urlscan.io logo urlscan.io
SecurityTrails logo

vikingf1le.us.to Open in urlscan Pro
2606:4700:3030::6815:7001  Public Scan

Go To Rescan Add Verdict Report
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Submission: On December 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 11 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3030::6815:7001, located in United States and belongs to CLOUDFLARENET, US. The main domain is vikingf1le.us.to.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time vikingf1le.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 6 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
21 12
6    2606:4700:3030::6815:7001 (United States)

ASN13335 (CLOUDFLARENET, US)
vikingf1le.us.to
4    2606:4700:3030::6815:5001 (United States)

ASN13335 (CLOUDFLARENET, US)
vikingfile.com
4    2606:4700:3030::6815:5bbc (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
2    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2606:4700:3034::ac43:b557 (United States)

ASN13335 (CLOUDFLARENET, US)
zjd-nmdong.xyz
2    2606:4700:3037::ac43:bd78 (United States)

ASN13335 (CLOUDFLARENET, US)
superonclick.com
1    2606:4700:3032::ac43:bc6e (United States)

ASN13335 (CLOUDFLARENET, US)
pubtrky.com
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    2606:4700:3030::6815:4001 (United States)

ASN13335 (CLOUDFLARENET, US)
discovernative.com
Apex Domain
Subdomains		 Transfer
6 us.to
vikingf1le.us.to
58 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31478
3 KB
4 vikingfile.com
vikingfile.com
7 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 discovernative.com
discovernative.com — Cisco Umbrella Rank: 486360
2 KB
2 superonclick.com
superonclick.com — Cisco Umbrella Rank: 300927
7 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 520175
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 33025
660 B
1 zjd-nmdong.xyz
zjd-nmdong.xyz
25 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
21 11
Domain Requested by
6 vikingf1le.us.to 4 redirects static.cloudflareinsights.com
4 youradexchange.com vikingf1le.us.to
4 vikingfile.com vikingf1le.us.to
3 challenges.cloudflare.com 1 redirects vikingf1le.us.to
challenges.cloudflare.com
2 discovernative.com vikingf1le.us.to
discovernative.com
2 superonclick.com vikingf1le.us.to
1 ufpcdn.com superonclick.com
1 pubtrky.com zjd-nmdong.xyz
1 zjd-nmdong.xyz vikingf1le.us.to
1 static.cloudflareinsights.com vikingf1le.us.to
1 pagead2.googlesyndication.com vikingf1le.us.to
21 11

This site contains links to these domains. Also see Links.

Domain
discovernative.com
ceveq.click
Subject Issuer Validity Valid
vikingf1le.us.to
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
youradexchange.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
zjd-nmdong.xyz
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
superonclick.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
pubtrky.com
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
ufpcdn.com
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh
discovernative.com
WE1		 2024-12-22 -
2025-03-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://vikingf1le.us.to/f/VLNzH4iYTc
Frame ID: 8ED8768FED3CC8D2E6E960E58C2CE806
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/bx6tw/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Frame ID: B23634052D599FBC7C23520724A80408
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 0490AF3B0C2D705B3C2C565380173C21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[DKB] Bleach - Sennen Kessen-hen - 38 [1080p][HEVC x265 10bit][Multi-Subs].mkv

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

76 %
HTTPS

100 %
IPv6

11
Domains

11
Subdomains

12
IPs

1
Countries

175 kB
Transfer

536 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css HTTP 301
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Request Chain 1
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js HTTP 301
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Request Chain 3
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Request Chain 16
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request VLNzH4iYTc
vikingf1le.us.to/f/ 		187 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:7001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17c030dbeec1fea1a4e688ed0624fea0dacfd6755395bc53775145432792240

