urlscan.io logo urlscan.io
SecurityTrails logo

1fichier.com Open in urlscan Pro
2a00:fb40:a:1::140  Public Scan

Go To Rescan Add Verdict Report
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Submission: On October 24 via manual from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 20 domains to perform 62 HTTP transactions. The main IP is 2a00:fb40:a:1::140, located in France and belongs to DSTORAGE, FR. The main domain is 1fichier.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 18th 2017. Valid for: 3 years.
This is the only time 1fichier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:fb40:a:1... 198792 (DSTORAGE)
11 2a00:fb40:a:1... 198792 (DSTORAGE)
11 2400:cb00:204... 13335 (CLOUDFLAR...)
3 38.107.161.102 33313 (WILCON)
1 1 173.192.101.24 36351 (SOFTLAYER)
1 108.168.193.189 36351 (SOFTLAYER)
7 54.154.249.155 16509 (AMAZON-02)
1 178.250.2.130 44788 (ASN-CRITE...)
1 178.250.0.93 44788 (ASN-CRITE...)
11 205.185.216.42 20446 (HIGHWINDS3)
1 3 2.16.94.240 20940 (AKAMAI-ASN1)
1 18.185.209.124 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 185.33.223.209 29990 (ASN-APPNEXUS)
2 2 207.244.108.217 30633 (LEASEWEB-...)
1 35.201.83.118 15169 (GOOGLE)
2 2 18.153.11.3 16509 (AMAZON-02)
1 148.251.129.43 24940 (HETZNER-AS)
2 35.177.223.59 16509 (AMAZON-02)
1 87.98.153.73 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20b... 16509 (AMAZON-02)
1 94.31.29.128 33438 (HIGHWINDS2)
62 20
2    2a00:fb40:a:1::140 (France)

ASN198792 (DSTORAGE, FR)
1fichier.com
11    2a00:fb40:a:1::141 (France)

ASN198792 (DSTORAGE, FR)
img.1fichier.com
11    2400:cb00:2048:1::6811:22cd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.run-syndicate.com
run-syndicate.com
pixel.run-syndicate.com
3    38.107.161.102 (United States)

ASN33313 (WILCON - Wilcon, US)
www.ps7894.com
1    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p289046.clksite.com
1    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybestmv.com
7    54.154.249.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
trends.revcontent.com
cm.revcontent.com
1    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.93 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
11    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
cdn.revcontent.com
img.revcontent.com
3    2.16.94.240 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-94-240.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    18.185.209.124 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-209-124.eu-central-1.compute.amazonaws.com
secure.quantserve.com
2    2a00:1450:4001:819::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    185.33.223.209 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
2    207.244.108.217 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
b1sync.zemanta.com
1    35.201.83.118 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 118.83.201.35.bc.googleusercontent.com
g.cwkuki.com
2    18.153.11.3 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-3.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    148.251.129.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow
sync.upravel.com
2    35.177.223.59 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-223-59.eu-west-2.compute.amazonaws.com
pixel.quantserve.com
1    87.98.153.73 (France)

ASN16276 (OVH, FR)
brzadrs8n9.s.ad6media.fr
2    2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:20bb:2800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p289046.mycdn.co
Domain Requested by
11 img.1fichier.com 1fichier.com
img.1fichier.com
9 img.revcontent.com 1fichier.com
6 cdn.run-syndicate.com 1fichier.com
cdn.run-syndicate.com
5 trends.revcontent.com 1fichier.com
trends.revcontent.com
cdn.revcontent.com
4 pixel.run-syndicate.com 1fichier.com
3 sb.scorecardresearch.com 1 redirects 1fichier.com
3 www.ps7894.com 1fichier.com
www.ps7894.com
2 fonts.gstatic.com 1fichier.com
2 pixel.quantserve.com 1fichier.com
2 x.bidswitch.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 cm.revcontent.com 1fichier.com
2 ib.adnxs.com 2 redirects
2 fonts.googleapis.com 1fichier.com
cdn.revcontent.com
2 cdn.revcontent.com 1fichier.com
2 1fichier.com 1fichier.com
1 p289046.mycdn.co mybestmv.com
1 rules.quantcount.com secure.quantserve.com
1 brzadrs8n9.s.ad6media.fr 1fichier.com
1 sync.upravel.com 1fichier.com
1 g.cwkuki.com 1fichier.com
1 secure.quantserve.com 1fichier.com
1 bidder.criteo.com static.criteo.net
1 static.criteo.net trends.revcontent.com
1 run-syndicate.com cdn.run-syndicate.com
1 mybestmv.com 1fichier.com
1 p289046.clksite.com 1 redirects
62 27
Subject Issuer Validity Valid
*.1fichier.com
AlphaSSL CA - SHA256 - G2		 2017-05-18 -
2020-05-18		 3 years crt.sh
ssl817673.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-25 -
2019-04-03		 6 months crt.sh
*.ps7894.com
Go Daddy Secure Certificate Authority - G2		 2018-08-29 -
2019-08-29		 a year crt.sh
*.mybestmv.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-05 -
2019-03-05		 a year crt.sh
revcontent.com
Amazon		 2018-03-16 -
2019-04-16		 a year crt.sh
*.criteo.net
DigiCert SHA2 Secure Server CA		 2017-11-21 -
2018-11-26		 a year crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2017-11-21 -
2018-11-26		 a year crt.sh
*.revcontent.com
DigiCert SHA2 Secure Server CA		 2018-05-20 -
2019-08-01		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2017-12-06 -
2018-12-26		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-10-02 -
2018-12-25		 3 months crt.sh
*.cwkuki.com
DigiCert SHA2 Secure Server CA		 2017-09-05 -
2020-09-09		 3 years crt.sh
*.upravel.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-27 -
2019-03-27		 a year crt.sh
*.s.ad6media.fr
COMODO RSA Domain Validation Secure Server CA		 2017-01-11 -
2019-01-11		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2018-10-02 -
2018-12-25		 3 months crt.sh
*.mycdn.co
COMODO RSA Domain Validation Secure Server CA		 2018-10-15 -
2019-10-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1fichier.com/?8o94thhtxltg2mirnuxk
Frame ID: 3A522466B700694D7E9B4CD3372894A0
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^criteo/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • env /^_?COMSCORE$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

