urlscan.io logo urlscan.io
SecurityTrails logo

ufile.io Open in urlscan Pro
2606:4700:3032::6815:4216  Public Scan

Go To Rescan Add Verdict Report
URL: https://ufile.io/xxxek6vg
Submission: On October 14 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 14 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3032::6815:4216, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufile.io. The Cisco Umbrella rank of the primary domain is 278460.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2022. Valid for: a year.
This is the only time ufile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    2606:4700:3032::6815:4216 (United States)

ASN13335 (CLOUDFLARENET, US)
ufile.io
6    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2600:9000:23cb:e800:e:be87:cd40:21 (United States)

ASN16509 (AMAZON-02, US)
d3vw4uehoh23hx.cloudfront.net
4    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
11    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
3    18.160.18.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-112.iad12.r.cloudfront.net
awayfterth.one
2    172.64.198.35 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
3    104.21.57.199 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
snlynotquite.buzz
1    2a03:2880:f175:81:face:b00c:0:25de (Chicago, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2607:f8b0:4006:821::200d (United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
3    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 ufile.io
ufile.io — Cisco Umbrella Rank: 278460
293 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
12 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
216 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 83
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
3 KB
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 19194
143 KB
4 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1116
cloudflareinsights.com — Cisco Umbrella Rank: 1110
11 KB
3 snlynotquite.buzz
snlynotquite.buzz
1 KB
3 awayfterth.one
awayfterth.one
4 KB
3 cloudfront.net
d3vw4uehoh23hx.cloudfront.net
69 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 15566
914 B
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 26506
101 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
694 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
73 14
Domain Requested by
21 ufile.io ufile.io
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 client.crisp.chat ufile.io
client.crisp.chat
6 pagead2.googlesyndication.com ufile.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 accounts.google.com 2 redirects ufile.io
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 snlynotquite.buzz ufile.io
3 awayfterth.one d3vw4uehoh23hx.cloudfront.net
3 d3vw4uehoh23hx.cloudfront.net ufile.io
awayfterth.one
2 cloudflareinsights.com static.cloudflareinsights.com
2 www.google-analytics.com ufile.io
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.ca pagead2.googlesyndication.com
2 pogothere.xyz d3vw4uehoh23hx.cloudfront.net
2 static.cloudflareinsights.com ufile.io
1 www.google.com tpc.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com ufile.io
73 19

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
awayfterth.one
Amazon		 2022-10-03 -
2023-11-01		 a year crt.sh
*.pogothere.xyz
E1		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.snlynotquite.buzz
GTS CA 1P5		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-23 -
2022-10-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://ufile.io/xxxek6vg
Frame ID: 9050C15E3F9D0182EDEEE78192702115
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 161D8570417508D434C6889AD98101CE
Requests: 1 HTTP requests in this frame

Frame: https://awayfterth.one/dmkwblEXC1MDbhdUUkgkBAUNS2MwTAIoNUUfR1okEwFfBmNFAUhAMhoGRQo3BAZeGn8YDERLYzAMUQMbHTNeLxsyOF8vBQ5dfC8XAiNoKBchPHUkHDUrUyQZHhlWJT04K3RfFBU/WychMx5lNhAdHmcmNjwnZwUAPytIWh8uWXkqGREFVjgENzt0CRMsPFw3NzdYWyIZDih8LRAZO2RfEB88AVswJFhqOQY0WXwtNj8PeDwXND91LxQwAnY7ADAdYz09LD9nPRM0P3UvNTUeQD8DM1BiJDo4KmcGISU8XAIBIy9hJhA0Bn8vAzM/cy86OCxcOAg8Lx0oByRZYjwEHSdzOToZOXQJAD4tWygEO1kJPwc3BmovABIrZisQOCtHDR8+WX4mBxowZC85NyVzFgcmPHMkCScvSCMHMwF2ORcsDWMrFxQ+ACgEJytbKhARCnMvYRI+eSsHLD9lHgckAkc2BiAKFgQiGQdAUx9DWFVdKUZbcx8wBxs
Frame ID: 1265813FA300CDD03DB96651718B8608
Requests: 2 HTTP requests in this frame

Frame: https://awayfterth.one/RG05MjIlD1pfDSVQWxRHNgEEFwACSAt0VncbTgZHIQVWWgB3BUEcUSgCTFZUNgJXRhwqCE0XAAIqa1x4DQxUAl4MPmB/Zy4kW350IDhad3RyNX8DVQMpSnRzPjdpdXQzK3tFawg9a15KFSoNV3Q9J2lXdzMvc0pFMjsJQVgMLk1qagMsbX5zLDxaXmN8Kl57RhAXeHx0PTxvf3MVNXJwCzElTkoFDBRaY3AHAlx5Z30LeHdWKTpSWgIVAHhWcAcKbnhKdAhgAnBwL3teWBUlUVBqEwV6UGQvG2ACcHAlaGNdFiVBYmojP2FXXis7WndoLDkICwABFxRVUwU+dHR+FQp+fkUeGW5xRj48YQt3HAN7alcoHX9+YCtVe0V0Ljx4RmIcXmBXexUocGsCBll9Y1UoKmpWdhcla3F5MyRfeWB8GW0DCgU8ClpRFV5jUVQSBWNUAzxYbgNgLjxxVWgALnhmfSMjcFZ2FlRuZEIrPGEHfwMlTXYULh5WXEJ5PQ9aczAubkYFdg
Frame ID: 54C6EB47090DDD9942C528F9C2A27467
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&adk=1812271804&adf=3025194257&lmt=1665757654&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654055&bpp=3&bdt=169&idt=180&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3482200861011&frm=20&pv=2&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: A7F657E6020CA2F1C5DB614DAD60B2F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=9984807553&adk=1930187984&adf=2617130762&pi=t.ma~as.9984807553&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654213&bpp=2&bdt=327&idt=91&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rb7o2Lngyv&p=https%3A//ufile.io&dtd=100
Frame ID: C14872737397AA3EF4ECF81E72C09631
Requests: 1 HTTP requests in this frame

Frame: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665748800
Frame ID: B43679D7DE61106E16505AECFDFC5EEA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=2601344819&adk=2030062158&adf=2221687645&pi=t.ma~as.2601344819&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654216&bpp=5&bdt=329&idt=128&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SfJNznoLZ0&p=https%3A//ufile.io&dtd=131
Frame ID: 54738FFC5F93EADFA71EA3D3BB1EE329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=7662099808&adk=953870729&adf=2604863999&pi=t.ma~as.7662099808&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654223&bpp=5&bdt=337&idt=138&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nS1unzSMyJ&p=https%3A//ufile.io&dtd=170
Frame ID: 72673AE7288DDD0D17D57DD99D30F6E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3025771024~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=3&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=2&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ALvYYpetui&p=https%3A//ufile.io&dtd=16
Frame ID: 7111BAD007712268455690B3BBE3AC6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3203662154~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=2&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280&nras=3&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=4boda0sBMy&p=https%3A//ufile.io&dtd=22
Frame ID: A1CF94128FB54142F73ED1192A45D370
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=90&adk=3267423511&adf=3418555885&pi=t.aa~a.3345392337~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1110x90&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=1&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280&nras=4&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=vSqBrlNrYP&p=https%3A//ufile.io&dtd=29
Frame ID: 5EDC7729362B68D16198ED3DC8FAAD13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3883739521~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x90&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=4&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280%2C1110x90&nras=5&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=ifntsTmiKH&p=https%3A//ufile.io&dtd=37
Frame ID: A02F883E1F46D8B92062C949C3EDBEBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=50&adk=984746673&adf=1854243684&pi=t.aa~a.1003044653~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=350x50&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=1&bdt=732&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280%2C1110x90%2C1200x90&nras=6&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=4434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=1Qn3muimBz&p=https%3A//ufile.io&dtd=44
Frame ID: 6311A27B3D5264C6185CF5D06D9B6D75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E72D2616F3AC0EC826E1CD488ED656B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D00D0ECE72916ADDA906755D89C31A16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Upload files for free - 2022-10-13 20-05-32.mkv - ufile.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

