urlscan.io logo urlscan.io
SecurityTrails logo

vikingf1le.us.to Open in urlscan Pro
104.21.16.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Submission: On December 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 21 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is vikingf1le.us.to.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.
This is the only time vikingf1le.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 6 104.21.16.1 13335 (CLOUDFLAR...)
4 104.21.48.1 13335 (CLOUDFLAR...)
1 3 104.18.94.41 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
4 172.67.177.214 13335 (CLOUDFLAR...)
1 209.85.201.157 15169 (GOOGLE)
1 104.21.3.144 13335 (CLOUDFLAR...)
2 172.67.189.120 13335 (CLOUDFLAR...)
1 172.67.188.110 13335 (CLOUDFLAR...)
1 104.21.46.210 13335 (CLOUDFLAR...)
2 104.21.64.1 13335 (CLOUDFLAR...)
21 11
6    104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)
vikingf1le.us.to
4    104.21.48.1 (None, )

ASN13335 (CLOUDFLARENET, US)
vikingfile.com
3    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    172.67.177.214 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
1    209.85.201.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f157.1e100.net
pagead2.googlesyndication.com
1    104.21.3.144 (None, )

ASN13335 (CLOUDFLARENET, US)
wgvqa.club
2    172.67.189.120 (United States)

ASN13335 (CLOUDFLARENET, US)
superonclick.com
1    172.67.188.110 (United States)

ASN13335 (CLOUDFLARENET, US)
pubtrky.com
1    104.21.46.210 (None, )

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    104.21.64.1 (None, )

ASN13335 (CLOUDFLARENET, US)
discovernative.com
Apex Domain
Subdomains		 Transfer
6 us.to
vikingf1le.us.to
58 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 31478
3 KB
4 vikingfile.com
vikingfile.com
7 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 discovernative.com
discovernative.com — Cisco Umbrella Rank: 486360
2 KB
2 superonclick.com
superonclick.com — Cisco Umbrella Rank: 300927
7 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 520175
1 pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 33025
641 B
1 wgvqa.club
wgvqa.club
25 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
52 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
21 11
Domain Requested by
6 vikingf1le.us.to 4 redirects static.cloudflareinsights.com
4 youradexchange.com vikingf1le.us.to
4 vikingfile.com vikingf1le.us.to
3 challenges.cloudflare.com 1 redirects vikingf1le.us.to
challenges.cloudflare.com
2 discovernative.com vikingf1le.us.to
discovernative.com
2 superonclick.com vikingf1le.us.to
1 ufpcdn.com superonclick.com
1 pubtrky.com wgvqa.club
1 wgvqa.club vikingf1le.us.to
1 pagead2.googlesyndication.com vikingf1le.us.to
1 static.cloudflareinsights.com vikingf1le.us.to
21 11

This site contains links to these domains. Also see Links.

Domain
discovernative.com
gglnntqufw.life
Subject Issuer Validity Valid
vikingf1le.us.to
WE1		 2024-12-04 -
2025-03-04		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
youradexchange.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
wgvqa.club
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
superonclick.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
pubtrky.com
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
ufpcdn.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
discovernative.com
WE1		 2024-10-24 -
2025-01-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://vikingf1le.us.to/f/CBFmeS6XC1
Frame ID: 92A3D5DC9146D6C83A4CFA1BBFE9B728
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/97kyr/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Frame ID: 2C3B6E5A87C132E4DE98B506A8CDB684
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: B0A8D1FA871B8CD267ED4B985F0B7838
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

game-swat.4.gold.edition-(54515).rar

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

76 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

175 kB
Transfer

536 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css HTTP 301
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Request Chain 1
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js HTTP 301
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Request Chain 2
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Request Chain 16
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico HTTP 301
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CBFmeS6XC1
vikingf1le.us.to/f/ 		187 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4004cc0bdb0d07d8084ba8fd18923e875b15a57c4153142ad0b0f2dd72efc810

