a-2.1fichier.com Open in urlscan Pro
2a00:fb40:a:1::2  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request c762932546 Show response a-2.1fichier.com/	9 KB 10 KB	497ms 14ms	Document text/html	2a00:fb40:a:1::2 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://a-2.1fichier.com/c762932546 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::2 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software [Jun 14 2019 14:32:52] / Resource Hash 0c645dd01b7fceeecf6be5a13c7251ec31d9c0c27dcfab610878574aac8050a7 Request headers Host a-2.1fichier.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 03 Jul 2021 18:16:46 GMT Server [Jun 14 2019 14:32:52] Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=utf-8 Last-Modified Sat, 04 Jan 2020 05:45:11 GMT ETag "14604c-25a9-5e102667" Connection close Accept-Ranges bytes Content-Length 9641
GET H2	200	style.css img.1fichier.com/css/	10 KB 3 KB	41ms 12ms	Stylesheet text/css	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/css/style.css Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 6fb98a84dcad15b023db035df0fff70ab256cb9dbdb39836da0f6bb31790d749 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT content-encoding gzip last-modified Sun, 24 Feb 2019 17:19:44 GMT server nginx etag "5c72d230-a28" vary Accept-Encoding, Accept-Encoding content-type text/css cache-control public content-length 2600
GET H2	200	jquery.ui.css img.1fichier.com/css/	27 KB 5 KB	43ms 13ms	Stylesheet text/css	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/css/jquery.ui.css Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 12:14:31 GMT server nginx etag "601be527-149b" vary Accept-Encoding, Accept-Encoding content-type text/css cache-control public content-length 5275
GET H2	200	jquery.js Show response img.1fichier.com/js/	253 KB 74 KB	55ms 25ms	Script application/x-javascript	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/js/jquery.js Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT content-encoding gzip last-modified Fri, 20 Jul 2018 09:43:03 GMT server nginx etag "5b51aea7-127e0" vary Accept-Encoding, Accept-Encoding content-type application/x-javascript cache-control public content-length 75744
GET H2	200	logo.png img.1fichier.com/	17 KB 17 KB	30ms 30ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/logo.png Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT last-modified Tue, 01 Jul 2014 07:44:08 GMT server nginx etag "53b266c8-43dc" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 17372
GET H2	200	twitter.png img.1fichier.com/	1 KB 1 KB	12ms 12ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/twitter.png Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT last-modified Tue, 15 Dec 2015 17:02:38 GMT server nginx etag "567047ae-4a0" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 1184
GET H2	200	facebook.png img.1fichier.com/	1 KB 1 KB	13ms 13ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/facebook.png Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT last-modified Tue, 15 Dec 2015 17:02:15 GMT server nginx etag "56704797-4f9" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 1273
GET H2	200	logo-footer.png img.1fichier.com/	8 KB 8 KB	13ms 13ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/logo-footer.png Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT last-modified Tue, 01 Jul 2014 07:45:16 GMT server nginx etag "53b2670c-202c" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 8236
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	135 KB 48 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e035cc0d466ad57791319e528e7172ef1c27b055dd39e3981ad19bea7531085 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 03 Jul 2021 18:16:45 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48746 x-xss-protection 0 server cafe etag 3007245554692486900 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 03 Jul 2021 18:16:45 GMT
GET H2	200	background-002.jpg img.1fichier.com/	30 KB 31 KB	13ms 13ms	Image image/jpeg	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/background-002.jpg Requested by Host: img.1fichier.com URL: https://img.1fichier.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f Request headers Referer https://img.1fichier.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 03 Jul 2021 18:16:47 GMT last-modified Wed, 02 Jul 2014 09:48:55 GMT server nginx etag "53b3d587-798f" vary Accept-Encoding content-type image/jpeg cache-control public accept-ranges bytes content-length 31119