97 %
HTTPS

83 %
IPv6

14
Domains

19
Subdomains

18
IPs

2
Countries

874 kB
Transfer

2382 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S956400023%3A1665757654291523&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpnZ-SEo3urE4boYrPBEPkvjRRvCiSRTXfLE_4PPbHqghwomPCA9H1NGG5aK9-ZIUh-cdNZDA
Request Chain 27
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-603048080%3A1665757654298678&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWreTQka4drfnM0YwMuxpeF17kv7bUSOgQWvxWV0fZclVVUZ5FOzIOJTdinm7F88wJEbVeehjQ

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xxxek6vg
ufile.io/ 		82 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
7dcd8c36c0ed269be27ecadea88a52b813e459e30b4da457e51c8fe39289ea10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75a0ff14e8331865-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 14:27:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvXoZpggtaXsm0RZVWS0n19xbwtLVcVFdXMnzEQ9wZ0VPAOk3Yjt6NOG10Db0uLjftVcJfriAfsV24V7EJWMdNj7j0p7Dz6jaBQW1hS0NYvPM6aj9zYHt6H%2FRNG5Q%2BXePnXkYmBw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.24
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fea6ccb223b585dc821df88567104f00f22240008f340ada4ece90ab7248afb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54175
x-xss-protection
0
server
cafe
etag
3407124849284467801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 14:27:33 GMT
roboto-v20-latin-100.woff2
ufile.io/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/roboto-v20-latin-100.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7878571c8a713102fba10bf4a7b0eedf5980810b0780cbc1850ffc73f27c1c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/xxxek6vg
Origin
https://ufile.io
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185142
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15808
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4HOGIKDpcLVcryFSn2QKlsTa9wAs%2F2ZKQNEcMXgNSQinvgCh9PQXj5KU8Y9ssYGPHHyp6D5EhqnAiXvsRKmLVdGr2ycqacfXs7h%2FGRKdbcKuYrT6hKKfodVRO3O0t1fpaLRSc81"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
75a0ff18d84a1865-EWR
expires
Wed, 10 Aug 2022 10:37:24 GMT
14.jpeg
ufile.io/assets/img/backgrounds/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/backgrounds/14.jpeg
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60d4a6e6c06d5805d41c785eac48f006c2ab0afa9444ee85c2c7d43dde27aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
59062
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15558
cf-bgj
imgq:100,h2pri
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
"3cc6-5e27de0365600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzczNO3ngtBmc9pjfGcnOsCWamMiLgART8XZc1Sn2Xzuh0rnLHKSqqfDlns26erFwJc5Jf4AeCCzo9shOO8mIzU7AeR54D9bmcL3UdSzsSZYDdsCdtqfEwrrV%2Bmw6JdWF7AdpA7L"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
75a0ff18f8a21865-EWR
spacer.png
ufile.io/assets/img/ 		34 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/spacer.png
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152692
cf-polished
origFmt=png, origSize=152
content-disposition
inline; filename="spacer.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
cf-bgj
imgq:100,h2pri
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
"98-5e27de0365600"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeTNjZiOawCIH7FBahVg9yHe1PJ2AUU9zHUM0NKUyBjMBz7UftQmZmJZ%2FcdB4CIxDweONWvvmXcB5jjgkCOfOQP7Cz7eDwaPmxldPkeXmCwpYdbmaODS%2FOPChjrM00JVewtiKrjA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
75a0ff18f8a61865-EWR
download.js
ufile.io/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/download.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1398849
cf-polished
origSize=10696
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"29c8-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BIgR9JB%2B9Sau0rPudoHzDlW3oPJMuEF%2F4XPCbB1Qk3Z7fNruJWOLmXnPm%2BNRdPYZtEEMg7qadMsi%2BClR0gW1b0VsN3GwhbCEwqN1TQ78LP1EEhWRlHRixDoHfV8w1VzP%2FDapKpD"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff18d8541865-EWR
bootstrap.css
ufile.io/assets/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/bootstrap.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404508
cf-polished
origSize=41042
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cgzv7IdXhOsgsq9d7%2Fc4kDSSRrQoExjIWrc8TZbr5S1RP2mYWwNMaF7gYHkpAEs7%2FqT%2FhpLEd%2FKSi7FgVrmVeVvslp6BNvLKWd8IPEwtnwbM1K5EzYwyfOmpFmeWl6JiMZPX9S2q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=15552000
cf-ray
75a0ff18d84d1865-EWR
expires
Wed, 04 Jan 2023 21:52:56 GMT
theme.css
ufile.io/assets/css/ 		86 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/theme.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
988825
cf-polished
origSize=114399
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"1bedf-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu0GzxL3t%2FElOQ8NW7wlr5lybD6A69BCYvV%2BzmsXkkKYrAkvepbJx9uiAmJMbOrLzbBrhcTPwELzswuSkdvdp76nWIpDAcqCKyPXKmZ0zWc%2B9owxIJdPGvn7kFoCwodIWSolxn%2Fc"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff18d8501865-EWR
utils.css
ufile.io/assets/css/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/css/utils.css?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1398849
cf-polished
origSize=76432
