urlscan.io logo urlscan.io
SecurityTrails logo

tusfiles.com Open in urlscan Pro
2a06:98c1:3120::7  Public Scan

Go To Rescan Add Verdict Report
URL: https://tusfiles.com/anfra2mvj98c
Submission: On April 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is tusfiles.com. The Cisco Umbrella rank of the primary domain is 583875.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.
This is the only time tusfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.66.248.87 16509 (AMAZON-02)
3 139.45.197.237 9002 (RETN-AS)
3 139.45.197.239 9002 (RETN-AS)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 37.48.68.90 60781 (LEASEWEB-...)
1 2600:9000:224... 16509 (AMAZON-02)
1 139.45.197.152 9002 (RETN-AS)
1 139.45.197.151 9002 (RETN-AS)
38 15
13    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
tusfiles.com
numbtoobly.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
2    18.66.248.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-87.dus51.r.cloudfront.net
ghtdecipie.com
3    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
betotodilea.com
3    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
ausoafab.net
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    37.48.68.90 (Arnhem, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
perf.cdnads.com
1    2600:9000:224a:7c00:1:93e8:f80:21 (United States)

ASN16509 (AMAZON-02, US)
d37pempw0ijqri.cloudfront.net
1    139.45.197.152 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
1    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
ourdailystories.com
Apex Domain
Subdomains		 Transfer
11 tusfiles.com
tusfiles.com — Cisco Umbrella Rank: 583875
169 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238
90 KB
3 ausoafab.net
ausoafab.net — Cisco Umbrella Rank: 179608
26 KB
3 betotodilea.com
betotodilea.com — Cisco Umbrella Rank: 85672
31 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 80
2 numbtoobly.com
numbtoobly.com
1 KB
2 ghtdecipie.com
ghtdecipie.com
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
75 KB
1 ourdailystories.com
ourdailystories.com
1 cdnativepush.com
static.cdnativepush.com — Cisco Umbrella Rank: 17629
3 KB
1 cloudfront.net
d37pempw0ijqri.cloudfront.net
827 B
1 cdnads.com
perf.cdnads.com — Cisco Umbrella Rank: 158055
323 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9763
542 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 freychang.fun
freychang.fun — Cisco Umbrella Rank: 23200
716 B
38 16
Domain Requested by
11 tusfiles.com tusfiles.com
4 cdnjs.cloudflare.com tusfiles.com
cdnjs.cloudflare.com
3 ausoafab.net tusfiles.com
ausoafab.net
3 betotodilea.com tusfiles.com
betotodilea.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 accounts.google.com
2 numbtoobly.com
2 ghtdecipie.com tusfiles.com
2 www.googletagmanager.com tusfiles.com
www.googletagmanager.com
1 ourdailystories.com ausoafab.net
1 static.cdnativepush.com
1 d37pempw0ijqri.cloudfront.net ghtdecipie.com
1 perf.cdnads.com
1 my.rtmark.net ausoafab.net
1 www.facebook.com
1 freychang.fun tusfiles.com
38 16

This site contains links to these domains. Also see Links.

Domain
tusfiles.net
www.facebook.com
twitter.com
vk.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
ghtdecipie.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
betotodilea.com
R3		 2022-03-03 -
2022-06-01		 3 months crt.sh
ausoafab.net
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-20 -
2022-04-20		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
cdnads.com
R3		 2022-02-10 -
2022-05-11		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
cdnativepush.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
ourdailystories.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tusfiles.com/anfra2mvj98c
Frame ID: C1F292BBB160411259371D3888333848
Requests: 35 HTTP requests in this frame