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8f677d99ab5c443e-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 09:58:00 GMT
expires
Mon, 23 Dec 2024 09:58:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9CcW9NxANkYt8oMGpR8KKnkfhnsYAYE7cGQAQY95zWT8MYQkEXFKqvFiqXZAa671WFjSny%2Fgc2SC7WMan5O8Q0T3JTLthErPmnsmMGfJIs2sWMZxiVrPJN%2FtmaC%2FNeB1OvFi0s6ErCLJ5ohX%2BU%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=8598&min_rtt=8491&rtt_var=1384&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2395&delivery_rate=461324&cwnd=254&unsent_bytes=0&cid=1abe32bea766adb3&ts=611&x=0"
vary
accept-encoding
app-8d25417b523b1c5329702f7be101aa30.css
vikingfile.com/assets/styles/
Redirect Chain
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e9c692595ca3860b557a48d0b0f7486202586b05a68f818187010bdce970ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6762db00-11ba"
age
1568
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u2KrYJnPTdziZoIy%2FYCESAmHKxOTDZB8vfnz8Ud8luGBmkd9N%2BQHjl5c8IB54KBFIgVz7LN3FmZZDwsSjQkBAao7IN4qJubMZZp2lDlZq1qE72lubzEbZa5nOirHaKLH2U1vAzxgJhX4CMKeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9e484c0fa5-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 14:24:00 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
cf-cache-status
HIT
age
572
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKJoktBWCFafQdXdtxHozzd7WEvAbGE4qloR0hkH5AR6Qx3JnYeo9Ybx78oQxZKCtghP2%2BfCkNFfW1j52%2FSbh2HlsLlVFr4VQ8mbeaYTek3Iueh1YFgZsn%2FtRnMTUquVu01Ab5d9uWmEaxdgkPpI"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9dad97443e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10554&min_rtt=8491&rtt_var=3704&sent=26&recv=20&lost=0&retrans=0&sent_bytes=19702&recv_bytes=2649&delivery_rate=1376736&cwnd=254&unsent_bytes=0&cid=1abe32bea766adb3&ts=665&x=0"
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
custom-0b295c18913e200a4e6c987fa3eedf57.js
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6749c703-2e34"
age
1568
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krEL3R0uK69wLKnbaq7%2F%2F9tOiQEwX2H0Z66mru70OSudZZudzEdBdj%2F30WASwNNlrius04EL3sL86V54oAbIcNIRNkMy6usSlOai6uOitr%2BYerHBcZW%2FyHLwF9ieKEjzAkrhwSy4RMdzOWMgsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9e484d0fa5-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:52:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
cf-cache-status
HIT
age
572
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qo%2F0uorkilzstvBmP2CZg%2BlK9tXe47pPyv6tlZGiuXCUA426vF%2F71xCABuhYlfk0yNKowAk%2FLtNn6x6mykklbjG5Q0t7nrZtPOn6pWXjIwDahUeuWtuHeRzS4txis9HBAgHBIj%2FQITsmupJKZTa%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9dad99443e-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10554&min_rtt=8491&rtt_var=3704&sent=28&recv=20&lost=0&retrans=0&sent_bytes=20466&recv_bytes=2649&delivery_rate=1376736&cwnd=254&unsent_bytes=0&cid=1abe32bea766adb3&ts=666&x=0"
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
czcf.php
youradexchange.com/ad/ 		891 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ad/czcf.php?cz=5cjbr1mglc&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e8d07eb62e09c0dea5f53b23d55e362e4e8877ede390427cbeb746bea7d5d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grhnsbNh2Y98K2xN6F4hmDLrffzKrWWOgYxP3U7bQj%2BqlPO%2FLHRl2O37FVHZc5Fm6hW1AQ7U%2BJ4gtMXkUQuIm1eFhHRMP8hofAlotpoTmDpTySQNRzLrMZnBHE5wQhKFpEaiA4Txa5OJqqEZkzfVKgU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9893&min_rtt=8879&rtt_var=2089&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4205&recv_bytes=5181&delivery_rate=806&cwnd=12000&unsent_bytes=0&cid=4bba2e1995060cb8&ts=64&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/html; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f677d9eed49439d-EWR
access-control-allow-origin
*
server
cloudflare
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
5119
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2B2fLiG3FVI1BrHSJRL91PDr9U1Oa7WstyIprooxQqEv%2B5YAmKDWp0G5i2VVILUYmBwyvYzyTIe8tnR107Jk0%2BCX%2FRu4So0ArhFagnnzBJWuPpaVu%2BiMHnGORqpLLAaATIBXysJcnWaRxwIxOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9ef84f0fa5-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
571