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"12a90-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnUFpRrPn6j4bI9iaVoM3eHQPwS%2BO7WfzZ%2Bk63EoxIHOxh4W1wxBuJ4hIQKdjj8sQAJMslMoilfFyJvtWeCbMDTmF4s9BnORcDNOojXam5jKil0W719IvV%2FDbUjUnxR0GjbTELkT"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff18d8521865-EWR
/
d3vw4uehoh23hx.cloudfront.net/ 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e800:e:be87:cd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e4ec343994bd47afbc90a7d72d73115a20415e39dca8356a7e4de18dc2341ba1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
68727
x-amz-cf-id
bGLncgcmaeVRuLmUOtsiT1RTFcIbyrLOTe85T6lTjsCgzd7sSBpGlw==
logo-dark.svg
ufile.io/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/logo-dark.svg
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
925870
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"850-5e27de0365600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wd6fC0VIrQ1FByw%2FZqcRIrkASzITWEk3yDzxPKqzi2uz3OKcmYZBj64K0Pzs8YVA4VUhY7AiggKVvROVR0UagXvPdzeLsvlIzYhznGN7XtP9HygQH1BguzLWrnO7aAz%2BaL60Zh4k"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
75a0ff196d9e8cec-EWR
jquery.js
ufile.io/assets/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/jquery.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
925869
cf-polished
origSize=89500
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"15d9c-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9kU1N8TwegEBIgvNB8U3TCW%2BSXw9OrqAibkRO7bQE3qareve6UQ5Kn8YVM%2FJmgDV%2B3rq73UgXYBpBHcz9tY9QHwCyzGylkrSiK8YLE78w764TQPwk%2FRTdqFGUlzftWV2z1tgkTG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff196da18cec-EWR
utils.js
ufile.io/assets/js/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/utils.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1797052
cf-polished
origSize=47601
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 04 Jul 2022 16:33:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgWKSwJvhuG59vZ1ke8H2LfurVaPTa1YXI%2FMS0o%2BjlwOhevjiOFZAU4m7jjW%2FtMiWvDFkUCdlrsiYLaONbp1ib4JnMkrsG6XzCg0Or1Jgg6W67nJIF%2FpLX2Z8jLJ0CD19qVSwZih"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
75a0ff196da48cec-EWR
expires
Mon, 22 Aug 2022 19:04:15 GMT
global.js
ufile.io/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/global.js?v=1563114509
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443266
cf-polished
origSize=36623
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"8f0f-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kke0hrgQCDWkjgAAHY%2BK472imoqMcnT4Dy%2BIe1yudU7Kip0HjqOJDgCclvmlhBgYTP9E1HsObvbz98h8ABiF1nKea%2FjRsVRZiDdNbP0zZVsIR%2BkF3X6aCWnPEahPra%2BNXmuwY5Pf"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff196da58cec-EWR
ab.js
ufile.io/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/js/ab.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
925869
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"a13-5e27de0365600-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO1miw7KoYNX32HCkPiBMzkNaqak6Lm8bLeAeyaqqXDzxHBJjB17aaS2Vkkk4d7BpRIjkijyUgct8eI%2FWLmltlw%2BiYP3Ao%2FiOuPnFI%2FAxnmov1R67FV6DF9ownYnsR5eSXN%2F2Xwo"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
cf-ray
75a0ff196da78cec-EWR
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
75a0ff19bc77a1d8-YYZ
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://ufile.io/
Origin
https://ufile.io
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
75a0ff19bf59366a-YYZ
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 		352 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f171483e7aedf751cdf9b6e0ac87592eb6fac221ee4e97759dfaea1f4a2efa1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127395
x-xss-protection
0
server
cafe
etag
2254969141384655106
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 14:27:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 161D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 19:34:15 GMT
etag
9671129459699598864
expires
Thu, 27 Oct 2022 19:34:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cy86OCxcOAg8Lx0oByRZYjwEHSdzOToZOXQJAD4tWygEO1kJPwc3BmovABIrZisQOCtHDR8+WX4mBxowZC85NyVzFgcmPHMkCScvSCMHMwF2ORcsDWMrFxQ+ACgEJytbKhARCnMvYRI+eSsHLD9lHgckAkc2BiAKFgQiGQdAUx9DWFVdKUZbcx8wBxs
awayfterth.one/dmkwblEXC1MDbhdUUkgkBAUNS2MwTAIoNUUfR1okEwFfBmNFAUhAMhoGRQo3BAZeGn8YDERLYzAMUQMbHTNeLxsyOF8vBQ5dfC8XAiNoKBchPHUkHDUrUyQZHhlWJT04K3RfFBU/WychMx5lNhAdHmcmNjwnZwUAPytIWh8uWXkqGREFVjgENz... Frame 1265 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://awayfterth.one/dmkwblEXC1MDbhdUUkgkBAUNS2MwTAIoNUUfR1okEwFfBmNFAUhAMhoGRQo3BAZeGn8YDERLYzAMUQMbHTNeLxsyOF8vBQ5dfC8XAiNoKBchPHUkHDUrUyQZHhlWJT04K3RfFBU/WychMx5lNhAdHmcmNjwnZwUAPytIWh8uWXkqGREFVjgENzt0CRMsPFw3NzdYWyIZDih8LRAZO2RfEB88AVswJFhqOQY0WXwtNj8PeDwXND91LxQwAnY7ADAdYz09LD9nPRM0P3UvNTUeQD8DM1BiJDo4KmcGISU8XAIBIy9hJhA0Bn8vAzM/cy86OCxcOAg8Lx0oByRZYjwEHSdzOToZOXQJAD4tWygEO1kJPwc3BmovABIrZisQOCtHDR8+WX4mBxowZC85NyVzFgcmPHMkCScvSCMHMwF2ORcsDWMrFxQ+ACgEJytbKhARCnMvYRI+eSsHLD9lHgckAkc2BiAKFgQiGQdAUx9DWFVdKUZbcx8wBxs
Requested by
Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-112.iad12.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
630372452f923d5f39335548f2f1b9726485515b0ab4a3e52633c3678ded0b6c