62
Requests

100 %
HTTPS

26 %
IPv6

20
Domains

27
Subdomains

20
IPs

6
Countries

1360 kB
Transfer

2498 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://p289046.clksite.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true HTTP 301
  • https://mybestmv.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
Request Chain 29
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU%3D%26geo%3D35 HTTP 302
  • https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=5525025869373852315&exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35
Request Chain 30
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=%26bidder%3D3%26bidder_uid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU%3D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU%3D&s=2 HTTP 302
  • https://cm.revcontent.com/pixel_sync?exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&bidder=3&bidder_uid=CEF089h72IaXronzK9MG
Request Chain 32
  • https://x.bidswitch.net/sync?ssp=revcontent HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent HTTP 302
  • https://sync.upravel.com/bidswitch/sync?sub1=revcontent
Request Chain 46
  • https://sb.scorecardresearch.com/b?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9=

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1fichier.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::140 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
29e99a10f4fcf453b23fb1d2e6606f1900aa0723faa8466161fc3ee2356b74cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
1fichier.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
DStorage
Date
Wed, 24 Oct 2018 22:27:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, no-store, must-revalidate
Content-Security-Policy
frame-ancestors 'self'
Expires
0
Pragma
no-cache
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Encoding
gzip
style.css
img.1fichier.com/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.1fichier.com/css/style.css
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
20ca22ef73463c41a2b8b641913582d516a555ed94e6830fbfc5c5065abc8534

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Oct 2018 11:29:36 GMT
Server
DStorage
ETag
"5bcc6320-9fc"
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=306153 public
Connection
keep-alive
Content-Length
2556
Expires
Sun, 28 Oct 2018 11:29:36 GMT
jquery.ui.css
img.1fichier.com/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.1fichier.com/css/jquery.ui.css
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
1bc44294b20b803c5567713b1c8f9569d30371360321a2e88600c66030885f39

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jun 2018 08:49:21 GMT
Server
DStorage
ETag
"5b28c391-11da"
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache public
Connection
keep-alive
Content-Length
4570
Expires
Tue, 26 Jun 2018 08:49:21 GMT
jquery.js
img.1fichier.com/js/ 		253 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.1fichier.com/js/jquery.js
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jul 2018 09:43:03 GMT
Server
DStorage
ETag
"5b51aea7-127e0"
Vary
Accept-Encoding Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache public
Connection
keep-alive
Content-Length
75744
Expires
Fri, 27 Jul 2018 09:43:03 GMT
logo.png
img.1fichier.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/logo.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Tue, 01 Jul 2014 07:44:08 GMT
Server
DStorage
ETag
"53b266c8-43dc"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17372
Expires
Tue, 08 Jul 2014 07:44:08 GMT
n.js
cdn.run-syndicate.com/sdk/v1/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.run-syndicate.com/sdk/v1/n.js
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
781e4e706b0bee9f6b610f188790d58fde83fa4b8eae9f2646365d6e5bd4846d