Frame: https://ghtdecipie.com/TVFwV2QsMxM6WyxsEnERPz1NclYLdEIRAH5mADIJPSZAPg48Ixl5ByE+BTMCPz4eI0ojNARyVgs+ETkUOzA3Bi4LADUYMzVlJBRVGzIlZxAaBDYzKQgTBx8nJSE4HjIIEygwURUTCQIACiYlBjUlZTEUVRsEJBU9AhMXGTwVEB8QJnw1PAQ1JhAzEgAvBRgWBQsAIgEiJRwlEDU6BzMWEwIVJR4CCmA5ESc1ECQWExwXJGcDPQklJwUVYEEOMA9hJBY1Oh04BggGBhwGIQk6ADYyCyU7BjIlEycDDAYGHAYACCY2MjEIaDobMXwGJzAuFwk1ZjQeF11vLgsTHwAnJWkyFCYIFjgSIhQBNicGGGEiHTMYYCcACAQUMRUlBRcbJwUHYUkePDoAPhY2dBonOzUDGQcgIA5hPjE8GzY4FgMqEDIGIh0CMzs+GxcAAjx9CyECDwMLIjsqKwlBZj0LJgM0ICU+PgNUKiEoAQApBzYvARw5SR88KncaJAsjIU0ZXShlBG8LDCYRPRw
Frame ID: 26F1D282699D46E94301B27BB36FDE44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TusFiles | Free File Storage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