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1217
content-type
text/html
date
Fri, 14 Oct 2022 14:27:34 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
x-amz-cf-id
2k9GuLsRxmVj1OPYqkviBk6I0Ts1PmerszeR0htvWGCU4-Y9tju3rA==
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 14:21:06 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://ufile.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjdcxtvIagIJJ%2BUf5IcrVCkenKCIi2WPEcZwur0%2BvCsHfSWykinVhBjkYiLO4UP7kbVbxxnZnDncrQZ4wOdHDPWRgptwOXNHgYKu73TdPUf%2FTBJ8CaxGx95lYH6DcGaf"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
75a0ff1b1b118c83-EWR
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24317b8dff81009f63e83882a61ef4b81b265f92a18b7961ca6db402ee4fe6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Cp2iFBLel3Sxcf7N6I5jkp2zx3CyLpx4BguAIGH1x81vTYPunivTSHjuh5tIE%2FijKuYyzanakffjunxTjqmkSU2QrmSs4nk7g1H8xOMjTZCvZlAatvDwHlo9pvCmvLg"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://ufile.io
content-type
text/plain
access-control-allow-credentials
true
cf-ray
75a0ff1b1b138c83-EWR
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
awayfterth.one/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awayfterth.one/utx?cb=jepGhz9kK5cH&top=ufile.io&tid=963260
Requested by
Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-112.iad12.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:27:34 GMT
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://ufile.io
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
VB_U-S1hThHAvNyoqGQd5pCSa2UmAMp7ufyK77ySGfIvQd02N-aNgQ==
Zy4kW350IDhad3RyNX8DVQMpSnRzPjdpdXQzK3tFawg9a15KFSoNV3Q9J2lXdzMvc0pFMjsJQVgMLk1qagMsbX5zLDxaXmN8Kl57RhAXeHx0PTxvf3MVNXJwCzElTkoFDBRaY3AHAlx5Z30LeHdWKTpSWgIVAHhWcAcKbnhKdAhgAnBwL3teWBUlUVBqEwV6UGQvG...
awayfterth.one/RG05MjIlD1pfDSVQWxRHNgEEFwACSAt0VncbTgZHIQVWWgB3BUEcUSgCTFZUNgJXRhwqCE0XAAIqa1x4DQxUAl4MPmB/ Frame 54C6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://awayfterth.one/RG05MjIlD1pfDSVQWxRHNgEEFwACSAt0VncbTgZHIQVWWgB3BUEcUSgCTFZUNgJXRhwqCE0XAAIqa1x4DQxUAl4MPmB/Zy4kW350IDhad3RyNX8DVQMpSnRzPjdpdXQzK3tFawg9a15KFSoNV3Q9J2lXdzMvc0pFMjsJQVgMLk1qagMsbX5zLDxaXmN8Kl57RhAXeHx0PTxvf3MVNXJwCzElTkoFDBRaY3AHAlx5Z30LeHdWKTpSWgIVAHhWcAcKbnhKdAhgAnBwL3teWBUlUVBqEwV6UGQvG2ACcHAlaGNdFiVBYmojP2FXXis7WndoLDkICwABFxRVUwU+dHR+FQp+fkUeGW5xRj48YQt3HAN7alcoHX9+YCtVe0V0Ljx4RmIcXmBXexUocGsCBll9Y1UoKmpWdhcla3F5MyRfeWB8GW0DCgU8ClpRFV5jUVQSBWNUAzxYbgNgLjxxVWgALnhmfSMjcFZ2FlRuZEIrPGEHfwMlTXYULh5WXEJ5PQ9aczAubkYFdg
Requested by
Host: d3vw4uehoh23hx.cloudfront.net
URL: https://d3vw4uehoh23hx.cloudfront.net/?euwvd=963182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-112.iad12.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
ee96aaffd06afe87dfc6c464b0228fd04ec2e9156925d21604897ff1625ec18d