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UedrfUP4XK9%2FBKMq6zxd57GkL1J7XBNejlZfaSgSR0a8oMeAp09hEpgq76r8eUUbnApVjAUT7I9Jyzhxi2KG5uHg8FMkf3KOzs%2FABd250jxTD%2FKdpKSYodF8DxmnmiM8X%2FEBjoJ7Et0cjF44PYyQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9ecf8643cb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f677d9f1e3b41e0-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/787bc399e22f/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8f677d9eee1d41e0-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 23 Dec 2024 09:58:00 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
888bb7009bbd08132bc82e7af4fe92d3019f5f11d64460fd7fbc1ce133fae18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
br
etag
6286616590151581807
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 09:58:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53250
x-xss-protection
0
server
cafe
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vikingf1le.us.to
Referer
https://vikingf1le.us.to/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f677d9efec842b0-EWR
access-control-allow-origin
*
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
banner.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/banner.php?r=9198926&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FVLNzH4iYTc&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbtitle=%5BDKB%5D%20Bleach%20-%20Sennen%20Kessen-hen%20-%2038%20%5B1080p%5D%5BHEVC%20x265%2010bit%5D%5BMulti-Subs%5D.mkv&srs=71ee8c7f2f811d453c98672b15cfd228&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&atv=57.0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZa49Rzvr9IpyFjehZEOA%2ByuFcVcnebmtqm9hXCbD%2BGQcdfdR75ca4BT4MO6LpzxiS1hDnDvvxndYKaubi6ne2aC72L2FHaSwp6pM8VPR%2FQpQ5GjsPAr3Wu2bRUfz2tYoySBRW2CQ%2BIpyJiNl8T0s1s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f677d9efd4b439d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9893&min_rtt=8879&rtt_var=2089&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5270&recv_bytes=5181&delivery_rate=806&cwnd=12000&unsent_bytes=0&cid=4bba2e1995060cb8&ts=81&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/bx6tw/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ Frame B236 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/bx6tw/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f677d9f69124307-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 09:58:00 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
suurl5.php
youradexchange.com/script/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=9198862&chmob=%3F0&atag=1&cbur=0.9117081893040473&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=%5BDKB%5D%20Bleach%20-%20Sennen%20Kessen-hen%20-%2038%20%5B1080p%5D%5BHEVC%20x265%2010bit%5D%5BMulti-Subs%5D.mkv&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FVLNzH4iYTc&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbcdn=zjd-nmdong.xyz&ts=1734947880852&atv=57.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&srs=71ee8c7f2f811d453c98672b15cfd228&abtg=1&aggr=3&czid=5cjbr1mglc&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0&adbv=3-cdn
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd8c17a4e6ae93ec36fb3392e3ce37b93b8ed2bea4aa9b07b9db91ad6182af75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DRQg%2B7eCo%2FLl2Jp77C2j37xp5vtP5aMLfuBY9%2F%2F41GXlFkBEQrISuwrG9klOmJ6mMqkgwtO9cuOEnf9mwUDzVzFoc73EFBk98o4U0onEAl4gPuFRk%2BN5HLVPYt7yjfU5lEWqzS09vuyjXJLEbGzA9w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10369&min_rtt=8879&rtt_var=2507&sent=18&recv=15&lost=0&retrans=0&sent_bytes=6676&recv_bytes=6804&delivery_rate=20032&cwnd=12000&unsent_bytes=0&cid=4bba2e1995060cb8&ts=181&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f677d9f5d9f439d-EWR
access-control-allow-origin
*
server
cloudflare
push.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/push.php?r=9198854&ipp=1&mads=2&position=top&czid=5cjbr1mglc&atag=1&aggr=3&abtg=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&adbv=3-cdn&srs=71ee8c7f2f811d453c98672b15cfd228&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FVLNzH4iYTc&atv=57.0&cbref=&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFOm1kgMBfbo7fQyxr1jmneeiSoo8CIWO6nOdFZ0OUIGIxSrmfH6EFlE76GCIZ1Zhrjx%2FZu3FDYe7%2FPPG5xk5oz7bQn3tiukgvesV%2FRicO3NnxL3%2Bql%2FMC64e0nPJBGQDvQSM3xl%2F7t8YZU%2BDKg8qKw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f677d9f5da1439d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10544&min_rtt=8879&rtt_var=2877&sent=17&recv=14&lost=0&retrans=0&sent_bytes=5992&recv_bytes=6760&delivery_rate=22942&cwnd=12000&unsent_bytes=0&cid=4bba2e1995060cb8&ts=135&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