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8f44d05a1fc1b0ca-ATL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 04:57:48 GMT
expires
Thu, 19 Dec 2024 04:57:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRmp9mcgPb%2FxxDclFqbYCIc0uPRBBfIM9wr2w%2BirPYrEjGGJZgYAgivch7hr%2FyayM6YHZBVM9NQdGiHXim54yAgb46FsGlCDSzf4tBJb%2FIJCVDJpB5%2BB6YcI9VXGQI8LYZUh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=903&min_rtt=882&rtt_var=162&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2395&delivery_rate=4606574&cwnd=253&unsent_bytes=0&cid=1f74bdfe7991e4f8&ts=640&x=0"
vary
accept-encoding
app-8d25417b523b1c5329702f7be101aa30.css
vikingfile.com/assets/styles/
Redirect Chain
  • https://vikingf1le.us.to/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
  • https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e9c692595ca3860b557a48d0b0f7486202586b05a68f818187010bdce970ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6762db00-11ba"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXVH2X7ZtygviU%2Fu8lyAVWThTiJXo1jXrXyn2ussemC6Po0tq34uPlkbk3k6edqcMVlhmOsIXMkgYnLCFl7PaLTMCSyZnZwuwljzfOwjhtVuPN7MhPDL5upCOmAr9fV%2FPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d05f5c6853f0-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 14:24:00 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/styles/app-8d25417b523b1c5329702f7be101aa30.css
cf-cache-status
HIT
age
41
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7XU9EWA0Sk4KXTSB%2FAwnSKjixPOgixUc6q11Ybh%2Fl3OT9MBNClo8Djjukiq%2FJeLNNEN4HUhrkEiSAKD0B%2BhTOddiF1iGyORBMIPcxapQaFifpurA0OQW5Yhj%2B7VFF9VAVoa"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d05e9bfeb0ca-ATL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1147&min_rtt=882&rtt_var=387&sent=21&recv=20&lost=0&retrans=1&sent_bytes=21019&recv_bytes=2649&delivery_rate=10676497&cwnd=253&unsent_bytes=0&cid=1f74bdfe7991e4f8&ts=772&x=0"
date
Thu, 19 Dec 2024 04:57:48 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
custom-0b295c18913e200a4e6c987fa3eedf57.js
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
  • https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb94c528578cda2febc617f12610591a0768afe09b06f36f5431be9a1b0035d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6749c703-2e34"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zv81P1eeLRQRImrhS4nVPDBtxdyLYDcQ%2ButbHxlmTgHPI3mXUymcubQWfqzJdQ27exBMa9pstksAU2WbMUqQdqa1t%2FtCUN%2BEehLnTtZWnKU0rrWyviZVjUckUCaoHX9vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d05f5c6753f0-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 13:52:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=14400
location
https://vikingfile.com/assets/custom-0b295c18913e200a4e6c987fa3eedf57.js
cf-cache-status
HIT
age
41
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nk3B3tQrTl5FqLFxB8OBYz2ebZsJnUJpk40Js4m1wmAx1V5vc1o2PlCEJ3579zw%2B7tpiNG2YEMEHg0mYkcjqxODfyfEI%2F1fl%2FjwYr%2F%2FbT399J6kFPxCsPLfQQZIYZ%2FIux8JS"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d05e9c02b0ca-ATL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1123&min_rtt=882&rtt_var=339&sent=24&recv=21&lost=0&retrans=1&sent_bytes=21773&recv_bytes=2649&delivery_rate=10676497&cwnd=253&unsent_bytes=0&cid=1f74bdfe7991e4f8&ts=773&x=0"
date
Thu, 19 Dec 2024 04:57:48 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
866