53 %
IPv6

16
Domains

16
Subdomains

15
IPs

4
Countries

420 kB
Transfer

1053 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request anfra2mvj98c
tusfiles.com/ 		217 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9520e0a6efd6641c200f42fcaaa6b5dd4ec98a4c8870866300064dad73a65b5
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fb3f8519c985a01-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Apr 2022 11:47:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 12 Apr 2022 11:47:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLeC1dYp2UVu5W5JiHpNpxoIhf0b7RIai6KfNnsMPrWbx6HQpkQjpLb0ppkreh8oJqknHsndKXxAr0Wbvrq6jfBYOgOhhQ2pl7qR6%2B4lMXRoNeGOzb6erLgBkFbGpE6AzQzLD9%2Bo3eXqqgc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
197330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTiQCW076BWs4BCaFSa%2BiFNhIDtEC0lk9ZPFyx3offmJXcX5xQbHaSQrUFZhx3y3FYlqP%2B8jYkiq7KfSPvnmhjHFp1RlqK4Cjx2ZbVImKCx0Tu71EC7vL4z7wMo2qOOheRRn6sUiv80kh3BLjKCzxKJB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fb3f853e94e59dd-MXP
expires
Mon, 03 Apr 2023 11:47:58 GMT
up.bootstrap.min.css
tusfiles.com/assets/bootstrap/dist/css/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/assets/bootstrap/dist/css/up.bootstrap.min.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26496cdc67830428a18e74c57c2d5c9c0aa1d318aa5700d7a488b9807740344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846040
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 03 Jun 2018 17:00:20 GMT
server
cloudflare
etag
W/"5b141ea4-c5c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cf92gSeDRtl7y3GUtusk2PORNxaOhRSR4PRKwksr3wOLl8RnZ%2F6PF6GrbkrQvtjQR%2FNUBIMoK13XEzn1ghgGl1uGx76j68Zc2mFTvamuPhH1DZKy4T1QzJ%2BiBxSWQ7hp2de31CV0XYWuPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6fb3f853b94c5a01-MXP
access-control-allow-headers
X-Requested-With
expires
Tue, 03 May 2022 16:47:18 GMT
app.css
tusfiles.com/assets/styles/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/assets/styles/app.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c2856805e6a4b491afdee9598798373076b39c2c35ef22833008ba41c0e3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846040
cf-polished
origSize=130701
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 25 Dec 2020 20:45:47 GMT
server
cloudflare
etag
W/"5fe64f7b-1fe8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aShg2lts4APSay41ydGX2VPVkp5%2Bkf0ibZK0VMrNKzv1f6Xd21SjH9HTqCodtbUWkM2U9yAXzlorNTTXsm3nhiTWWgWolJmiPmyMX0wvW9CSfPlEkSuUQtCHSV%2BoDUBnaSVqAzdOcQCVnOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 03 May 2022 16:47:18 GMT
cache-control
max-age=2592000
cf-ray
6fb3f853b9505a01-MXP
access-control-allow-headers
X-Requested-With
cf-bgj
minify
font.css
tusfiles.com/assets/styles/ 		111 B
449 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/assets/styles/font.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6958fffb4cab7b095581eee44006a353dea3989e84cd0b957126a27cd7352d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846040
cf-polished
origSize=141
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Dec 2016 18:21:37 GMT
server
cloudflare
etag
W/"586402b1-8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULDL7THFRkLIcKNbTcD9q3fytLvsyKIOEZ0YJ%2FChGyKkzU8HXJvqBL5VIMm%2B1XrhUslG1YFfWGWuG%2FK%2FBLVCC0DqnqKEFfo7vW%2BsyoOPDMxbMdxsWbg%2BMYTCADctU0%2BvNKp39fRdkNvjAk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 03 May 2022 16:47:18 GMT
cache-control
max-age=2592000
cf-ray
6fb3f853b9525a01-MXP
access-control-allow-headers
X-Requested-With
cf-bgj
minify
font.css
tusfiles.com/assets/fonts/roboto/ 		417 B
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/assets/fonts/roboto/font.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/assets/styles/font.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0191dd90157ae400bab7797080abb892c349cee602b7185d005aef2cba24c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/assets/styles/font.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846039
cf-polished
origSize=489