ut.js
zjd-nmdong.xyz/script/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zjd-nmdong.xyz/script/ut.js?cb=1734947880853
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
cf-cache-status
HIT
etag
W/"4afa2ac99f97331dc98263d49022a958"
age
468
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxAXBVB8A0t8Iwl5fuNcgf621nLdY8%2FNpl5GpEVYuMx%2FPkmrHB8NJr4l%2F84XYu5DR%2FuIX575CfW2lmjQiwx%2Fhrvfy%2BbybAKgYFoPYQdVNmrDQEgU7Al2tXaQRO4zADl6gjnDTb64oHFchsM4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 09:52:08 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
66473
server-timing
cfL4;desc="?proto=TCP&rtt=8577&min_rtt=8373&rtt_var=1645&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4002&recv_bytes=2243&delivery_rate=453810&cwnd=253&unsent_bytes=0&cid=edfd45103cf1495a&ts=40&x=0"
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/javascript
last-modified
Mon, 02 Dec 2024 08:21:47 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC4eCvydlm2rArMMgpRduyF-QWwsXHmGUtUrkiRit8r-nO5YK4_oUyhDCaI8XzzP9FXff_WLDoM
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f677d9faeaf4366-EWR
access-control-allow-origin
*
x-goog-generation
1733127707295818
server
cloudflare
native_render.js
superonclick.com/script/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
cf-cache-status
HIT
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
age
1976
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXDKYJc3%2FLgxMzIcy2Aib8MqWpk6aO9R6Qa%2FbJ4RAHA1RoZonhG%2F8qKwEmMe6nUb%2FF5i9gytKfvRW4fWXAyJsDpE%2B2WnmCvLofs3M4rwd6HLY9rxmkSCtL%2Fe6hXYLeTbRs9x%2FSq2wszPXtVHNsW2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 10:25:04 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
4285
server-timing
cfL4;desc="?proto=QUIC&rtt=8629&min_rtt=8539&rtt_var=1877&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4544&delivery_rate=68150&cwnd=12000&unsent_bytes=0&cid=2c6152e78807e372&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4ovz0jjHtTdkBCgVz7gCxeyVnPCUebV2No1NObRLjDwnIRLZfJUKLTsmyKqjKRZDUTYtyEkN0-WQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f677d9fdf8c0f39-EWR
access-control-allow-origin
*
x-goog-generation
1550052950916101
server
cloudflare
native_server.js
superonclick.com/script/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
cf-cache-status
HIT
etag
W/"51d87e9ebd831fccab6a016079a60793"
age
3119
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3pv8cLlg5JMR4%2F52wF2ht4Bj%2BuiJQV0FLy6oXQHMSs%2FOgesTZ6WwB9jpwVba0QnvoIalnW69hg9KqIbhi%2FLNyiLvCUCLo21C%2FimzkzpJcmevu3kaANDfgr6HOAkv7F%2BC9%2BLisytRcG7dDD5kK8B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 09:55:32 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
9260
server-timing
cfL4;desc="?proto=QUIC&rtt=8629&min_rtt=8539&rtt_var=1877&sent=15&recv=10&lost=0&retrans=0&sent_bytes=7023&recv_bytes=4544&delivery_rate=68150&cwnd=12000&unsent_bytes=0&cid=2c6152e78807e372&ts=27&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC50JMhuBtIBWEbqXvkYHflOJ1CUyRnyBjgk8sCZ3JokuPjGJ4pcQ2cL8Do_94DPF5klhGUgq0AviQ
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f677d9fdf8b0f39-EWR
access-control-allow-origin
*
x-goog-generation
1550052952705094
server
cloudflare
hb.php
pubtrky.com/ut/ 		0
660 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pubtrky.com/ut/hb.php?cb=0.5987892071007088&v=1
Requested by
Host: zjd-nmdong.xyz
URL: https://zjd-nmdong.xyz/script/ut.js?cb=1734947880853
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:bc6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h44fYCdF34ca3oJRJISb9GT8fS7HKCK5H3c%2BC9C31n7XUjL%2Bret%2BO%2BwH%2BQOz4Gchmx9PIP8vFMk9k9fTJItq34fNGwXcC9G1O%2ByQXM4UdbHSOaAkIfZ%2FnmgLhSQA%2FpDeSI6NFEnPxn1X6g%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f677da06cdd436d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8996&min_rtt=8772&rtt_var=1594&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4128&recv_bytes=5762&delivery_rate=827&cwnd=12000&unsent_bytes=0&cid=9c3ce4f9b5abd3b9&ts=67&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 09:58:01 GMT
server
cloudflare
priority
u=4,i
rum
vikingf1le.us.to/cdn-cgi/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:7001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://vikingf1le.us.to/f/VLNzH4iYTc