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnDUQvC9yCpE50b6A%2BzDPo%2F38dl3VApmNzjnFb81hTJ0dAnUkqZQ2DB33rhg0Ms67aklYSibpKLcQEuVKsgrfcPmqjgdiJZ4Fwi%2FWOhQtixz6Ub0TyvPegI8Ue%2F%2FiC10aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d062ac6c53f0-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
866
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JdJ%2Bn36Tu6yIVlLLcSAxRQdAMiEvwg6SWZFVbXA53tJSy8uxr66L9vRgeL4Hv1wDflskZELCw5U%2Fl%2FZ%2Frv6RJ7qYcC5njEM%2FAIb7qchlsU%2BMUN%2BOjGOaq8gidnMpHv2YIhT"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d0625f5544d3-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
  • https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f44d062cf35454c-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/787bc399e22f/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8f44d062af18454c-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Thu, 19 Dec 2024 04:57:49 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://vikingf1le.us.to
Referer
https://vikingf1le.us.to/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8f44d062dbc406ea-ATL
access-control-allow-origin
*
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
czcf.php
youradexchange.com/ad/ 		891 B
989 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ad/czcf.php?cz=5cjbr1mglc&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e8d07eb62e09c0dea5f53b23d55e362e4e8877ede390427cbeb746bea7d5d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kl2Lj7JE7Xz5QuMRB3LKxpjFArXfMySF9xT3IVLPkb1dfstAc9MRoxPzyvK0LhkOEel7ut0G5Ca1HwQHD09Gp5b87b4GWtTbjaBg8mmOcHd4qkb0oW4xgssGZscLuhadiBSanzk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16693&min_rtt=16542&rtt_var=3608&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4836&recv_bytes=5139&delivery_rate=35181&cwnd=12000&unsent_bytes=0&cid=c8acd510cd25b4c7&ts=80&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/html; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f44d062ecb76777-ATL
access-control-allow-origin
*
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f157.1e100.net
Software
cafe /
Resource Hash
d525d33ae4f956b61dccf6e8473d1ff0268dc9f029ffdc049af0e7005c074f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
br
etag
10809515868488739921
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 04:57:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53248
x-xss-protection
0
server
cafe
banner.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/banner.php?r=9198926&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FCBFmeS6XC1&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbtitle=game-swat.4.gold.edition-(54515).rar&srs=044e4754cbfd534649d8c9af69c0e612&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&atv=57.0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXcToBygEs5Jb0NcIAD%2BBCT0CCYzgU53E90wYOR%2BM6i7TmREae%2BFNiVLW3tDx4pY5%2FPUxnnHFJUI13a3TwI5PbvLc01Hdgx9IRDFFHv7OGRHuw2rz7rdue8GHkjkgEKg8aSdrkc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f44d062ecb66777-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16693&min_rtt=16542&rtt_var=3608&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4135&recv_bytes=5139&delivery_rate=35181&cwnd=12000&unsent_bytes=0&cid=c8acd510cd25b4c7&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/97kyr/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/ Frame 2C3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/97kyr/0x4AAAAAAAgbsMNBuk2d3Qp6/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=showCaptcha