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Oct 2018 08:07:19 GMT
server
cloudflare
etag
W/"5bd02837-2c49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
cf-ray
46efde4d88a9bf07-FRA
expires
Thu, 25 Oct 2018 00:27:01 GMT
qr.pl
1fichier.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1fichier.com/qr.pl?do=0.8o94thhtxltg2mirnuxk&s=1
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::140 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
40f007bd73adc81d164fb48f845516055fb92d5446619aed950e3553d0bafc7f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:03 GMT
Server
DStorage
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/png
icon_question.png
img.1fichier.com/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/icons/icon_question.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
71cc73e07c93286f879de363886843eef3ca93ad9b54f6e616ea82622b793316

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Wed, 05 Aug 2015 09:48:58 GMT
Server
DStorage
ETag
"55c1dc0a-73a"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1850
Expires
Wed, 12 Aug 2015 09:48:58 GMT
logo-footer.png
img.1fichier.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/logo-footer.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Tue, 01 Jul 2014 07:45:16 GMT
Server
DStorage
ETag
"53b2670c-202c"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8236
Expires
Tue, 08 Jul 2014 07:45:16 GMT
twitter.png
img.1fichier.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/twitter.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Tue, 15 Dec 2015 17:02:38 GMT
Server
DStorage
ETag
"567047ae-4a0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1184
Expires
Tue, 22 Dec 2015 17:02:38 GMT
facebook.png
img.1fichier.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/facebook.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Tue, 15 Dec 2015 17:02:15 GMT
Server
DStorage
ETag
"56704797-4f9"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1273
Expires
Tue, 22 Dec 2015 17:02:15 GMT
bindevent.do
www.ps7894.com/InterYield/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ps7894.com/InterYield/bindevent.do?e=click&affiliate=dstorage&subid=dstorage&maxAdCountsPerInterval=0&ae=true&aecount=3&aedelay1=1&aedelay2=5&aedelay3=10&aesnooze=0&aeplus=true&snoozeMinutes=1&adCountIntervalHours=24&pop=under&attributionDisabled=true&endpoint=https%3A%2F%2Fwww.ps7894.com
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.107.161.102 , United States, ASN33313 (WILCON - Wilcon, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
25465a40f0ffc964a613f9d34fda11fa6a5b343a933b1218fb16437e5ba0efb2

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
Content-Language
en-US
P3P
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
banners
mybestmv.com/adServe/
Redirect Chain
  • https://p289046.clksite.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
  • https://mybestmv.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybestmv.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
3c106f82eecab7b4cdfb3d8f47ee29e0b093012b5029f80dbca422f7855dba55

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:02 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://mybestmv.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
Date
Wed, 24 Oct 2018 22:27:01 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
background-002.jpg
img.1fichier.com/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/background-002.jpg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://img.1fichier.com/css/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://img.1fichier.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:03 GMT
Last-Modified
Wed, 02 Jul 2014 09:48:55 GMT
Server
DStorage
ETag
"53b3d587-798f"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31119
Expires
Wed, 09 Jul 2014 09:48:55 GMT
n.css
cdn.run-syndicate.com/sdk/v1/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by
Host: cdn.run-syndicate.com
URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f51f6124ad1c9acf95a5b73158e502dab76341c77dbdbb81c50727435c5e5b0

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Oct 2018 08:07:19 GMT
server
cloudflare
etag
W/"5bd02837-1194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=7200
cf-ray
46efde4e796bbf07-FRA
expires
Thu, 25 Oct 2018 00:27:01 GMT
dynamic
run-syndicate.com/do2/cf681d12b7344e458000145913e4b6a7/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run-syndicate.com/do2/cf681d12b7344e458000145913e4b6a7/dynamic?format=jsonp&count=4&callback=callbackb7tm8&keywords={%20keywords%20}
Requested by
Host: cdn.run-syndicate.com
URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cef8c612ea1919c6e7fe72a1e8be855bc340327dd542e8d2b60c1d2e0d51f6

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Oct 2018 22:27:01 GMT
content-encoding
gzip
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
*
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
cf-ray
46efde4ea9c4bf07-FRA
expires
0
serve.js.php
trends.revcontent.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=98107&t=rc_743&c=1540420021522&width=1600&referer=https://1fichier.com/?8o94thhtxltg2mirnuxk
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e4dd4912990c753c9a6c91a0b0684084f68e3f5f622ba054d0a5ffff44ff81e3

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1fichier.com
access-control-allow-credentials
true
publishertag.js
static.criteo.net/js/ld/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=98107&t=rc_743&c=1540420021522&width=1600&referer=https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7daa2dd2bacf6b8a3eb4016f254f730bdb8315f5b86de253bdedfc3fb6e68678