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Dec 2016 18:21:34 GMT
server
cloudflare
etag
W/"586402ae-1e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkA%2F0%2FVnqfLk4KK3%2BuMSZeeM4EbfGfHeyzgvcgnfOqcGUk3XrkSRp79nyvnmFuwX6%2BZb%2FZU01mIMc9iIQf1lYfOGfc9EOCV1tZtfTOgQrgNWRIVdjH07qXDnLS%2Be3p0SraBYSRnwfKRMQDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 03 May 2022 16:47:19 GMT
cache-control
max-age=2592000
cf-ray
6fb3f853fa505a01-MXP
access-control-allow-headers
X-Requested-With
cf-bgj
minify
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
560574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
948
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpo%2Bo9Al77w3BWWzoZwnDfoWozYcmbppPsbVd9m5jKnBI5VZVew%2FLQhXc004kK0LsnGB44QOy%2Fhw0Nuxu%2FzOl26OXUcP6FAgVPGlQ5HuQQmjCestYN9x%2F8gCpB6IcYGgvUkCdeuOHd9msCqHf81xsOty"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fb3f8543a2f59dd-MXP
expires
Mon, 03 Apr 2023 11:47:58 GMT
rocket-loader.min.js
tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Apr 2022 12:32:17 GMT
server
cloudflare
etag
W/"62541fd1-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOR86sg4Vv%2B56lsP7NCt6gK37eRNFhH%2F9qK5O7%2BPLRn7YTVWMVW3ESqebqqLtcqsQt5KIUnlo80GUkTu6601HYHrh%2BauIK9W4AeHi8skjfXr8n4G3l3ywcxwl%2BMfx6qaGqViPfto8mK6nbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fb3f8543af75a01-MXP
vary
Accept-Encoding
expires
Fri, 15 Apr 2022 11:47:58 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://tusfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
585817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFuQQKbmkiLSylDYEVJxLmi8L4BflXR4foomNGH57EIRxMnRienMYTI9oj0T2fe0YYgKOXWreTvngD3CeNJ33iLqkQ3sJPO8IJONkTrD4zxnRk4sgdvLgEiQ%2FmW26IRI8K8uR8rI7bUx8DHkSK9t%2BFZW"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fb3f8556d0259ef-MXP
expires
Mon, 03 Apr 2023 11:47:58 GMT
anfra2mvj98c
tusfiles.com/ 		0
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/anfra2mvj98c
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=0;includeSubDomains;
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-frame-options
SAMEORIGIN
date
Wed, 13 Apr 2022 11:47:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1meE%2FvimsIb%2Fl%2B%2BYvENUwc7WAyCQ%2BT%2FJhvbNFuAdt%2FZ%2F7oYSj%2FpbF5886AtMmJekW%2FYT9vxNurk21ArYXTuv04SV%2Fk58N%2B3hIBAqzdibQXSnYPwF6wCso4sRjmIhei9Gw02eGGUCHYb7Eo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
6fb3f8553d1c5a01-MXP
access-control-allow-headers
X-Requested-With
expires
Tue, 12 Apr 2022 11:47:58 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3400026-6
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
349d5dff6d3fe32e59708e00f84c92ddb7751a57607a2de18c13505dc670b92f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38374
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Apr 2022 11:47:58 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
201181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NKuurwxuTSEO1yi1J5Od82bdtLwQ47Mb1uDGznISVivmVeczepJsRFPqm3bAPpIuC%2F8l1UWa0DkHKMcOj7OoI2FFeeEIYzv8522EuZ%2FuKj4e%2BRJa0jt3NIxqMBQmx1ZaBWxZLA9CbeZm8gyptZlJai7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6fb3f8557e6983bb-MXP
expires
Mon, 03 Apr 2023 11:47:58 GMT
app.js
tusfiles.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/scripts/app.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad719214d5d80e5bbb66280d77b40ef3580f356b9ae050ef33dbb1728affafd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846039
cf-polished
origSize=3336
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 08 Mar 2017 14:29:01 GMT
server
cloudflare
etag
W/"58c0152d-d08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIYoSpi5QxP2AkIgCaDJFzQRGW2gJGwkkMgYF8uG%2Flm%2F5iD%2Bua%2BdQrhcAqg91Wxyk5s7xQtyu2Lr7zj2yiXKnUqmsKjSHsgkQ7ISSzlo%2F5yOCGVTHtLUn%2F5P%2BHsbYZO88vcvlM5vs9q%2BwT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
expires
Tue, 03 May 2022 16:47:19 GMT
cache-control
max-age=2592000
cf-ray
6fb3f8554d305a01-MXP
access-control-allow-headers
X-Requested-With
cf-bgj
minify
bootstrap.min.js