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Fri, 14 Oct 2022 14:27:34 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 f9c59ce0e830fcb72cbcdb26622739f0.cloudfront.net (CloudFront)
x-amz-cf-id
lDFQg_ZlW2sPYy_YmviSLT94MwnwOA7iu99eizbiyR4AKHJCPLWovg==
x-amz-cf-pop
IAD12-P4
x-cache
Miss from cloudfront
SmRvbGdlWwwfWh8eKScyeDYELj8mDDpeCAMBAggEECUlWz0MLUkYDi5ZVlpUeFJdShcjAFJdX2wXGw0TPxdSXUEjCgkDWmwSUl1JekpdQldsEVJdQT4UDgtae0IfGBMmWV5aUX9TWltRf1BeW1Q
snlynotquite.buzz/ 		0
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snlynotquite.buzz/SmRvbGdlWwwfWh8eKScyeDYELj8mDDpeCAMBAggEECUlWz0MLUkYDi5ZVlpUeFJdShcjAFJdX2wXGw0TPxdSXUEjCgkDWmwSUl1JekpdQldsEVJdQT4UDgtae0IfGBMmWV5aUX9TWltRf1BeW1Q
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.199 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2By6NN2mKAiiswUoOxn9FmSXKjZHQumK%2Fy%2B1TVEsNyTwhciv6CfV%2BOnjYpH0w%2Bf3a39D7lq1A3xG866hwhgDsJkUTI4gpJI9FAvRQSGvmYXaXvCt4W2qA0kTqM%2BH7iNYn73xXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75a0ff1b3ca654cd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
U19g
snlynotquite.buzz/UTlLYmZ+BigRWzB9AQMFFlUSIAs9fRMOIx1YIDQ3CV4JFjQHVm0WDzUEclRVYw97RBY4XXZTQCJNKhYTIgR6RA8/XyRfQCcEekxVZRd5W0hhHz5fV3dNOwMBbAhtEhIlVXZTUGcMfFdRZwx/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snlynotquite.buzz/UTlLYmZ+BigRWzB9AQMFFlUSIAs9fRMOIx1YIDQ3CV4JFjQHVm0WDzUEclRVYw97RBY4XXZTQCJNKhYTIgR6RA8/XyRfQCcEekxVZRd5W0hhHz5fV3dNOwMBbAhtEhIlVXZTUGcMfFdRZwx/U19g
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.199 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvFvcVtviSITFs0zL2iFZloFavEr7I%2BxfihiqOqEK%2BR9UCLt%2BN%2B22yDwPDbqZry%2BlV%2FI8RhLvQ4j5LMpcOsA6HJZRWIYYt%2BBH2ZIQY9QslRCceA5obUcbS%2FH0qE7yimm0m2CYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
75a0ff1b3ca954cd-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S956400023%3A1665757654291523&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S956400023%3A1665757654291523&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpnZ-SEo3urE4boYrPBEPkvjRRvCiSRTXfLE_4PPbHqghwomPCA9H1NGG5aK9-ZIUh-cdNZDA
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Server
2607:f8b0:4006:821::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-s9BHuyhtm7JF_6cdk-dx8A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
393
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S956400023%3A1665757654291523&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpnZ-SEo3urE4boYrPBEPkvjRRvCiSRTXfLE_4PPbHqghwomPCA9H1NGG5aK9-ZIUh-cdNZDA
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S-603048080%3A1665757654298678&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-603048080%3A1665757654298678&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWreTQka4drfnM0YwMuxpeF17kv7bUSOgQWvxWV0fZclVVUZ5FOzIOJTdinm7F88wJEbVeehjQ
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Server
2607:f8b0:4006:821::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wlNfvpdTT7LafROVeyPArw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
395
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-603048080%3A1665757654298678&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWreTQka4drfnM0YwMuxpeF17kv7bUSOgQWvxWV0fZclVVUZ5FOzIOJTdinm7F88wJEbVeehjQ
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		383 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ufile.io&callback=_gfp_s_&client=ca-pub-8453236626207385&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2eb11ea4726c6ad250459ff1b69a849045aabdd520465bbdf462eac93c6811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ufile.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A7F6 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&adk=1812271804&adf=3025194257&lmt=1665757654&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654055&bpp=3&bdt=169&idt=180&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3482200861011&frm=20&pv=2&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b23c94c5a773bfeb86cd56d912096e5cd66817e4a71fa92e5eafd2d042a79de2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
5143
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 12:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6756
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 14 Oct 2022 14:34:58 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C148 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=9984807553&adk=1930187984&adf=2617130762&pi=t.ma~as.9984807553&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654213&bpp=2&bdt=327&idt=91&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rb7o2Lngyv&p=https%3A//ufile.io&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
deeec054a4c149da0b82cca6ee2bac08837bbe32b304af45e6cac632dfbb607a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
invisible.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame B436 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665748800
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a9cac5ed781f65af8c2cd85143089c4641753dbff8af06b0cd1d41bce41218
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QSkKd0CZBhSHT0MFZ1OM%2Bg4W9bAQK9%2Bi2ct549S5TnKsVswUMA5qjD3jDJiUVVcaOEGVvX68%2Bvn7EKDPrjFnJ27u65jLxKSl7kq7LnSb08Vjckk8P5nHOrSxS23wVcGITCzJfLU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75a0ff1bbabb8cec-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 5473 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=2601344819&adk=2030062158&adf=2221687645&pi=t.ma~as.2601344819&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654216&bpp=5&bdt=329&idt=128&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SfJNznoLZ0&p=https%3A//ufile.io&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07a146b038b4bbe8778cfce69f6ce01c6fa3652c15e3a78ad0995af62784ca1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
GRnJIam0lHSYMUjIbLFdUcEF6XF1gGDsFAzZPGFwFBwYLPRlxQG4eFyJPeEwBJxwvV0sjHCtXXGATLAhQclQ8GgItTzANFyQVMAQXKB9uHwx7HycQBCoeKU9fAEdmWkh0QmAdBCgWJx0eY0B4BBljQHhbXWhCbVkvY0B4HQQoRHxPXgRXeloVcEZhT192Ez-gaASM...
d3vw4uehoh23hx.cloudfront.net/ Frame 54C6 		958 B
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3vw4uehoh23hx.cloudfront.net/GRnJIam0lHSYMUjIbLFdUcEF6XF1gGDsFAzZPGFwFBwYLPRlxQG4eFyJPeEwBJxwvV0sjHCtXXGATLAhQclQ8GgItTzANFyQVMAQXKB9uHwx7HycQBCoeKU9fAEdmWkh0QmAdBCgWJx0eY0B4BBljQHhbXWhCbVkvY0B4HQQoRHxPXgRXeloVcEZhT192Ez-gaASMFLQgGLwZtWCtzQX9EXnBXelpFLRo8BwFjQAtPX3YeIQEIY0B4DQglGSdDSHRCKwIfKR8tT18AQ3hcQ3ZcfVhZf1x5W1RjQHgZDCATOgNIdDR9WVpoQX5MGHtD
Requested by
Host: awayfterth.one
URL: https://awayfterth.one/RG05MjIlD1pfDSVQWxRHNgEEFwACSAt0VncbTgZHIQVWWgB3BUEcUSgCTFZUNgJXRhwqCE0XAAIqa1x4DQxUAl4MPmB/Zy4kW350IDhad3RyNX8DVQMpSnRzPjdpdXQzK3tFawg9a15KFSoNV3Q9J2lXdzMvc0pFMjsJQVgMLk1qagMsbX5zLDxaXmN8Kl57RhAXeHx0PTxvf3MVNXJwCzElTkoFDBRaY3AHAlx5Z30LeHdWKTpSWgIVAHhWcAcKbnhKdAhgAnBwL3teWBUlUVBqEwV6UGQvG2ACcHAlaGNdFiVBYmojP2FXXis7WndoLDkICwABFxRVUwU+dHR+FQp+fkUeGW5xRj48YQt3HAN7alcoHX9+YCtVe0V0Ljx4RmIcXmBXexUocGsCBll9Y1UoKmpWdhcla3F5MyRfeWB8GW0DCgU8ClpRFV5jUVQSBWNUAzxYbgNgLjxxVWgALnhmfSMjcFZ2FlRuZEIrPGEHfwMlTXYULh5WXEJ5PQ9aczAubkYFdg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e800:e:be87:cd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
26f44dec59bd80f09929db5f3ff4d1c3048ebf4366898cdd2b23b92f0fbcc110