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Sep 2007 08:50:25 GMT
Server
nginx
ETag
W/"5bac9eb6-138f9"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 25 Oct 2018 22:27:01 GMT
7e88561a28ff36da1cd6a02c61e73dee225193_origin.jpg
cdn.run-syndicate.com/images/6/7/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.run-syndicate.com/images/6/7/7e88561a28ff36da1cd6a02c61e73dee225193_origin.jpg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f0e0acd3d6ff59441b2110e7bdb1027f66a451119e069506eb0b5402288e3a

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Oct 2018 10:52:08 GMT
server
cloudflare
etag
"5bb1fc58-dd6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
46efde4f9b34bf07-FRA
content-length
56687
expires
Thu, 25 Oct 2018 00:27:01 GMT
42da969154986986ed544103ef817a5c26c6d4.png
cdn.run-syndicate.com/images/4/f/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.run-syndicate.com/images/4/f/42da969154986986ed544103ef817a5c26c6d4.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2b32b8a34775459203f4a080a0d36cae974dd960bc8c8948870e0706e014cf

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
cf-cache-status
HIT
last-modified
Mon, 20 Aug 2018 16:35:20 GMT
server
cloudflare
etag
"5b7aedc8-26fef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
46efde4fab36bf07-FRA
content-length
159727
expires
Thu, 25 Oct 2018 00:27:01 GMT
480x360.png
cdn.run-syndicate.com/images/e/6/c9fd4eff5c845e2bbad824eb77c85fd1988599/thumbs/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.run-syndicate.com/images/e/6/c9fd4eff5c845e2bbad824eb77c85fd1988599/thumbs/480x360.png
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
190da8512f16b3afda76f2f40abb699cba6d61b0fa8d2e88e7ec9ea69c66e738

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Oct 2018 14:53:49 GMT
server
cloudflare
etag
"5bc0b57d-31dcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
46efde4fab37bf07-FRA
content-length
204237
expires
Thu, 25 Oct 2018 00:27:01 GMT
480x360.jpg
cdn.run-syndicate.com/images/6/2/552a1f49c5f7888ac39c4e3180e95e8c7487c5/thumbs/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.run-syndicate.com/images/6/2/552a1f49c5f7888ac39c4e3180e95e8c7487c5/thumbs/480x360.jpg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1964dd650ffa47c719b41fa7a417d7618c49d8d377689c4e3a07a3f390eebc

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
cf-cache-status
HIT
last-modified
Thu, 18 Oct 2018 15:46:10 GMT
server
cloudflare
etag
"5bc8aac2-18360"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
46efde4fab38bf07-FRA
content-length
99168
expires
Thu, 25 Oct 2018 00:27:01 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f08188890b03fd5c0cd7213f54ad2f2162af9e8f44b5bcc37dd6205ec453a20a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=58&profileId=184&cb=50098898541
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Origin
https://1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1fichier.com
Date
Wed, 24 Oct 2018 22:27:00 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Vary
Origin
serve.js.php
trends.revcontent.com/ 		50 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=98107&t=rc_743&c=1540420021522&width=1600&referer=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk
Requested by
Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=98107&t=rc_743&c=1540420021522&width=1600&referer=https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
06bc4147b43229995495155ddb04f91a12448d986867b4e5513d2c81b157df9f

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Origin
https://1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Oct 2018 22:27:01 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
status
200
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://1fichier.com
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
rev2.min.css
cdn.revcontent.com/build/css/ 		83 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/css/rev2.min.css?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
84c92e1a750bc168f340c0a52083d84617b66ac39354657be73bdb65f687ec2e

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2018 19:04:53 GMT
ETag
"1540321493"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds117.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=55333
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25626
rev2.min.js
cdn.revcontent.com/build/js/ 		275 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/js/rev2.min.js?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bdcc716a6dafc52fdb8ef9d3dc5a097e1fd782a60f575ae3ac61271d728ff9d9