tusfiles.com/libs/jquery/bootstrap/dist/js/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/libs/jquery/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5107eec5af15e1ab2cf0f2952f0b42df52dda842df17222be0e2562f122792a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846038
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 03 Jun 2018 13:07:36 GMT
server
cloudflare
etag
W/"5b13e818-aeb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50UBDXwZyMRkdbEM79lUsjRePXhrlFVcZdY3kyo1Ye76FTqbsLSgaxXG051bVKlJyKlfIbgF1HJaxbyRkAsJpsvfUruAomN%2B9V5Q5CPxu40li3s0DMztkyiKFwbuFBJoe9sYCq4gJdXbb0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6fb3f8554d325a01-MXP
access-control-allow-headers
X-Requested-With
expires
Tue, 03 May 2022 16:47:19 GMT
clipboard.min.js
tusfiles.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/js/clipboard.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846038
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Dec 2020 16:03:29 GMT
server
cloudflare
etag
W/"5fdb8151-2780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTDWz4ZucXv93VsaF5F1euCxBqcUpgVKjlql47SGbUao9w9e%2FM%2Fr2C4yzMPPA%2BgoKTiG5%2F8jCpHOXbycS2uALp0vShEItkF9wNQOTTQzKdzh1vXHHVzoUY5KVf6cRoRpsN4br%2FKdrJU3t8o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6fb3f8554d365a01-MXP
access-control-allow-headers
X-Requested-With
expires
Tue, 03 May 2022 16:47:20 GMT
jquery.min.js
tusfiles.com/js/lib/jquery/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tusfiles.com/js/lib/jquery/jquery.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/anfra2mvj98c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
846038
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Dec 2020 11:11:07 GMT
server
cloudflare
etag
W/"5fdb3ccb-16bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDJcvWy8fV387KaMnKDduqq8iCXz2faE2oS%2BgDNl2NY7lDGTLPPhyRO3%2BS%2FqbZMipZzRaTR%2F7Do0IDBd4CMbTHnqUxejYmj7xtyM5XLIuMMNXSa14E%2FC5HpxkXqPMOtGhRGKEp%2FC1fNjWa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6fb3f8554d385a01-MXP
access-control-allow-headers
X-Requested-With
expires
Tue, 03 May 2022 16:47:20 GMT
/
freychang.fun/ 		27 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
183e101be0f00233f726907819221fd5520d027314a48235600a93b81237658e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://tusfiles.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXbT6jexhkOjfdpbns71reb4ecIzSP9Nt0UCnVPulzooWmFGihhpZT5Ftb0WnFda7yoGRztQU8m58KNywLTEDsRzeG0TQJcVYf8EoL1Z%2FwJxzi%2BhQDWEAQl128FHzJxyJ%2BC0tmp55GtcC0bT"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6fb3f8571b4af933-MXP
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ghtdecipie.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghtdecipie.com/utx?cb=h6fdwD0olWbt&top=tusfiles.com&tid=891983
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-87.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 11:47:59 GMT
via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://tusfiles.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
4SfFT41vGgHA6Ur2lz9lEoSIsDiCrl4RUd4bXYzMfD63K633Kq2RMg==
TVFwV2QsMxM6WyxsEnERPz1NclYLdEIRAH5mADIJPSZAPg48Ixl5ByE+BTMCPz4eI0ojNARyVgs+ETkUOzA3Bi4LADUYMzVlJBRVGzIlZxAaBDYzKQgTBx8nJSE4HjIIEygwURUTCQIACiYlBjUlZTEUVRsEJBU9AhMXGTwVEB8QJnw1PAQ1JhAzEgAvBRgWBQsAI...
ghtdecipie.com/ Frame 26F1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ghtdecipie.com/TVFwV2QsMxM6WyxsEnERPz1NclYLdEIRAH5mADIJPSZAPg48Ixl5ByE+BTMCPz4eI0ojNARyVgs+ETkUOzA3Bi4LADUYMzVlJBRVGzIlZxAaBDYzKQgTBx8nJSE4HjIIEygwURUTCQIACiYlBjUlZTEUVRsEJBU9AhMXGTwVEB8QJnw1PAQ1JhAzEgAvBRgWBQsAIgEiJRwlEDU6BzMWEwIVJR4CCmA5ESc1ECQWExwXJGcDPQklJwUVYEEOMA9hJBY1Oh04BggGBhwGIQk6ADYyCyU7BjIlEycDDAYGHAYACCY2MjEIaDobMXwGJzAuFwk1ZjQeF11vLgsTHwAnJWkyFCYIFjgSIhQBNicGGGEiHTMYYCcACAQUMRUlBRcbJwUHYUkePDoAPhY2dBonOzUDGQcgIA5hPjE8GzY4FgMqEDIGIh0CMzs+GxcAAjx9CyECDwMLIjsqKwlBZj0LJgM0ICU+PgNUKiEoAQApBzYvARw5SR88KncaJAsjIU0ZXShlBG8LDCYRPRw
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-87.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
67fbf32cbf987a074725e0d04cf93a354eb6298ae3ffdf7be99eb827faf95fa7