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://awayfterth.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
646
x-amz-cf-id
QYGN3Mi9CQ3c9SEXembpoHuyHHmceA73ryG59wVKkvUryXc_rUZUkQ==
eamJkZnAJDQoATx4LAFtJXFFWUEJMCBcJHhpfKlNBD1EcVkIpEwUXAkwWHgJNWkQIBx4NX0IDHglfVUARDgBZUlYfA1kLHxALCAoRT1AiU15aR1ZWWB0LCgIfHRFBVEAEFkFUQFtSSlZVWSBBVEAdCwpQRE9RJkNCWhpSUllPUFQHABoOAREVCAkNElVYJF-FVR0R...
d3vw4uehoh23hx.cloudfront.net/ Frame 1265 		197 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3vw4uehoh23hx.cloudfront.net/eamJkZnAJDQoATx4LAFtJXFFWUEJMCBcJHhpfKlNBD1EcVkIpEwUXAkwWHgJNWkQIBx4NX0IDHglfVUARDgBZUlYfA1kLHxALCAoRT1AiU15aR1ZWWB0LCgIfHRFBVEAEFkFUQFtSSlZVWSBBVEAdCwpQRE9RJkNCWhpSUllPUFQHABoOAREVCAkNElVYJF-FVR0RRUkNCWkoPDgQHDkFUM09QVAoZAQdBVEANBwcNH0NHVlYTAhALCxVPUCJXQFxMVEhFWFZdSEFbW0FUQBkDAgcCA0dWIEVZVUpVRkwXWVc
Requested by
Host: awayfterth.one
URL: https://awayfterth.one/dmkwblEXC1MDbhdUUkgkBAUNS2MwTAIoNUUfR1okEwFfBmNFAUhAMhoGRQo3BAZeGn8YDERLYzAMUQMbHTNeLxsyOF8vBQ5dfC8XAiNoKBchPHUkHDUrUyQZHhlWJT04K3RfFBU/WychMx5lNhAdHmcmNjwnZwUAPytIWh8uWXkqGREFVjgENzt0CRMsPFw3NzdYWyIZDih8LRAZO2RfEB88AVswJFhqOQY0WXwtNj8PeDwXND91LxQwAnY7ADAdYz09LD9nPRM0P3UvNTUeQD8DM1BiJDo4KmcGISU8XAIBIy9hJhA0Bn8vAzM/cy86OCxcOAg8Lx0oByRZYjwEHSdzOToZOXQJAD4tWygEO1kJPwc3BmovABIrZisQOCtHDR8+WX4mBxowZC85NyVzFgcmPHMkCScvSCMHMwF2ORcsDWMrFxQ+ACgEJytbKhARCnMvYRI+eSsHLD9lHgckAkc2BiAKFgQiGQdAUx9DWFVdKUZbcx8wBxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:e800:e:be87:cd40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf37dc25772764dcdbb32bf95ff2191fe1a5fdf023610597c1adb6482ff94ff2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://awayfterth.one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
via
1.1 3e7fb742ce78adbb687505d8440bf99c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
189
x-amz-cf-id
VXvS7PE3W-gPcM-XweGqgUK1bnGzzpt6--o7TI28OMV_Va-h6GIP2A==
fa-solid-900.woff2
ufile.io/assets/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ufile.io/assets/fonts/fa-solid-900.woff2
Requested by
Host: ufile.io
URL: https://ufile.io/assets/css/utils.css?v=1563114509
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ufile.io/assets/css/utils.css?v=1563114509
Origin
https://ufile.io
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
924909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75440
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
"126b0-5e27de0365600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrhL7FrFwIRTHE2sF0UKSmtqGC9orNgZE7e0%2B98pKOH1GH8e9sbLCEdzK0s6BXoJBHPQ%2FX0Cq6DZHQ7juYiWpZwl7uALw5Hm3c8NAQau3N%2BucQFl8ExYs33Nj3gA8%2FJJg1m1L22Z"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
75a0ff1bdaf98cec-EWR
ads
googleads.g.doubleclick.net/pagead/ Frame 7267 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&slotname=7662099808&adk=953870729&adf=2604863999&pi=t.ma~as.7662099808&w=1140&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&format=1140x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654223&bpp=5&bdt=337&idt=138&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=1&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=nS1unzSMyJ&p=https%3A//ufile.io&dtd=170
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d229a2d97a07af16906a93969e597ae540a7503bbbe149d0f1da9f6cbf7e671c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=93479023&t=pageview&_s=1&dl=https%3A%2F%2Fufile.io%2Fxxxek6vg&ul=en-us&de=UTF-8&dt=Upload%20files%20for%20free%20-%202022-10-13%2020-05-32.mkv%20-%20ufile.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=543537059&gjid=2137808077&cid=23603700.1665757654&tid=UA-73416834-1&_gid=1001874075.1665757654&_r=1&_slc=1&z=1224329695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 14:27:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
ufile.io/cdn-cgi/challenge-platform/h/g/scripts/ Frame B436 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff257de71e6a8e44d6d6520ba0c7b9a16edcefafd422f36ab985049fec58e478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZSNtewdCxNys9PUCf6Tk4etx4bF271ALjHPLhAQ8WO%2FN5fu4gAgzqAMnrKt7sDsjxibNp6juDijUkG%2F1lOntj5vX1gmvQXwdIhu72GMD58MSvQb1Kkxm6O%2FAVIgMN39S5am1Idi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
75a0ff1c3bd18cec-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-73416834-1&cid=23603700.1665757654&jid=543537059&gjid=2137808077&_gid=1001874075.1665757654&_u=IAhAAEAAAAAAACAAI~&z=499077765
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ufile.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 14 Oct 2022 14:27:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ufile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=ufile.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ufile.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7111 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3025771024~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=3&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=2&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ALvYYpetui&p=https%3A//ufile.io&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de336bde8b474328fba0cb16361d1dd2c8021c0ed5732b1e7d05397afbf32153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A1CF 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3203662154~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x280&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=2&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280&nras=3&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=4boda0sBMy&p=https%3A//ufile.io&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4885d8db279b21ccc53fdc68ef8220bd374091ca8e78a620d3cfe638015c3b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5EDC 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=90&adk=3267423511&adf=3418555885&pi=t.aa~a.3345392337~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1110x90&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=1&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280&nras=4&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=vSqBrlNrYP&p=https%3A//ufile.io&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e1c877675ad83df897ce8a0761eb379c372e480b9d321f9f1787f2beb3c8550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A02F 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.3883739521~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=1200x90&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=4&bdt=732&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280%2C1110x90&nras=5&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=ifntsTmiKH&p=https%3A//ufile.io&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f6df7d93f61ca0950978ae6217a7c5ead15715b0f94cd6c6a25e030484d926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6311 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8453236626207385&output=html&h=50&adk=984746673&adf=1854243684&pi=t.aa~a.1003044653~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1665757654&rafmt=1&to=qs&pwprc=9642828768&format=350x50&url=https%3A%2F%2Fufile.io%2Fxxxek6vg&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665757654618&bpp=1&bdt=732&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3bc92ca4f47f7f4-222255f4add70081%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw&gpic=UID%3D000008835c15431c%3AT%3D1665757654%3ART%3D1665757654%3AS%3DALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1200x280%2C1200x280%2C1110x90%2C1200x90&nras=6&correlator=3482200861011&frm=20&pv=1&ga_vid=23603700.1665757654&ga_sid=1665757654&ga_hid=93479023&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=4434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44770880&oid=2&pvsid=1204211286939340&tmod=167962034&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=1Qn3muimBz&p=https%3A//ufile.io&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66b55b12cafa78ecfe7988862491bcbd500801ac6c1d4cdcdb5d9f72b51dcbe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:34 GMT
expires
Fri, 14 Oct 2022 14:27:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
75a0ff14e8331865
ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B436 		2 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ufile.io/cdn-cgi/challenge-platform/h/g/cv/result/75a0ff14e8331865
Requested by
Host: ufile.io
URL: https://ufile.io/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665748800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Oct 2022 14:27:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIv4whdt64qe%2Fz%2BdXFlxXtkYkSXh1CZ4VV4KEh6AIZmAYubjB8V%2F1PFriklInTGW4dzYy0mQ3Qy268M6U5a5qL2nmnRJanGYbCvg4EhDUYQiSmXQwk0NhSorvUpnZg4Sei2COlPr"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
75a0ff1f1ac18cec-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d05be9d8c6a499fb0b7feee445b345b40efabdc531b217d3d38608c29c3d498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
/
ufile.io/ajax/analytics/ 		0
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ufile.io/ajax/analytics/
Requested by
Host: ufile.io
URL: https://ufile.io/assets/js/jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ufile.io/xxxek6vg
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
PHP/7.2.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B16rMByhRRERJNQ5lIUGpLSSDcBMsSPxuTiWNdATBFz6W56sPhhAEwuYdL6J1WmF2KqxB4pDqa%2FkBlybBbsxC%2FgRC5CZtEr%2Fse9SVcumekFO%2F8Ga9R3RRjB0A4zWsF%2FG85yYhN%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
75a0ff1fdc7c8cec-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: ufile.io