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/ Frame F55C	10 KB 5 KB	9ms 6ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210630/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a-2.1fichier.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a-2.1fichier.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sat, 03 Jul 2021 04:24:00 GMT expires Sat, 17 Jul 2021 04:24:00 GMT content-type text/html; charset=UTF-8 etag 15579341980913220427 x-content-type-options nosniff content-encoding gzip server cafe content-length 4579 x-xss-protection 0 age 49965 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	native_render.js Show response superonclick.com/script/	4 KB 2 KB	48ms 23ms	Script application/javascript	2606:4700:3037::6815:293c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_render.js Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ== date Sat, 03 Jul 2021 18:16:45 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1999 x-guploader-uploadid ABg5-Ux3ugDbjZHv9rpPo7PWt7S1qud12-Vw4b8rTYh-k2UMds-oGdb-EGzLhtVd-VxsPwU_T52pajAPwTcwsdI7qDL8U18q4g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:50 GMT server cloudflare etag W/"8b801d68c6f63f9ef8a9a7aa484b9c75" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qb95JwHVIj86MuDp79Oo1ETs4ZFogwvN8HLafiEj1gZD2U9J7CkWmD2AKD1wgOzTQTgo0%2B3WsrStQoJjc13v3SSE1rL0Lv7my2k9fWD7JNk83tGGJgXtYKPjsZy3uxeo5eEkPnrUeJHYxw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052950916101 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 4285 cf-ray 66921b569d894e43-FRA expires Sat, 03 Jul 2021 18:26:39 GMT
GET H2	200	native_server.js Show response superonclick.com/script/	9 KB 4 KB	44ms 19ms	Script application/javascript	2606:4700:3037::6815:293c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_server.js Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw== date Sat, 03 Jul 2021 18:16:45 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3016 x-guploader-uploadid ABg5-UztHarEA9WAL61ya9rea4JSaKO43c4uJRU5ju3QmZnd8lU0dTs1xERvBaCgxHtc9Mw1kzkD_hnNAYAJCEBbKOXI6RQA2w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:52 GMT server cloudflare etag W/"51d87e9ebd831fccab6a016079a60793" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AGlZw0KYV00CGhwkuNwP%2FAzsPFFSETM2g20BrBI7OHHWcoFE%2FlGsP7jNkvVWLW8tX1ewwAwnxcTwcawHxMND7uHC0qTTTVja6qFD7gBPfASFualnmthXK5ZYsFa8DzOiEXTlxHk%2BJwMKNg%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052952705094 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 9260 cf-ray 66921b569d8d4e43-FRA expires Sat, 03 Jul 2021 18:20:28 GMT
GET H2	200	identify.html Show response ufpcdn.com/script/ Frame 8A14	2 KB 2 KB	192ms 166ms	Document text/html	2606:4700:3037::ac43:8e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: superonclick.com URL: https://superonclick.com/script/native_server.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a Request headers :method GET :authority ufpcdn.com :scheme https :path /script/identify.html?frmt=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a-2.1fichier.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a-2.1fichier.com/ Response headers date Sat, 03 Jul 2021 18:16:46 GMT content-type text/html last-modified Tue, 15 May 2018 06:39:25 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie __cf_bm=99b22e6578c170a2b9da8d86231ddf47baa7e7a7-1625336206-1800-ASBSDtmLBXlythy/tvgb9tJsR+geX76dN+MhOPu347seIRktjF15jfUp+OBW+EI/Z11oNXtouD979NtjPL80wR4=; path=/; expires=Sat, 03-Jul-21 18:46:46 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=leh3GdIhRhMJE8aJLvDM7NiukQsajDmdGVTn7jHj2AVhn%2BoKvYuwXMSa%2FW3KoZdbSqfm7Yt6XFyeZo6%2FDbtp6aFRqoiLRQGROUf%2F7lNCxjW2jwAebWSqle8zjAuieN4DLAA%2Fng%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 66921b582b184aa3-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	204	native.php Show response discovernative.com/script/	0 71 B	223ms 166ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/native.php?nwpsv=1&r=2285595&cbrandom=0.0753100754878695&cbWidth=1600&cbHeight=1200&cbtitle=1fichier.com%3A%20Cloud%20Storage&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&ufp=9034022391433728764458335752&callback=jsonp149825 Requested by Host: a-2.1fichier.com URL: https://a-2.1fichier.com/c762932546 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://a-2.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sat, 03 Jul 2021 18:16:46 GMT via 1.1 google server openresty alt-svc clear

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $jscomp function| $ function| jQuery object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative string| zone object| adcashUfp function| jsonp149825

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-2.1fichier.com
discovernative.com
googleads.g.doubleclick.net
img.1fichier.com
pagead2.googlesyndication.com
superonclick.com
ufpcdn.com
130.211.31.231
2606:4700:3037::6815:293c
2606:4700:3037::ac43:8e31
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:fb40:a:1::141
2a00:fb40:a:1::2
0c645dd01b7fceeecf6be5a13c7251ec31d9c0c27dcfab610878574aac8050a7
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2e035cc0d466ad57791319e528e7172ef1c27b055dd39e3981ad19bea7531085
6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7
6fb98a84dcad15b023db035df0fff70ab256cb9dbdb39836da0f6bb31790d749
72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b
9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65
b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a