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2018 19:04:53 GMT
ETag
"1540321493"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds007.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=58132
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
97699
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.94.240 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-94-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Thu, 25 Oct 2018 22:27:01 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.209.124 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-209-124.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24-Oct-2018 22:27:01 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 31 Oct 2018 22:27:01 GMT
css
fonts.googleapis.com/ 		7 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1bb33da015e40392c387bdb088b426bd437fa0d25195c56d73e722f1a4a45c92
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 24 Oct 2018 22:27:01 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 24 Oct 2018 22:27:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 24 Oct 2018 22:27:01 GMT
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIx...
  • https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=5525025869373852315&exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35
35 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=5525025869373852315&exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 24 Oct 2018 22:27:02 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:03 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.71:80
AN-X-Request-Uuid
58ad4c5e-e02c-4334-b776-fd4bf64c9662
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=5525025869373852315&exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&geo=35
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOW...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU%3D%26bidder%3D3%26bidder_uid%3D__ZUID__&...
  • https://cm.revcontent.com/pixel_sync?exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&bidder=3&bidder_uid=CEF089h72IaXronzK9MG
35 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&bidder=3&bidder_uid=CEF089h72IaXronzK9MG
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 24 Oct 2018 22:27:02 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:02 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.revcontent.com/pixel_sync?exchange_uid=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=&bidder=3&bidder_uid=CEF089h72IaXronzK9MG
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
166
Expires
Thu, 01 Dec 1994 16:00:00 GMT
D8f2l
g.cwkuki.com/cs/ 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cwkuki.com/cs/D8f2l?u=ODY4ZGRkMGY4Nzk4NzQ3Y2UxY2Y0N2VkOWIxOTM1ZDU=
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.83.118 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
118.83.201.35.bc.googleusercontent.com
Software
Cookie_Sync /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Wed, 24 Oct 2018 22:27:02 GMT
via
1.1 google
server
Cookie_Sync
alt-svc
clear
sync
sync.upravel.com/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent
  • https://sync.upravel.com/bidswitch/sync?sub1=revcontent
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.upravel.com/bidswitch/sync?sub1=revcontent
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.129.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
prod-hzeu-bidder-23.community.moscow
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Wed, 24 Oct 2018 22:27:02 GMT
server
nginx

Redirect headers

Date
Wed, 24 Oct 2018 22:27:02 GMT
Server
nginx/1.12.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
//sync.upravel.com/bidswitch/sync?sub1=revcontent
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
0
p-aD1qr93XuF6aC.gif
pixel.quantserve.com/pixel/ 		35 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-aD1qr93XuF6aC.gif?labels=Publishers.Publisher-68701,Widgets.Widget-98107
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.223.59 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-177-223-59.eu-west-2.compute.amazonaws.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:02 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
/
img.revcontent.com/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15203256300558503789.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9235f1cfb61fbc6b7ceb801d1296ff5ac06df37310af266101481143c53e045b

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 06 Mar 2018 08:40:31 GMT
ETag
"1520325631"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds073.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
56752
/
img.revcontent.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397130780433758086.jpeg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d3cabd1ffd1367c891db8e0fcc3f603ba802181919fc9ba4a1f20c6d761d65c7

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 18:04:39 GMT
ETag
"1539713079"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds032.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
37556
/
img.revcontent.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397123661151665401.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0079abdf4947d85299202dcf14bdd2e5141dd085653daeb8434d75d2275d6de3

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 17:52:47 GMT
ETag
"1539712367"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds076.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40659
/
img.revcontent.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397128850974542007.jpeg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a688567d002e5783f919a69c717dd5b4b62ad30e0c503b23e439df4f4f05fac1

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 18:01:26 GMT
ETag
"1539712886"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds056.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24445
/
img.revcontent.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397120360384357698.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1f2ba3b279aa70eed0373d18327f75b7c72b456403321b0bc23f7c6431a03ee1

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 17:47:17 GMT
ETag
"1539712037"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds078.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
19118
/
img.revcontent.com/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397095070153541762.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8360491766c74c438319ded282408c8a4e7f915ff2574830ed37e3827bcf0010

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 17:05:08 GMT
ETag
"1539709508"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds012.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33215
/
img.revcontent.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15203258470054204464.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
70dc65383f26c00ab95e5d376ef78263bc7e1a85a9f7168771cd17518604c668

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 06 Mar 2018 08:44:08 GMT
ETag
"1520325848"
X-HW
1540420021.dop020.fr8.shc,1540420021.dop020.fr8.t,1540420021.cds040.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
27498
/
img.revcontent.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397113140853463664.jpeg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b7d8fea172fea340ab9efb722199f76f44f5fa0738d14e0434c00c1d6c3642af

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 17:35:15 GMT
ETag
"1539711315"
X-HW
1540420021.dop032.fr8.shc,1540420021.dop032.fr8.t,1540420021.cds040.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
39745
/
img.revcontent.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15397107720772568619.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f2878d8f4616a95624e59a9c0a5d80e61171b95f1dbf01f8ecda2e3a091d39b6

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Last-Modified
Tue, 16 Oct 2018 17:26:13 GMT
ETag
"1539710773"
X-HW
1540420021.dop009.fr8.shc,1540420021.dop009.fr8.t,1540420021.cds015.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
31872
/
brzadrs8n9.s.ad6media.fr/ 		37 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brzadrs8n9.s.ad6media.fr/?d=1540420021925&r=
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1451068768e51657d9d30d10abbe9b99250c17dc2fd8318935b6e3b8feaba5c1

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:02 GMT
Server
nginx
Content-Type
application/javascript
Transfer-Encoding
chunked
P3P
policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Origin
https://1fichier.com

Response headers

date
Tue, 02 Oct 2018 06:22:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1958672
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Origin
https://1fichier.com