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST,OPTIONS
cf-ray
8f677da00f8743cb-EWR
access-control-allow-origin
https://vikingf1le.us.to
date
Mon, 23 Dec 2024 09:58:00 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Protocol
H3
Server
2606:4700:3030::6815:5001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
5119
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2B2fLiG3FVI1BrHSJRL91PDr9U1Oa7WstyIprooxQqEv%2B5YAmKDWp0G5i2VVILUYmBwyvYzyTIe8tnR107Jk0%2BCX%2FRu4So0ArhFagnnzBJWuPpaVu%2BiMHnGORqpLLAaATIBXysJcnWaRxwIxOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9ef84f0fa5-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
571
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UedrfUP4XK9%2FBKMq6zxd57GkL1J7XBNejlZfaSgSR0a8oMeAp09hEpgq76r8eUUbnApVjAUT7I9Jyzhxi2KG5uHg8FMkf3KOzs%2FABd250jxTD%2FKdpKSYodF8DxmnmiM8X%2FEBjoJ7Et0cjF44PYyQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8f677d9ecf8643cb-EWR
alt-svc
h3=":443"; ma=86400
date
Mon, 23 Dec 2024 09:58:00 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
identify.html
ufpcdn.com/script/ Frame 0490 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f677da18cc84241-EWR
content-encoding
zstd
content-type
text/html
date
Mon, 23 Dec 2024 09:58:01 GMT
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhgiRNTPh5SMqyXP07UR7X8hwLkWfT4E6OJZm05NuX6N%2BX0VAuz61cXN7nS9nQ48auDZgNTTzaxMpVPooXQsHS6DtrUcJy6PRHtW33zZc%2FR58CgZ2MV8102mYcr9cAhGLKYNNGW7MfLu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=9004&min_rtt=8719&rtt_var=1594&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4453&delivery_rate=816&cwnd=12000&unsent_bytes=0&cid=48f37bfa0c84014e&ts=113&x=1" cfExtPri cfHdrFlush;dur=0
native.php
discovernative.com/script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.9322966135168582&cbWidth=1600&cbHeight=1200&cbtitle=%5BDKB%5D%20Bleach%20-%20Sennen%20Kessen-hen%20-%2038%20%5B1080p%5D%5BHEVC%20x265%2010bit%5D%5BMulti-Subs%5D.mkv&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&ufp=21541095719444201271879084167&callback=jsonp874684
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/VLNzH4iYTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f55b2bf921717897f1b5c9b98107ee2a575117fc79a36131623119b19103ca1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s66uaZcrVZVoWhB51tfnXl9Afz%2Fig01VxMYKByxbCKxzmLbGcwSSCPnS%2Bso3RPRjafBkDoMWZSSPfaaTuMG3TrhRAIcJ%2BEi%2FfGc%2BjMHWNrqlRH4MPZuTVgzl2bwQgQAO3kSPzpMmCcG0vkM%2BdJioFnY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f677da29fe1728a-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9494&min_rtt=8666&rtt_var=2603&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2610&delivery_rate=348953&cwnd=254&unsent_bytes=0&cid=469a5b6d39b8dc5d&ts=66&x=0"
date
Mon, 23 Dec 2024 09:58:01 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
server
cloudflare
access-control-allow-headers
Content-Type
native.php
discovernative.com/script/ 		0
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.9322966135168582&cbWidth=1600&cbHeight=1200&cbtitle=%5BDKB%5D+Bleach+-+Sennen+Kessen-hen+-+38+%5B1080p%5D%5BHEVC+x265+10bit%5D%5BMulti-Subs%5D.mkv&cbref=&cbdescription=Share+large+files+anonymously.+No+mail+required.+No+speed+limit.&cbkeywords=file+hosting%2C+cloud+hosting%2C+secure+file+sharing%2C+anonymous+file+sharing%2C+large+file+sharing%2C+no+mail+required%2C+no+speed+limit%2C+fast+file+sharing%2C+reliable+file+sharing&cbiframe=0&callback=jsonp874684&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits
Requested by
Host: discovernative.com
URL: https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.9322966135168582&cbWidth=1600&cbHeight=1200&cbtitle=%5BDKB%5D%20Bleach%20-%20Sennen%20Kessen-hen%20-%2038%20%5B1080p%5D%5BHEVC%20x265%2010bit%5D%5BMulti-Subs%5D.mkv&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&ufp=21541095719444201271879084167&callback=jsonp874684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI3SbooUQeWtuENMsaYSpVIp87ADSgIuE9Nrh%2FDqBM70SJyNKKik3cIQANNf6XD3awGIPc5GyUpeSKljwxfu23T6gBB%2BNFhJ0tH2uT3cwPKdCgY169oLzFg4uEcvPYCrdMG05W5peMvAx3NH6YH6cI0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f677da2f80c728a-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=9811&min_rtt=8658&rtt_var=2451&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5542&recv_bytes=3133&delivery_rate=348953&cwnd=257&unsent_bytes=0&cid=469a5b6d39b8dc5d&ts=127&x=0"
date
Mon, 23 Dec 2024 09:58:01 GMT
server
cloudflare
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| KzEs0KPBEpD function| showCaptcha object| adcashMacros object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers function| cloudflareCallback object| files object| links function| getServer function| uploadNextLink function| uploadNextFile function| formatFileSize object| turnstile object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint boolean| user_engagement1222 string| utsid-send object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach function| native_request string| zone object| adcashUfp function| jsonp874684

