rtt=3219&rtt_var=835&sent=17&recv=11&lost=0&retrans=0&sent_bytes=8533&recv_bytes=4594&delivery_rate=173781&cwnd=12000&unsent_bytes=0&cid=4b75f06b29d19c3b&ts=29&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4ovz0jjHtTdkBCgVz7gCxeyVnPCUebV2No1NObRLjDwnIRLZfJUKLTsmyKqjKRZDUTYtyEkN0-WQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f6898bb2ab24265-EWR
access-control-allow-origin
*
x-goog-generation
1550052950916101
server
cloudflare
native_server.js
superonclick.com/script/
9 KB
4 KB
Script
General
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
cf-cache-status
HIT
etag
W/"51d87e9ebd831fccab6a016079a60793"
age
281
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMltfxj1BtlFyiG7mgPEWlUSQiETyv7u%2B3Urprkt%2BJHNoc1RfRM7ApBEWXtv52auTUz3sULkMJhD5fhnIfrOeNgknVFBtpwYizCuRkUUcSnwkqCf%2BxLafIRKx%2BlwDvMY4WnwYh0OQjK1B9dgf6br"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 14:06:35 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
9260
server-timing
cfL4;desc="?proto=QUIC&rtt=3453&min_rtt=3219&rtt_var=835&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4594&delivery_rate=173781&cwnd=12000&unsent_bytes=0&cid=4b75f06b29d19c3b&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC50JMhuBtIBWEbqXvkYHflOJ1CUyRnyBjgk8sCZ3JokuPjGJ4pcQ2cL8Do_94DPF5klhGUgq0AviQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f6898bb2ab54265-EWR
access-control-allow-origin
*
x-goog-generation
1550052952705094
server
cloudflare
ut.js
zjd-nmdong.xyz/script/
65 KB
25 KB
Script
General
Full URL
https://zjd-nmdong.xyz/script/ut.js?cb=1734959476943
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
cf-cache-status
HIT
etag
W/"4afa2ac99f97331dc98263d49022a958"
age
1261
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMbDLASUJm5mZsIaBNjrnXQVrk3CB8tJXY9xrTDUWWdNa2b%2FdP9I3rv1zn8Z6cd5JCvYEFQnW%2FN9FVGNbw1hBMxXc2O8R4I473%2B68VXBQJPSwusug%2FtjNbyqmyaQ1GwhqEEIUkxmDm5I1bTlsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 13:07:07 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
66473
server-timing
cfL4;desc="?proto=QUIC&rtt=8589&min_rtt=3458&rtt_var=4868&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4191&recv_bytes=4321&delivery_rate=168582&cwnd=12000&unsent_bytes=0&cid=c577e4966ed94278&ts=36&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:16 GMT
content-type
text/javascript
last-modified
Mon, 02 Dec 2024 08:21:47 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4eCvydlm2rArMMgpRduyF-QWwsXHmGUtUrkiRit8r-nO5YK4_oUyhDCaI8XzzP9FXff_WLDoM
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f6898bb2eeb42e4-EWR
access-control-allow-origin
*
x-goog-generation
1733127707295818
server
cloudflare
hb.php
pubtrky.com/ut/
0
648 B
Ping
General
Full URL
https://pubtrky.com/ut/hb.php?cb=0.2558836001799778&v=1
Requested by
Host: zjd-nmdong.xyz
URL: https://zjd-nmdong.xyz/script/ut.js?cb=1734959476943
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:86c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vkmitn5uKQNlctXsRBWF7d0IIxgYWitnWtIpqOUh4f32A05xQ5OX5VRC02NQNxSHMMLv2pJX0oCUSNolWkT1ztlJra6sCHX%2Fni5qy7Nq9tN9ZKPAR9gh4D3ChTHQswNKHElYNgc7aLv62Q%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f6898bb98317c93-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3931&min_rtt=3385&rtt_var=900&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4227&recv_bytes=5748&delivery_rate=980&cwnd=12000&unsent_bytes=0&cid=dea0e3d676ad6072&ts=67&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:17 GMT
server
cloudflare
priority
u=4,i
rum
vikingf1le.us.to/cdn-cgi/
0
144 B
XHR
General
Full URL
https://vikingf1le.us.to/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:6001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://vikingf1le.us.to/f/LkWTKeCx9D