Request headers

Referer
https://tusfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1230
content-type
text/html
date
Wed, 13 Apr 2022 11:47:59 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-id
QP1zATKHlBEMoAilsOMbp1fFjVufLQK-mIsnQH1iJdrif0rdZZ83MA==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
4859602
betotodilea.com/400/ 		75 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://betotodilea.com/400/4859602
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
69376aa9f4311a0a7cf8c4056f00976fad296360de42ae334f77d6d70a1e677a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-trace-id
8d89cd9364241436df7096a4777f042d
pragma
no-cache
date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
ausoafab.net/5/2876021/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ausoafab.net/5/2876021/?oo=1&aab=1
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
afef9ca9246b646651b357ff8fe2d792f541fddf41c7406ef55154311c5ae683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-trace-id
f8dc775fa29a4d26779604d45e4f1494
pragma
no-cache, no-cache
date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://tusfiles.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
ausoafab.net/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ausoafab.net/tag.min.js
Requested by
Host: tusfiles.com
URL: https://tusfiles.com/anfra2mvj98c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2a3d1aa5f7d6eeae6725637392ba28c6323d9248d67570af32e2f4b6e3d0e4ed
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
access-control-max-age
86400
content-length
22098
x-trace-id
5cd44deb2a9e34e65c6bf702a0216e3f
pragma
no-cache
last-modified
Mon, 28 Mar 2022 15:10:55 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
SUdUVnFIQ1FX
numbtoobly.com/YkZxcmRNeRIBWQERFSMHCRQyJzMoDRJCPgQfGjhWMHcnHjU6A1cGDQZ7SUtVW35CVBQLIkxDQhEyEAYREXtAVA0MIB5PQhR7QFxXVmhDR0pSYARPVUQyARMDX3dXAhAWKkxDUlZ/ 		0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://numbtoobly.com/YkZxcmRNeRIBWQERFSMHCRQyJzMoDRJCPgQfGjhWMHcnHjU6A1cGDQZ7SUtVW35CVBQLIkxDQhEyEAYREXtAVA0MIB5PQhR7QFxXVmhDR0pSYARPVUQyARMDX3dXAhAWKkxDUlZ/SUdUVnFIQ1FX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kv73QPEf3V0K7%2BD4OAEm9ePzuD3P4L9tJJX9GXHYAwrERtL4CHh641N7QvujEKuclIYxeuyonf%2F1OOeIPJmjMoegTRzzFdfedM6cevO%2Btw5V4%2FSMY1iHM3wpWAvPq068ixg%2Bl%2FA6lEVkH%2FG6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6fb3f8573de70dfe-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3400026-20&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3400026-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8f7f3aab7a9abaf792c7d86c7f5ebd3b9233e737ba657c8a92979d5f0d09f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38406
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Apr 2022 11:47:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3400026-20&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
789
date
Wed, 13 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Apr 2022 13:34:50 GMT
gid.js
my.rtmark.net/ 		65 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=95f6a786601d49d39dc48b6be4c3c2af
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
abcf8505d3b263e203fc2fc044f61d92c986b454e5857cf72291d5bc9b2155d9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tusfiles.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
perf.gif
perf.cdnads.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.cdnads.com/perf.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.90 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 11:47:59 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 14 Apr 2022 11:47:59 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=189221534&t=pageview&_s=1&dl=https%3A%2F%2Ftusfiles.com%2Fanfra2mvj98c&ul=en-us&de=UTF-8&dt=TusFiles%20%7C%20Free%20File%20Storage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1256903142&gjid=1549974075&cid=1926054454.1649850479&tid=UA-3400026-20&_gid=916985530.1649850479&_r=1&gtm=2ou460&z=644797146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tusfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 11:47:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tusfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
oanpvaGQJFQEOWx4TC1VcU0tWUFdMEBwHChpHIVEBXg5XByUdGwUQQh4AC1VUTBYOBgNXXAoGB1dLSQkACEdbThAaFQRVFhMUGQwVCAwODUIfG1IFCxATAwQFT0gpXUpaX11YTB0TAQwLHQlKWlQEDkpaVFtKQVhBWThKWlQdEwFeUE9JLU1WWgJZXE1PSF-8JFBo...
d37pempw0ijqri.cloudfront.net/ Frame 26F1 		748 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d37pempw0ijqri.cloudfront.net/oanpvaGQJFQEOWx4TC1VcU0tWUFdMEBwHChpHIVEBXg5XByUdGwUQQh4AC1VUTBYOBgNXXAoGB1dLSQkACEdbThAaFQRVFhMUGQwVCAwODUIfG1IFCxATAwQFT0gpXUpaX11YTB0TAQwLHQlKWlQEDkpaVFtKQVhBWThKWlQdEwFeUE9JLU1WWgJZXE1PSF-8JFBoWCh8BCBEGHEFYPFpbU0RJWU1WWlIEABAHFkpaJ09IXwQNAR9KWlQNHwwDC0NfXVgHAggABQFPSClZVFpUX0ZQUkNZRlNfX11YFwscDhoNT0gpXVddVFxeQh9HXg