Response headers

date
Tue, 02 Oct 2018 06:22:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
1958671
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10764
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:30 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9=
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.94.240 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-94-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=20310460&c3=12345&ns__t=1540420021942&ns_c=UTF-8&cv=3.1&c8=1fichier.com%3A%20Cloud%20Storage&c7=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk&c9=
Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:01 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p1.0-SNAPSHOT.144%2C858.do
www.ps7894.com/ 		570 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ps7894.com/p1.0-SNAPSHOT.144%2C858.do?a=true&e=click&ab=false
Requested by
Host: www.ps7894.com
URL: https://www.ps7894.com/InterYield/bindevent.do?e=click&affiliate=dstorage&subid=dstorage&maxAdCountsPerInterval=0&ae=true&aecount=3&aedelay1=1&aedelay2=5&aedelay3=10&aesnooze=0&aeplus=true&snoozeMinutes=1&adCountIntervalHours=24&pop=under&attributionDisabled=true&endpoint=https%3A%2F%2Fwww.ps7894.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.107.161.102 , United States, ASN33313 (WILCON - Wilcon, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
18c28d31b9a7e77b5b7f1a7e54c7c6df0a728f49c0ba3045574418d21107298c

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:27:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Oct 2018 10:41:14 GMT
Server
Apache-Coyote/1.1
ETag
W/"583938-1540377674000"
Vary
Accept-Encoding
Content-Language
en-US
Transfer-Encoding
chunked
Accept-Ranges
bytes
Content-Type
application/javascript;charset=UTF-8
rules-p-aD1qr93XuF6aC.js
rules.quantcount.com/ 		3 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-aD1qr93XuF6aC.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Aug 2017 20:51:13 GMT
via
1.1 2fe707f3cc1dc569687bcdf81697e284.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:46:24 GMT
server
AmazonS3
age
64376
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3
x-amz-cf-id
K4oAjZEQP9NZLo9ysb5HFfNSr2EYuP9rhEYKSdygtIcmkBO2ANzDow==
page.php
trends.revcontent.com/ 		43 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/page.php?callback=jQuery110209514525520473878_1540420021983&i=21c1eb97b94e0379f031d6c645f284ccd546c998b21fd2534b0739b9963d8531&p=fe9cd89538d6a9e9ab58ed9ad636dd9b0188ca8de1185590bcd6fabbdabb92fd&_=1540420021984
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8864aa6f4be02d125d9d817b46ef204802098791282af4de0e3db410f7f6f425

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 24 Oct 2018 22:27:02 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
access-control-allow-origin
https://1fichier.com
content-type
application/javascript
seg.php
trends.revcontent.com/ 		60 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/seg.php?callback=jQuery110209514525520473878_1540420021985&widgets=17538%7C68701&creatives=&_=1540420021986
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
ab2390f699e3cf9867fd7bed06ae63b87ff220019472c8df2278e8ec70241dd2