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f44d06348f24519-ATL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 19 Dec 2024 04:57:49 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
ut.js
wgvqa.club/script/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wgvqa.club/script/ut.js?cb=1734584269292
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
cf-cache-status
HIT
etag
W/"4afa2ac99f97331dc98263d49022a958"
age
3396
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiR7BciszeDN1eN1icw5imIQ1pyqWNY%2BZ8To0%2BM4%2BmkLTAV%2B1g1oU3hnnlM5XHYVm4ds%2FLMOPpFbmyMDxz624i0fMXAdu%2BatT7ibaLD3auTlGl0TCGSB1LJFvBy6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 19 Dec 2024 04:06:02 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
66473
server-timing
cfL4;desc="?proto=QUIC&rtt=17479&min_rtt=17187&rtt_var=6653&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4245&delivery_rate=176618&cwnd=12000&unsent_bytes=0&cid=f54345ab36a0d23d&ts=38&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/javascript
last-modified
Mon, 02 Dec 2024 08:21:47 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC6fSuRx43pQkqX6X5AXcvTuwe-DXflb4E8xo88cPinQOtNmz6k2b0spwR8iaDZMoz1J
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f44d06398c4bfce-ATL
access-control-allow-origin
*
x-goog-generation
1733127707295818
server
cloudflare
suurl5.php
youradexchange.com/script/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=9198862&chmob=%3F0&atag=1&cbur=0.32285431064380465&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=game-swat.4.gold.edition-(54515).rar&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FCBFmeS6XC1&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbcdn=wgvqa.club&ts=1734584269337&atv=57.0&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&srs=044e4754cbfd534649d8c9af69c0e612&abtg=1&aggr=3&czid=5cjbr1mglc&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0&adbv=3-cdn
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0624e189ac8ec171efabee709d2678ddb8e7620b57de1fb34422327df7c9051c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAeBL46%2BjhvmyuAjcZpljddy%2BwHXjGh7iaJmOVP7K36lKFi9lkoAty7k%2BZU0H4Gom6fMUWfAqSq8WejLArnbL%2Bx1E%2F6TqPbm%2BgufqNA4Pgg3duoiKXKTwKl4w%2BSJd7riLHs8R5g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17125&min_rtt=16542&rtt_var=2853&sent=16&recv=14&lost=0&retrans=0&sent_bytes=6562&recv_bytes=6699&delivery_rate=41110&cwnd=12000&unsent_bytes=0&cid=c8acd510cd25b4c7&ts=177&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Content-Type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f44d0636d606777-ATL
access-control-allow-origin
*
server
cloudflare
push.php
youradexchange.com/script/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/push.php?r=9198854&ipp=1&mads=2&position=top&czid=5cjbr1mglc&atag=1&aggr=3&abtg=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&adbv=3-cdn&srs=044e4754cbfd534649d8c9af69c0e612&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits&cbpage=https%3A%2F%2Fvikingf1le.us.to%2Ff%2FCBFmeS6XC1&atv=57.0&cbref=&chmob=%3F0
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.177.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0SZuXcZs0iOVKZZ48G6%2BaPMenkeAFZmrcraO2mFOhTZGsxyCT37rFkji4DOgm6j%2FOptlqb3DQDh3OOn7h44HSq1rnqhPt5QtM%2FUWf1AGFH7yOs0YPNLrlDwQSBJ7CyhL%2Begb4Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f44d0637d686777-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17125&min_rtt=16542&rtt_var=2853&sent=15&recv=14&lost=0&retrans=0&sent_bytes=5896&recv_bytes=6699&delivery_rate=41110&cwnd=12000&unsent_bytes=0&cid=c8acd510cd25b4c7&ts=152&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