Requested by
Host: ghtdecipie.com
URL: https://ghtdecipie.com/TVFwV2QsMxM6WyxsEnERPz1NclYLdEIRAH5mADIJPSZAPg48Ixl5ByE+BTMCPz4eI0ojNARyVgs+ETkUOzA3Bi4LADUYMzVlJBRVGzIlZxAaBDYzKQgTBx8nJSE4HjIIEygwURUTCQIACiYlBjUlZTEUVRsEJBU9AhMXGTwVEB8QJnw1PAQ1JhAzEgAvBRgWBQsAIgEiJRwlEDU6BzMWEwIVJR4CCmA5ESc1ECQWExwXJGcDPQklJwUVYEEOMA9hJBY1Oh04BggGBhwGIQk6ADYyCyU7BjIlEycDDAYGHAYACCY2MjEIaDobMXwGJzAuFwk1ZjQeF11vLgsTHwAnJWkyFCYIFjgSIhQBNicGGGEiHTMYYCcACAQUMRUlBRcbJwUHYUkePDoAPhY2dBonOzUDGQcgIA5hPjE8GzY4FgMqEDIGIh0CMzs+GxcAAjx9CyECDwMLIjsqKwlBZj0LJgM0ICU+PgNUKiEoAQApBzYvARw5SR88KncaJAsjIU0ZXShlBG8LDCYRPRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7c00:1:93e8:f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d762e9c6ee7ba9e938372b2c6d6c6d39dbe6c5176f698f5f9adc5158cf7ce728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ghtdecipie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
550
via
1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
x-amz-cf-id
_oVg4uzBxJYfW0eNRuc4efeMYpGJ06kJfJlrNo_lljiYf8TWCqrTkQ==
/
ausoafab.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ausoafab.net/?rb=lKoI85cgjG0FKU3dn9o0qcLxZIJhX_SG2FSB3MwhuNBH-bzLCdZ-Z9OYIkjBGpx_N4YalRdPrD8R7gxWymCql6FrooY5m8gYiffXnwyfeBLQRdc4nh02CGABLYdxOt5YOHV_eGPUetFkpXo3RTIapqkWBszYKJatMGOixP6pGkWCE982cZxRIh6jzwZj5KWuztX-eqhPdFxcU7l6Zv0aSC4rZAdxDtbzPKCjZv7xjg506xc7m7yVDbL6Db3H1YMzeyAQAOfOo8hzbEVw2UMubg%3D%3D&request_ab2=0&zoneid=2876021&js_build=iclick-v1.377.2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Ftusfiles.com%2Fanfra2mvj98c&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.377.2&bs=acaafca9-9975-4661-bf99-75a3a2b615c3&userId=95f6a786601d49d39dc48b6be4c3c2af&m=link
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b90697d23334a586601da890f783a6b52838b4c6c4dd0611b5dbb9a5ec1a06e7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
86400
x-trace-id
2a552404d7a01f876513b926ed390411
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://tusfiles.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
4859602
betotodilea.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://betotodilea.com/500/4859602?excludes=&oaid=95f6a786601d49d39dc48b6be4c3c2af&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Ftusfiles.com%2Fanfra2mvj98c&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: betotodilea.com
URL: https://betotodilea.com/400/4859602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e9badc842fcb8d4068ae78644fdfb3c2451d36a323bffc3526475400bfabd906
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tusfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
09ea85733acca843e8c274237aa88abf
pragma
no-cache
date
Wed, 13 Apr 2022 11:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://tusfiles.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
popunder.gif
numbtoobly.com/ 		35 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://numbtoobly.com/popunder.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
public
date
Wed, 13 Apr 2022 11:47:59 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 16:53:28 GMT
server
cloudflare
age
68071
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXKleg3HtWxJiew7GNeT5osE8rcTxwtAeKfi%2B1%2Fz%2BS2s7YuipmwTRHfNQmgorl9CFgCJM4Ua57oOxPFEn%2B7dWvK63KBSEnQBKSVwcWNKPBh3zqsj9SzBFwf41auwi%2FgRRGQxR%2BmUerUqXFI78Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fb3f8599cb7d771-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4859602
betotodilea.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://betotodilea.com/500/4859602?excludes=&oaid=95f6a786601d49d39dc48b6be4c3c2af&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Ftusfiles.com%2Fanfra2mvj98c&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tusfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://tusfiles.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 13 Apr 2022 11:47:59 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.152 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
last-modified
Thu, 01 Jul 2021 09:13:54 GMT
server
nginx
etag
"60dd8752-86d"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
2157
favicon.ico
ourdailystories.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ourdailystories.com/favicon.ico
Requested by
Host: ausoafab.net
URL: https://ausoafab.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=60
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tusfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 11:47:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=60