URL: https://ufile.io/xxxek6vg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a336717cf91a7c6dbdd2c0d5127becae7589ce450018249afb9aee40edd13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
15975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Mar 2022 13:16:27 GMT
server
cloudflare
etag
W/"622f402b-1f71"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff202e3f5425-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Sat, 15 Oct 2022 14:27:35 GMT
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ufile.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ufile.io
content-type
text/plain
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
75a0ff201c10366a-YYZ
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ufile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ufile.io
access-control-max-age
86400
cf-ray
75a0ff1febe4366a-YYZ
content-encoding
gzip
content-type
text/plain
date
Fri, 14 Oct 2022 14:27:35 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
file-types.svg
ufile.io/assets/img/icons/ 		29 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/icons/file-types.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1445408
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"74b8-5e27de0365600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzEVOqQ1h56AnaqrF9BChmX23c2ZpMVCSQ4WKBLGKsnPpBL58D2Cz8%2BuxG4rOuXue7NsLcyNzC7eKKfbfyEgdNh4DGGPRITupyP7Gb6B4GLCqhTDkAXk4JQc3Y9jSeELjxfrMGG3"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
75a0ff201d108cec-EWR
popunder.gif
snlynotquite.buzz/ 		35 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snlynotquite.buzz/popunder.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.199 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Fri, 14 Oct 2022 14:27:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 17:55:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
73929
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzSWarFINWNCgaXffTaxcvSV4U50%2BH5YwiLsuYWXvo8A4Gt0JZUMxwWvsE1%2BFqoNykftxPw2eBTdk17sAxUcGwB%2FPTG4u9TrhABRfKVg8TEtZUZJDpTcnyLJYMc4oiVCD0de3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
75a0ff206b94f995-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
client.js
client.crisp.chat/static/javascripts/ 		380 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?765735d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6abdc3fda20e0ae53f2cc313388140f6ef370fee78ff7d3864cb00e493f000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
15986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-5f1b0"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff208915a1de-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Mon, 11 Oct 2032 14:27:35 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		327 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?765735d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39509d1f198e9430dc244cf22e194ae4afb0c56ea954693b4e7448867994b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
15986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 09:56:40 GMT
server
cloudflare
etag
W/"63493258-51b1d"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff20891aa1de-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Mon, 11 Oct 2032 14:27:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 14:27:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E72 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
89406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 13:37:29 GMT
expires
Fri, 13 Oct 2023 13:37:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D00D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c945ec72e678406a7e2295e7f0114a85461fe384185b6cd167d35cc7019983fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qp6wdTondB_sMMCHyqLghw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ufile.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-qp6wdTondB_sMMCHyqLghw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 14:27:35 GMT
expires
Fri, 14 Oct 2022 14:27:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/ 		212 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-9-14-14-27
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?765735d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9b145cac87420c0fe1300b607f36f1250dec5eb8ad4805fbeb3f687aaf7633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 14:27:35 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff21ab46a1de-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Fri, 14 Oct 2022 18:27:35 GMT
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 0E72 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:53:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D00D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=1204211286939340&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0E72 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MoDdaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=1204211286939340&bg=!hIelh8PNAAYeOJy_Pjg7ACkAdvg8WiutD9fMqi4w9k02_1HWvH4ZWBfYcZZevIJxiR8TKsLU3AKMKQIAAABQUgAAAAJoAQcKAJuEPm6FO7I2Fwwx-pzBn-OBd04EKC8Xoa1vt5jcav5c_AlCjHXQKB1UohfqKKa8ZPe7qg_GSjL6TUDTobcpAwwocUE5C5uYN6TwDmRMm10LfSrab6QiKJ9dmbSLLTQ54f6tbMaMw4FlKyhEgj14shQ3t2ljMhLYtD-gfWGb_s7SW6Q9WqURj86jl_D96_76qfKPhB4jpE0FAd6RbJkCnCbi6WsDGotQ5Iqvpv1k_ZUu8xhpYJv5zioXuthHLUx8-TmgdXFBGrAEX1o-vDLxbK0jnRYx8piAyMyayxmLzUDxrE4ZmJpwfIoc05yFFL9R-D3GhaUIxZ3hjImftMlmTndnXhrwYNZF1USnSNNNLemXK1f1U-8g3lAy3fFIuSq9w-ZRyMdZ3PVjrdUNa9yHWn-edGgyWaHse9uqhkYemJ2hWDy3rwx8w8Yn2MD_OB1BnUAN4Hkbowe_oNqPl_ixffhtwLOn_kxb8oB7qnVSVi2ZVxhJ3p_aantb3EeULZlyjJL2WpM5qh5-qg8vBD6soZh-LOtOGUm_NzjyYhPFDuYoPpAIUYIP-jM_GotTTUyQtFVSQODxFn1rbX-34S-ZTebASvQDikaOqge8I8a7mYWD7NoHspEwi69nTJwnKEifcydBcL8_0GwcmarrfHOsD3Exy1hMlKYgtbeuE9ZZH0p0J7EoIMHJxcJdOlhU1CE9Qok9EfUmG7ZY7oZ0bA9HHxuBwVTVnCEQT49PhTpn7Cd-xKCri8Nkj3DrGreePgJU34atWMP7rJHIDWvfIvAp9wXOLqP5HqNfYujVzuXQymV3Fmdp0ZrC-2_DlOvkKmNeUwSLR6IVnfOwNqiXuQd_ooBm0oxMT-oi7rdhpGh6RjA1IeU5Ij9rK9FS3Jhs8FmLSOdq4pAZO9-U7k9ZbgZTI98vvZ6BRpzCaFa1x6zW9ddSb5iZHQGpe_L95dmigYzZvDku2VBwyPRXpG4VJcHlg0SgS6Bh0Has9hFRiRB0Uwz_Ofbl7ARFKLYs1cS4gb0UAAPvmxFOx9LH3aSNxlUl38QqKh3UYkiP2e5_DoU-MQ2cgpDHmrklhOMXj7xPskO_Tw9yDXeE3VH63agt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
payment-options.png
ufile.io/assets/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/payment-options.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
756473
cf-polished
origFmt=png, origSize=32805
content-disposition
inline; filename="payment-options.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26398
cf-bgj
imgq:100,h2pri
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
"8025-5e27de0365600"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3vXmielsBB88tNWOOiviBLLT65tYn59g7ZwzIV34HmQANUpLe2cVKqq0qkMr5DcN%2BzZgOyaR9YHVa1D%2Fdgw0dUIyXfl6DJLytsQ%2FEpo%2Fu%2F8vCAJl5bynbgkHkNLwgm7lNA8%2BeE1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
75a0ff266b308cec-EWR
banner.svg
ufile.io/assets/img/ 		17 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ufile.io/assets/img/banner.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:4216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/xxxek6vg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
923049
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 08:32:24 GMT
server
cloudflare
etag
W/"431c-5e27de0365600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NiqHEFubPiI2k3uSAwEeK%2FimCABhjL3c6yRm%2FZ9tNjSJhCW4nl1Yj7w8hc%2BUKQZJRVIsUCNZHjKkRmZ%2BKLB8H3uIYDVuh7tDYBAOdeiBtCaO5G2gpbbx99LU1RnDwoe9%2B7jyu2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
max-age=2678400
cf-ray
75a0ff266b328cec-EWR
/
client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/9891a594-d15f-44d2-ad63-5e086be01a3a/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1643547457112
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?765735d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
14051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 10:33:25 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff27ae75a1de-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Fri, 14 Oct 2022 18:27:36 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?765735d
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?765735d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3a34c68cb7f5e8cb4e2b25a4b38fe64c3d605d85544e9db42353871eaf6ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ufile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 14:27:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
15987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 13:12:02 GMT
server
cloudflare
etag
W/"62a737a2-182d"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
75a0ff2a6b5ba1de-YYZ
access-control-allow-headers
Content-Type, Origin
expires
Mon, 11 Oct 2032 14:27:36 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| LAST_CORRECT_EVENT_TIME object| utr_963260 number| userTrackingInterval number| _2464555059 number| google_lpabyc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| btns function| showTooltip function| fallbackMessage function| Growl object| lazySizes function| loadCSS object| clipboard function| executeCaptcha function| onSubmit function| download_file function| addEvent number| countDownDate function| timer function| recaptchaLoaded string| slug boolean| loaded_recaptcha object| justDetectAdblock string| GoogleAnalyticsObject function| ga object| dataLayer function| recaptchaCallback object| myCaptcha function| prepCaptcha boolean| active object| mr object| __cfBeacon object| gaplugins object| gaData number| iinf object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| GoogleGcLKhOms object| $__CRISP_INSTANCE object| google_image_requests