server
cloudflare
priority
u=1,i
access-control-allow-headers
Content-Type
native_render.js
superonclick.com/script/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
cf-cache-status
HIT
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
age
1771
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0L9OvFgDf2vioLCuIaL3IBZjRGWpWz9qQxf1S9LntbR8DbH5NSfA96C%2F9bSApAJtRZSfweXQJDjrJLSBbrPyuUxRd9yjqcVbT5HnKL7VSdO8tAHqWCTMlkd8%2FvvVjv%2BHYI0"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 19 Dec 2024 05:28:18 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
4285
server-timing
cfL4;desc="?proto=QUIC&rtt=17576&min_rtt=17377&rtt_var=6658&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4177&recv_bytes=4565&delivery_rate=146265&cwnd=12000&unsent_bytes=0&cid=0ac27add925e9bdb&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC7LjY7aUkPWbnkH8KVIUV2yUQ3Bz4lYuSaJhCRyILEQreBc7axDvWpXvtH5efyrusbnkzz4EUROhw
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f44d0643a6ebf78-ATL
access-control-allow-origin
*
x-goog-generation
1550052950916101
server
cloudflare
native_server.js
superonclick.com/script/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
cf-cache-status
HIT
etag
W/"51d87e9ebd831fccab6a016079a60793"
age
11
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DyzTclov5J%2FX3Tq2cAKxhHJzwvV8u7PkRYNV2%2BbP0c6kqWXiwGc5JnhrsVylMRlIjScB8FFZih9w2xN4Q9vow%2BCRaLMvgQztbWwuWRhJHHJKmsO0Pd3DMjvmFYqlhPjWCJr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 19 Dec 2024 05:57:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
9260
server-timing
cfL4;desc="?proto=QUIC&rtt=17576&min_rtt=17377&rtt_var=6658&sent=13&recv=9&lost=0&retrans=0&sent_bytes=5228&recv_bytes=4565&delivery_rate=146265&cwnd=12000&unsent_bytes=0&cid=0ac27add925e9bdb&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/javascript
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC7hyescQPGKvAUqmkR-18Whe7PFvRtdsPwXY-9MWi6jDn40-v9IzkeZtCxAGRpORzN9lMJVxx3npA
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f44d0642a6dbf78-ATL
access-control-allow-origin
*
x-goog-generation
1550052952705094
server
cloudflare
hb.php
pubtrky.com/ut/ 		0
641 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pubtrky.com/ut/hb.php?cb=0.6046740966198794&v=1
Requested by
Host: wgvqa.club
URL: https://wgvqa.club/script/ut.js?cb=1734584269292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=utf-8
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2p%2BYrfNzInFUc0rfPVEWwaYB2dexXT5FjwRb%2FYIuUK4C8hOzqpVPq3pshffVUbONMImyOZUctDWDqnfLv1l7YazvA8m2S8upFl8pzheShnGZOyknZRKbafXf4r3L0A%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8f44d064d87cbd32-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16830&min_rtt=16454&rtt_var=3776&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4228&recv_bytes=5757&delivery_rate=35370&cwnd=12000&unsent_bytes=0&cid=9ac7d0d467ab59c6&ts=126&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 19 Dec 2024 04:57:49 GMT
server
cloudflare
priority
u=4,i
rum
vikingf1le.us.to/cdn-cgi/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vikingf1le.us.to/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://vikingf1le.us.to/f/CBFmeS6XC1