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| k object| _75ncnz3je8b object| q178lqtjcdh object| zfgformats function| setImmediate function| clearImmediate function| _xzijmi function| _wrvtwp object| __cfQR function| $ function| jQuery function| c2ss number| LAST_CORRECT_EVENT_TIME number| _2050768665 function| delComment function| player_start object| copyc object| jQuery110203762914304339997 object| app object| cookieconsent function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| webpushlogs number| iinf object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
.tusfiles.com/ Name: lang
Value: german
ausoafab.net/ Name: OAID
Value: 95f6a786601d49d39dc48b6be4c3c2af
ausoafab.net/ Name: oaidts
Value: 1649850479
.tusfiles.com/ Name: _ga
Value: GA1.2.1926054454.1649850479
.tusfiles.com/ Name: _gid
Value: GA1.2.916985530.1649850479
.tusfiles.com/ Name: _gat_gtag_UA_3400026_20
Value: 1
my.rtmark.net/ Name: ID
Value: 95f6a786601d49d39dc48b6be4c3c2af
tusfiles.com/ Name: prefetchAd_2876021
Value: true
freychang.fun/ Name: csu
Value: 2014069829163225@1@1649850479
betotodilea.com/ Name: OAID
Value: 95f6a786601d49d39dc48b6be4c3c2af
ausoafab.net/ Name: syncedCookie
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ausoafab.net
betotodilea.com
cdnjs.cloudflare.com
d37pempw0ijqri.cloudfront.net
freychang.fun
ghtdecipie.com
my.rtmark.net
numbtoobly.com
ourdailystories.com
perf.cdnads.com
static.cdnativepush.com
tusfiles.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
139.45.195.8
139.45.197.151
139.45.197.152
139.45.197.237
139.45.197.239
18.66.248.87
2600:9000:224a:7c00:1:93e8:f80:21
2606:4700:3030::6815:2dcf
2606:4700::6811:190e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200d
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::7
37.48.68.90
183e101be0f00233f726907819221fd5520d027314a48235600a93b81237658e
2a3d1aa5f7d6eeae6725637392ba28c6323d9248d67570af32e2f4b6e3d0e4ed
349d5dff6d3fe32e59708e00f84c92ddb7751a57607a2de18c13505dc670b92f
43c2856805e6a4b491afdee9598798373076b39c2c35ef22833008ba41c0e3c9
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
67fbf32cbf987a074725e0d04cf93a354eb6298ae3ffdf7be99eb827faf95fa7
69376aa9f4311a0a7cf8c4056f00976fad296360de42ae334f77d6d70a1e677a
6958fffb4cab7b095581eee44006a353dea3989e84cd0b957126a27cd7352d51
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ad719214d5d80e5bbb66280d77b40ef3580f356b9ae050ef33dbb1728affafd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26496cdc67830428a18e74c57c2d5c9c0aa1d318aa5700d7a488b9807740344
abcf8505d3b263e203fc2fc044f61d92c986b454e5857cf72291d5bc9b2155d9
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afef9ca9246b646651b357ff8fe2d792f541fddf41c7406ef55154311c5ae683
b0191dd90157ae400bab7797080abb892c349cee602b7185d005aef2cba24c14
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b8f7f3aab7a9abaf792c7d86c7f5ebd3b9233e737ba657c8a92979d5f0d09f68
b90697d23334a586601da890f783a6b52838b4c6c4dd0611b5dbb9a5ec1a06e7
c5107eec5af15e1ab2cf0f2952f0b42df52dda842df17222be0e2562f122792a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d762e9c6ee7ba9e938372b2c6d6c6d39dbe6c5176f698f5f9adc5158cf7ce728
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9badc842fcb8d4068ae78644fdfb3c2451d36a323bffc3526475400bfabd906
f9520e0a6efd6641c200f42fcaaa6b5dd4ec98a4c8870866300064dad73a65b5