12 Cookies

Domain/Path Name / Value
.ufile.io/ Name: csrf_cookie_name
Value: 9bfc71360577cc49e0f9f049c3c76f28
.ufile.io/ Name: _ci_sessions_
Value: ft0dbg4ejol63914illctitke6uvenj8
pogothere.xyz/ Name: csu
Value: 2196547218709660@1@1665757654
.ufile.io/ Name: __gads
Value: ID=c3bc92ca4f47f7f4-222255f4add70081:T=1665757654:RT=1665757654:S=ALNI_MZo0BDUQUYgxrIkOqT-E6gDIRfKWw
.ufile.io/ Name: __gpi
Value: UID=000008835c15431c:T=1665757654:RT=1665757654:S=ALNI_MZqeUCGmloPIKrLkSBOFcV3L_DzjA
.ufile.io/ Name: _ga
Value: GA1.2.23603700.1665757654
.ufile.io/ Name: _gid
Value: GA1.2.1001874075.1665757654
.ufile.io/ Name: _gat
Value: 1
.ufile.io/ Name: __cf_bm
Value: 3I0BelYIt.rSUdIAYsIOxQ_DQ9UPx9X3qtpul7PNG3k-1665757654-0-AWk0xaGrHU8px/N2kIxZfxxHLFLIy8L6tVyFVM7Ojf1nylRYYx6fJyDwzXTdLMFg+8qU9DQ/eANDG6HxRAhFf8Wvb8HIqofbMsFZViBJlcGceA2Wlp1h3NVgsmAWfC4rnA==
.doubleclick.net/ Name: IDE
Value: AHWqTUkMrAf8BCkB8IH_SPogb9ug84FYJcsWPy3ij_4JLVMhZn5Yz8Zo-wIgoxmsgLY
.ufile.io/ Name: crisp-client%2Fsession%2F9891a594-d15f-44d2-ad63-5e086be01a3a
Value: session_53c421c2-e712-4273-b676-0f29839a615d
ufile.io/ Name: crisp-client%2Fsocket%2F9891a594-d15f-44d2-ad63-5e086be01a3a
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S956400023%3A1665757654291523&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpnZ-SEo3urE4boYrPBEPkvjRRvCiSRTXfLE_4PPbHqghwomPCA9H1NGG5aK9-ZIUh-cdNZDA
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-603048080%3A1665757654298678&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWreTQka4drfnM0YwMuxpeF17kv7bUSOgQWvxWV0fZclVVUZ5FOzIOJTdinm7F88wJEbVeehjQ
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.ca
adservice.google.com
awayfterth.one
client.crisp.chat
cloudflareinsights.com
d3vw4uehoh23hx.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pogothere.xyz
snlynotquite.buzz
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ufile.io
www.facebook.com
www.google-analytics.com
www.google.com
104.21.57.199
172.64.198.35
18.160.18.112
2600:9000:23cb:e800:e:be87:cd40:21
2606:4700:3032::6815:4216
2606:4700:440e::ac40:9c1a
2606:4700::6812:1d5b
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200d
2607:f8b0:4006:824::2002
2a03:2880:f175:81:face:b00c:0:25de
009c3d2ca8bbde159cb3bf6cd1c65bff8205f49f7723d8cd6cca97c15386ba07
03a9cac5ed781f65af8c2cd85143089c4641753dbff8af06b0cd1d41bce41218
07a146b038b4bbe8778cfce69f6ce01c6fa3652c15e3a78ad0995af62784ca1a
0b1d26389f36c06c51de5c2e21ff754189bed8f2ab99191c264db8fd3912e9a7
0fc795b42e6ad7232caa5faba5cb169a76cffbfe54c147346af1d923fcd3ca9c
1837eaba66df0af328d947577dfe741293f471dd8e640cef4c6938c89e61abbf
1c9b145cac87420c0fe1300b607f36f1250dec5eb8ad4805fbeb3f687aaf7633
1e862fc5d714f846abe07835f3d34b263059f79d12112cd728399a52ccdb18a0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f44dec59bd80f09929db5f3ff4d1c3048ebf4366898cdd2b23b92f0fbcc110
28f6df7d93f61ca0950978ae6217a7c5ead15715b0f94cd6c6a25e030484d926
377a336717cf91a7c6dbdd2c0d5127becae7589ce450018249afb9aee40edd13
3a3a34c68cb7f5e8cb4e2b25a4b38fe64c3d605d85544e9db42353871eaf6ac9
4885d8db279b21ccc53fdc68ef8220bd374091ca8e78a620d3cfe638015c3b6d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6abdc3fda20e0ae53f2cc313388140f6ef370fee78ff7d3864cb00e493f000
5ccbcf6d22ea0b761807062453a2acd95a34bb9b2603b2650b605df1af2f2960
5d05be9d8c6a499fb0b7feee445b345b40efabdc531b217d3d38608c29c3d498
5f6486ad0481a073337fbfa0c22d2fe27e73f99874ca68702eb5c42e78f81677
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630372452f923d5f39335548f2f1b9726485515b0ab4a3e52633c3678ded0b6c
66b55b12cafa78ecfe7988862491bcbd500801ac6c1d4cdcdb5d9f72b51dcbe1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
7dcd8c36c0ed269be27ecadea88a52b813e459e30b4da457e51c8fe39289ea10
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b7878571c8a713102fba10bf4a7b0eedf5980810b0780cbc1850ffc73f27c1c
9d45581f99961212923b84cdf880b7b6d1afcb01350ab8961a1271d7ba795053
9e1c877675ad83df897ce8a0761eb379c372e480b9d321f9f1787f2beb3c8550
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50fb9ae1b5262d504366decc64cb6e262be51a9f07bacc82d698e08e4eb9b1f
a60d4a6e6c06d5805d41c785eac48f006c2ab0afa9444ee85c2c7d43dde27aa8
a61e4d1bcf27943871aaa77e1bcc95c00f5faec80814c984081414acb1c45627
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b23c94c5a773bfeb86cd56d912096e5cd66817e4a71fa92e5eafd2d042a79de2
b39509d1f198e9430dc244cf22e194ae4afb0c56ea954693b4e7448867994b14
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be24317b8dff81009f63e83882a61ef4b81b265f92a18b7961ca6db402ee4fe6
c945ec72e678406a7e2295e7f0114a85461fe384185b6cd167d35cc7019983fd
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cf37dc25772764dcdbb32bf95ff2191fe1a5fdf023610597c1adb6482ff94ff2
d229a2d97a07af16906a93969e597ae540a7503bbbe149d0f1da9f6cbf7e671c
d28cb356bfe09c34dd67189ce84e733e47ffc1ab0813bf23696228e146524f34
db2eb11ea4726c6ad250459ff1b69a849045aabdd520465bbdf462eac93c6811
de336bde8b474328fba0cb16361d1dd2c8021c0ed5732b1e7d05397afbf32153
deeec054a4c149da0b82cca6ee2bac08837bbe32b304af45e6cac632dfbb607a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ec343994bd47afbc90a7d72d73115a20415e39dca8356a7e4de18dc2341ba1
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ee96aaffd06afe87dfc6c464b0228fd04ec2e9156925d21604897ff1625ec18d
f171483e7aedf751cdf9b6e0ac87592eb6fac221ee4e97759dfaea1f4a2efa1f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f768f129c2c71cdd195bc42f800c081e5d9804df4df180f851497957822151
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fea6ccb223b585dc821df88567104f00f22240008f340ada4ece90ab7248afb5
ff257de71e6a8e44d6d6520ba0c7b9a16edcefafd422f36ab985049fec58e478