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST,OPTIONS
cf-ray
8f44d0646f5644d3-ATL
access-control-allow-origin
https://vikingf1le.us.to
date
Thu, 19 Dec 2024 04:57:49 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon-64375c377b5df8304acbdad4f4430694.ico
vikingfile.com/assets/
Redirect Chain
  • https://vikingf1le.us.to/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
  • https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
Protocol
H3
Server
104.21.48.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9debfd0610612fddc8bd5e5b83000df0c52e2beabcbc3c93ae530565c0cb708d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
content-encoding
zstd
cf-cache-status
HIT
etag
W/"66c2db72-3c2e"
age
866
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnDUQvC9yCpE50b6A%2BzDPo%2F38dl3VApmNzjnFb81hTJ0dAnUkqZQ2DB33rhg0Ms67aklYSibpKLcQEuVKsgrfcPmqjgdiJZ4Fwi%2FWOhQtixz6Ub0TyvPegI8Ue%2F%2FiC10aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d062ac6c53f0-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 05:43:14 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://vikingfile.com/assets/favicon-64375c377b5df8304acbdad4f4430694.ico
cf-cache-status
HIT
age
866
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JdJ%2Bn36Tu6yIVlLLcSAxRQdAMiEvwg6SWZFVbXA53tJSy8uxr66L9vRgeL4Hv1wDflskZELCw5U%2Fl%2FZ%2Frv6RJ7qYcC5njEM%2FAIb7qchlsU%2BMUN%2BOjGOaq8gidnMpHv2YIhT"}],"group":"cf-nel","max_age":604800}
cf-ray
8f44d0625f5544d3-ATL
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
identify.html
ufpcdn.com/script/ Frame B0A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.210 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://vikingf1le.us.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f44d065ecc4136d-ATL
content-encoding
zstd
content-type
text/html
date
Thu, 19 Dec 2024 04:57:49 GMT
last-modified
Tue, 15 May 2018 06:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnxgE2XVG2La%2FCAP4Zr5HMAMR3zOyAkOs6gQflE9zoZRy2z0wjqHSXuOQ2gX6cgXTv6XMn1KzeaZBIaFYZCfJw609nTbkSUnYuW3JJzQc4cok0ao30VP4%2Bo8qarv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=33106&min_rtt=30789&rtt_var=7981&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4235&recv_bytes=4563&delivery_rate=671&cwnd=12000&unsent_bytes=0&cid=f784193293788793&ts=155&x=1" cfExtPri cfHdrFlush;dur=0
native.php
discovernative.com/script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.749087522259134&cbWidth=1600&cbHeight=1200&cbtitle=game-swat.4.gold.edition-(54515).rar&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&callback=jsonp981042
Requested by
Host: vikingf1le.us.to
URL: https://vikingf1le.us.to/f/CBFmeS6XC1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b327af767e7a8bf49a3a1e5244f073e2d661e5d42e93233048ac9616c8ff5d13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oceGcfKqCk%2BQf6yrEhU7%2Brc8oNlsd31%2BFu1Ht6JrchBZ0zAQlSXt07t9QKHvdXd1k3pvCimPTcWOnnOy25N8h%2FTWFn48PxuB7qgARKe7UYIAb8efWbwFRzwmcEtQPETkiM9yKP4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f44d066f85eb05f-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:49 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
server
cloudflare
access-control-allow-headers
Content-Type
native.php
discovernative.com/script/ 		0
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.749087522259134&cbWidth=1600&cbHeight=1200&cbtitle=game-swat.4.gold.edition-%2854515%29.rar&cbref=&cbdescription=Share+large+files+anonymously.+No+mail+required.+No+speed+limit.&cbkeywords=file+hosting%2C+cloud+hosting%2C+secure+file+sharing%2C+anonymous+file+sharing%2C+large+file+sharing%2C+no+mail+required%2C+no+speed+limit%2C+fast+file+sharing%2C+reliable+file+sharing&cbiframe=0&callback=jsonp981042&wthnfp=1&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200600en-US84824%20bits
Requested by
Host: discovernative.com
URL: https://discovernative.com/script/native.php?nwpsv=1&r=9198934&cbrandom=0.749087522259134&cbWidth=1600&cbHeight=1200&cbtitle=game-swat.4.gold.edition-(54515).rar&cbref=&cbdescription=Share%20large%20files%20anonymously.%20No%20mail%20required.%20No%20speed%20limit.&cbkeywords=file%20hosting%2C%20cloud%20hosting%2C%20secure%20file%20sharing%2C%20anonymous%20file%20sharing%2C%20large%20file%20sharing%2C%20no%20mail%20required%2C%20no%20speed%20limit%2C%20fast%20file%20sharing%2C%20reliable%20file%20sharing&cbiframe=0&&callback=jsonp981042
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vikingf1le.us.to/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgtpyDjycFZThyviQ8w7Mt%2FcxABfdbMv9WakmVrj5FV0AVgaG%2Br6VDP7OmnKaNoqNW%2Bokcxumr5w%2BK2RH4vzYU2%2FJbC1AofUdCuNLDalhlTK5yKswOzoYD5LHCUCquthDLgPyM4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
cf-ray
8f44d067885fb05f-ATL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 04:57:50 GMT
server
cloudflare
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| TFxGEdRMr function| showCaptcha object| adcashMacros object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers function| cloudflareCallback object| files object| links function| getServer function| uploadNextLink function| uploadNextFile function| formatFileSize object| turnstile object| __cfBeacon object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint boolean| user_engagement1218 string| utsid-send object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach function| native_request string| zone object| adcashUfp function| jsonp981042

1 Cookies

Domain/Path Name / Value
vikingf1le.us.to/ Name: adcashufpv3
Value: 8089309644246876881819768611