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST,OPTIONS
cf-ray
8f6898bc7ea95e65-EWR
access-control-allow-origin
https://vikingf1le.us.to
date
Mon, 23 Dec 2024 13:11:17 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
identify.html
ufpcdn.com/script/ Frame FFC3
0
0
Document
General
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f6898bccd484294-EWR
content-encoding
zstd
content-type
text/html
date
Mon, 23 Dec 2024 13:11:17 GMT
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5eAw7wBDKIeEwpdVRLMZk9bpxrLPW1hTWQ8pqUgaPtgfevEy7JEVFUrxzakRZL64SxHBb2ZiocyGo3og0GfF%2BqBKy%2Fs63ydYzlbW8Lk5WnIiQ8hKpqy4fAQDg5pSHMz%2F%2BDzPEu1FsW6G"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=5954&min_rtt=2815&rtt_var=6667&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4501&delivery_rate=1014&cwnd=12000&unsent_bytes=0&cid=9943c2de15759d8c&ts=134&x=1" cfExtPri cfHdrFlush;dur=0
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
0
Other
General
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Protocol
H3
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
1636
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AH6woJn%2Fo3dERVN843M0zni5Lz8cBncPNGnIRMXr0CTiRj%2BMshANVoZjBc4Xhiiv4XJ3TWRWTBehmgos1vWTmKGSQ1Di0tA0HnjskJpdutXDTeyEC8GVATAPECmcFo%2BUDNOyC0vThhtBUuYeKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898bc5ed042eb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
EXPIRED
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e8vKtH7N1eGmnvztGl6XcBe57I7ZYLQhJV0p1GFptjks%2BkF51FBvcmILRIno3Bc9a9JAFMrki5N89fi67qwS5TM8%2F1WAoF%2Btgx%2Btiw3XGPApF0b%2BLWKRGs2jnAf0%2Bn%2B5Rqdu52APAVw%2F7Pla5KMv"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6898b9fea75e65-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
native.php
discovernative.com/script/
1 KB
1 KB
Script
General
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.23583401764418066&cbWidth=1600&cbHeight=1200&cbtitle=The%20Prey%201979%20UNCUT%20vostfrMAISON.srt&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&ufp=18133158221052009359115922174&callback=jsonp616727
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b643548572e1cc3e7fe37b93be6f686918bf55bd690f5b466537be93f1b09f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWxJmKTVFZMeDEFq2a1qodA8NrOfOBYwDOoXbrOn0ylr7kUAH0s5ZjCZKlEH973jHWgYMPGMCzhyLKP5CxiBSfb%2FpGRmxuo23Vltny72%2FHoWin6FccdeYRn9ulmERg0wJOEVAJy08sT0VU5qSu3%2Bgas%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f6898bdfc0bc324-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
server
cloudflare
access-control-allow-headers
Content-Type
native.php
discovernative.com/script/
0
436 B
Script
General
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.23583401764418066&cbWidth=1600&cbHeight=1200&cbtitle=The+Prey+1979+UNCUT+vostfrMAISON.srt&cbref=&cbdescription=Share+large+files+anonymously.+No+mail+required.+No+speed+limit.&cbkeywords=file+hosting%2C+cloud+hosting%2C+secure+file+sharing%2C+anonymous+file+sharing%2C+large+file+sharing%2C+no+mail+required%2C+no+speed+limit%2C+fast+file+sharing%2C+reliable+file+sharing&cbiframe=0&callback=jsonp616727&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US81624%20bits
Requested by
Host: discovernative.com
URL: https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.23583401764418066&cbWidth=1600&cbHeight=1200&cbtitle=The%20Prey%201979%20UNCUT%20vostfrMAISON.srt&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&ufp=18133158221052009359115922174&callback=jsonp616727
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:1001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJ4aJPcsuArQG1vgG4QESSbJ1DpE32Lxp0Vrjwmv2i6Nqxwe1YwRTC7blHkkMLJSLxaN09fW9jW3ThIK9f8gfMkBGbLqc%2FTE%2BGDrgkE19xmeNW2No6jIZWFigdAX4T5T7kV7c49jNly%2BjBSJYVf5MOE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f6898be5c0cc324-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 13:11:17 GMT
server
cloudflare
access-control-allow-headers
Content-Type
push.php
youradexchange.com/script/
0
0
Fetch
General
Full URL
https://youradexchange.com/script/push.php?r=9198854&ipp=1&mads=2&position=top&czid=5cjbr1mglc&atag=1&aggr=3&abtg=1&rbd=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&adbv=3-cdn&srs=31f07c77f8a6034e5c3b8b0c52445c17&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US81624%20bits&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FLkWTKeCx9D&atv=57.0&cbref=&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/LkWTKeCx9D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7R9TGqh0zqJXjgULWHzvFd9ko9ME0f%2BfqrGqDQuBRg%2BQpmt%2F3n2TxubInKlwj7ncIenlHd6W037oZCU9bYqOEhTVfiV%2Bvre%2F3mKkgB7tGeBME7yIHIjO69MAb72fBr9QHUlOLnnoFNWQxntCvTnpdys%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f6898f97c53726f-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3488&min_rtt=2687&rtt_var=1048&sent=21&recv=18&lost=0&retrans=0&sent_bytes=8528&recv_bytes=8556&delivery_rate=94932&cwnd=12000&unsent_bytes=0&cid=7793de749ba2e98b&ts=10188&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 13:11:27 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| qB5HtM function| showCaptcha object| adcashMacros object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers function| cloudflareCallback object| files object| links function| getServer function| uploadNextLink function| uploadNextFile function| formatFileSize object| turnstile object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach function| native_request object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative boolean| user_engagement1223 string| utsid-send string| zone object| adcashUfp function| jsonp616727

1 Cookies

Domain/Path Name / Value
vikingf1le.us.to/ Name: adcashufpv3
Value: 18133158221052009359115922174

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
discovernative.com
pagead2.googlesyndication.com
pubtrky.com
static.cloudflareinsights.com
superonclick.com
ufpcdn.com
vikingf1le.us.to
vikingfile.com
youradexchange.com
zjd-nmdong.xyz
2606:4700:3030::6815:1001
2606:4700:3030::6815:5bbc
2606:4700:3030::6815:6001
2606:4700:3034::6815:86c
2606:4700:3034::ac43:b557
2606:4700:3037::6815:293c
2606:4700:3037::ac43:8e31
2606:4700::6810:5049
2606:4700::6812:5e29
2607:f8b0:4006:821::2002
195c7e8c4f64c1fc3abac808ac18b81db1400e71d6439b6c5e976298df1b90f3
2b643548572e1cc3e7fe37b93be6f686918bf55bd690f5b466537be93f1b09f6
4b727371a3604524116d8bf0e8b049f05fe9217ffdda14d0defd3891128731cc
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32
b7e8d07eb62e09c0dea5f53b23d55e362e4e8877ede390427cbeb746bea7d5d6
bf6e1ccc5e1316fc11f2bbe7646c083c2234e3e9388f23ed0a72dd71c7d953b5
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e9c692595ca3860b557a48d0b0f7486202586b05a68f818187010bdce970ec