1 Cookies

Domain/Path Name / Value
vikingf1le.us.to/ Name: adcashufpv3
Value: 21541095719444201271879084167

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
discovernative.com
pagead2.googlesyndication.com
pubtrky.com
static.cloudflareinsights.com
superonclick.com
ufpcdn.com
vikingf1le.us.to
vikingfile.com
youradexchange.com
zjd-nmdong.xyz
2606:4700:3030::6815:2ed2
2606:4700:3030::6815:4001
2606:4700:3030::6815:5001
2606:4700:3030::6815:5bbc
2606:4700:3030::6815:7001
2606:4700:3032::ac43:bc6e
2606:4700:3034::ac43:b557
2606:4700:3037::ac43:bd78
2606:4700::6810:4f49
2606:4700::6812:5e29
2606:4700::6812:5f29
2607:f8b0:4004:c19::9a
4f55b2bf921717897f1b5c9b98107ee2a575117fc79a36131623119b19103ca1
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
888bb7009bbd08132bc82e7af4fe92d3019f5f11d64460fd7fbc1ce133fae18f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32
b7e8d07eb62e09c0dea5f53b23d55e362e4e8877ede390427cbeb746bea7d5d6
bd8c17a4e6ae93ec36fb3392e3ce37b93b8ed2bea4aa9b07b9db91ad6182af75
e17c030dbeec1fea1a4e688ed0624fea0dacfd6755395bc53775145432792240
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e9c692595ca3860b557a48d0b0f7486202586b05a68f818187010bdce970ec