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
status
200
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://1fichier.com
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		10 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Raleway:400,500,700
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
29b01a4881d577c4429c60ed6403ef1fe8f8a1e6ffcbc1336670497970b53b52
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 24 Oct 2018 22:27:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 24 Oct 2018 22:27:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 24 Oct 2018 22:27:02 GMT
view.php
trends.revcontent.com/ 		0
155 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/view.php?callback=jQuery110209514525520473878_1540420021987&view=i8%252B%252BIIcEMxutxd2b0Wn78BbX1M0QXHkndLTm0Ampl9iMo3UXw9lYXrf9rRRNr5zECT29k1yP%252BT84bgVquCf0mRVAlaS8pGISL3ObEx%252FqYu%252BPyfAH85GjPuQsB7eHg3OG72sLlBPBOvuWLXaOkyt5u%252BVZ0TerVvwrhdYzYJiZ%252BvL768WyxRBF65Jgzhsjw%252BADMwag4Kjbb900aEKAJD9MI3J%252FZjxZtD7xSSZEQEvZf3byVhR2%252BxH2Nb4ynmim5WVWfKSWscaby6kwJdTTHNxtsCHTSzoofHjPQjHw8H%252BuQkowNEjbgKrZLSuT%252FqWp2GkPsKj2dQhz4ityMCbWGxukxolJmN1UFWHjAWY5vvQRPSfbaeENxhfLYOdt2gMVa1XIcC%252Bi2OZTpMSgLWZYB6K%252BdnNGCd3%252BeDoq1%252FfCKfRV32GnUNsjX60dPHV6rqkbsBDTlLWZJFNjpZVq0rQnZoUw0c%252BA%252BdfombcMQdHwSDwnDRIyyxrn76VI%252F9BimCaTq4oP%252B2uhxkR9D%252BLoj5HrBbbK9GMpfgAVDU1Lavv9PDjBRqbmwRUlO%252BmY8sPM9rJf2V2eug%252FP9rI%252BioNcuSQjsYqQBwAB3Yi4ttR45LaTLhkUJ%252Fqf35qGmWG%252FiFAjKNY2ff%252Fjya%252BOSD4T3GmE%252FGRtrWoJLoZimli9a3hdFaE2UiM%252BUEn2FpoUihleCiSSNhBiiUjtIlopHdpFOw02c9QKQjLYKl766o4QFSk78oVuENK1x3L7P1jc1KUK6eO3TQFIvykL3jICX9U6o9Yz48IOEgrg6WXAbJ8fIqeRUDpz5yVmEpjWyyqFdOFwRY8j801pn5ylRiwYR6kXBoLGh3s2IU3eXwpVZmaVekgnCx3gOYJKLY0JBfLkIY2zdLkDIVxHbY%252F8QqBQa6wugOe6eoCl7z1Jj9pOVreV4Ib6L4TdCOFuzBh9Y6lu2U38MW5OPRYuwSY%252F2yIN5uSPfVvCGvYdf%252BbZZd3ok4Hqt6CiMiPTU%252BFeNQ44t6uz%252FSoG%252FHItChFUBvOXofQoOxvYnceSCHyH3OXDcqT1M%252FflTkFeyWQmN2rZjDnxaaaHi5SSJ09vHyQwKowXcilwnzBeKMhKB5IMN4aU4w87yA7ZDU%252FtJ74W8McyPD2ooWvm0xBW3sZFpzfYwbJtwIQK4Ce1uIC7FRFufCESW60Eb475gqdeFDWbewg4QPWTy9aI%252FKdWja5xP58wb9eObMUUzMGGsLvbQrr%252Fh6mton9ZJCzxEsvzicM6lG5kriXQXM2CR3ommvgd5Mcw9bnND4zP5Y952C8lELxGl5u22FGgue7UMlGeGwL%252B7gnHryiOBbE2IShfGgmUf5XNpGg6L7ehf8TqYZmpxBMhb6eokNrGbG2AjI28f0U0leppmd71FRB3Q5wuUS7bvrKIFG3gnXsPofRNJnvvoTDXAvYgEKp5vdR2KLeD0%252BM3I5fjwd5g9JvkQAUvD3fbPshXJOB9RYKbGysiZmK5MR4Qp5f6%252Fc8AZ4b%252F8ogGwgy%252BknIcyW%252FD8OMv%252FemyR38u51wdo4Zwk0yu%252Blem%252F%252FKgZD%252F9tKuA6Ni7UNG6c7wzWfjNBcqz46qm97gmCVUJ5%252BHGyouUURJwuhsFwQMROHRizv2Hu0CAmyjDGrL7%252B3wD8fFNrb2bnYUXBNTvw89W3arZbJAaxOnQnEAX0tlhHykFBPIE4HQZRE6Amqd3EH29ojlrYrqcmgawFJt6Nm7w9gJej5Wii%252BKLTvifokQQwBUf4iOX8babx5pIJSXX8rPSmZeTIU7iSsJk5jHB8y%252FqHT9%252FWkgx3Ls5KFmOzuBdaaWhmd5y7oVWQfi2qIfMo9RPpx1T7qxtTLtqy7TB64vgtJ3rTCoYYGD%252FDo3nVornhOrFjSU9ZTiEJF9QxnCPHGLHD%252FhnOYOi1LAyKCJN%252BRu8waAdBLKL3zrmbWggvwFEcu1og6rxVPZIxk%252F2rhVHFqJuQ49rDEI0PH0Tejrg%252BSh5FaCvF0iubMlQ%252BwVxfdsHAcelSdxLSFf9SGBooFbDNxFAjIacselys5s%253D&p%5B%5D=0&p%5B%5D=1&p%5B%5D=2&_=1540420021988
Requested by
Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=49686d983f2cd70fdc92f00ba8f26a3174d8a6ee&del=//trends.revcontent.com/&lg=//cdn.revcontent.com/assets/img/rc-logo.png&ci=//cdn.revcontent.com/assets/img/icon-close.png&ab=//trends.revcontent.com/rc-about.php&ldr=//cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=//trends.revcontent.com/rc-interests.php&env=p0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-249-155.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 24 Oct 2018 22:27:02 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
access-control-allow-origin
https://1fichier.com
content-length
0
content-type
text/html; charset=UTF-8
pixel;r=231721876;labels=Publishers.Publisher-68701%2CWidgets.Widget-98107;rf=0;a=p-aD1qr93XuF6aC;url=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk;fpan=1;fpa=P0-657615011-1540420022045;ns=0...
pixel.quantserve.com/ 		35 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=231721876;labels=Publishers.Publisher-68701%2CWidgets.Widget-98107;rf=0;a=p-aD1qr93XuF6aC;url=https%3A%2F%2F1fichier.com%2F%3F8o94thhtxltg2mirnuxk;fpan=1;fpa=P0-657615011-1540420022045;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1540420022045;tzo=0;ogl=
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.223.59 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-177-223-59.eu-west-2.compute.amazonaws.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:02 GMT
Server
QS
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
p.gif
pixel.run-syndicate.com/api/v1/p/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.run-syndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQBA4bMmDMoEijBYwaZsK0oEEmTJkWBM2QaVGDhpgxZHDcsPExBwwRCsPUGePQBo0ZZWqEgSGjRUobIE_GGNNCzIyVLXCsZKlxDA6PYmIOJGPnIA4aORTCqSNVB44YCQfCgXMw4gyFc-AYRAhjpcIxbcrqkLEShkwyZg6KFePGzd4cN25oFVFHDhvANnIQriPDIRo6dODM0fHiBZ03a-UQXFNGTk8XadyYefPihxk2dfB8MUNnTo80cd6MwUMHz-y1eNiMGcNGz5gycXinYTMbT5o0b-iEOR4mjJ4aN3CIqcGlDoyeNnqnGbPmSxoyPSBKpDjDIkaNHD2CFEnSJEqVLF3CsI5dhvYwcsOkOePme_i6bqDvuuzGCIOOMs54Q448_uuhvuzCIEMt5RyMwa0bILxvDDnKODANO8qwMLDBNLShszzuWHDCHkq4QYgVUFRRjglXcJEIEzs0w7MO5egBMsnmKGGGIEqQwQgjjYjBDO7QSMMzF8Z4o40khzQChzdyoIEONCDTjSEZ2khDDjdUW8PEOdJA8As03piDjh6WbPJJOaKcEk01RQSvh7NMNFAOOejsYSoypnRIzjGchFLKNqYykK0tYOhiKzlq0gEGF7DDjga44GjjCzgqPQjTiXKQQSE57JjrVBHKGMPTUTPltLA60nAopRvCEAOrGVowQwznOIpB1xZywKEGG4yiwcCsZniqBqSmmqOMORwKY0mcYBCsJBug4giGMnIo9liSNLLBDBlkEIMGM3aCSaE05hJBBp5i0IFdHOjqSYcwcrj0XxjomqqOMBxq4g09iGMjjBdqyBQEFJogSDTM5kBjBxCScANBNkCQeAwQnpgCBCxAuPCLGGb4ooYUQAiCLDbKuKIMMZZQs-EZbnBhBhsgXgIJKppgggUQ2EijMxCOcHWNN1oeAg05pizjBRt0xpSiHGxwYSUQpghDo0Bx1plnRy0VgYgiptrNIRVUIDTqvRRy8yC0RNDxscgmq-wFRBWtk1HTsNSSSy_ZAFNMMs2UNlWHol4OMzkINRsJLaaio1GETIKBBol6iqEPBQIC&r=1&s=9591b1cd76953886b5fc81e3fcef2325f4088350cf14151547091ac95e2d6aa21540420021&w=t
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
46efde52ee61bf07-FRA
content-length
35
expires
Thu, 25 Oct 2018 02:27:02 GMT
p.gif
pixel.run-syndicate.com/api/v1/p/ 		35 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.run-syndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQRA4cZWiYGSPDRosyMsLkaEHjBo0ZLXCEkVGjhQ0cY2zIiHEjRxkYZWyIUBimzhiHNkCWqREGhowWY8jYKNNRTIwxLcTMwHFDZNMbNswQxEEmjBiaA8nYOShjhgyFcOpg1YEjRsKBcOAcXDlD4Rw4BhHCaKpwTJu1OmTgmGGjJhkzB9GKceNGcI4aN2oorCOHzWGPORjLcIiGDh04c3S8eEHnTVw5BNeUkfPTRRo3Zt68-GGGTR08X8zQmdMjTRw9BeOkgRNnDO4wbOLg1lPG95g0bN6MwZMmzRs6YZqHCaOHRhkcMshwqQPjp40xbNKMWfMlDZkeECVStIhRI0ePIEWSNIlSJUuXMGVy925xTBi8wkjjDDfMQ2-vvvj77j86yjjjDTnyMLAHBS0Kgwy4oJswBrpuqBA8OcoIg4407ChjQ8QU-3C0PO6AEMMeSrhBiBVYdFEODFeQkYgPQzSDtBDl6MEyzOYoYYYgSpDBCCWNiMGM8dBIgzQXxnijjSaPNAKHN3KggQ40LMODDYZkaCMNOdyAbY0P50ijwS_QeGMOOnp4Msop5ajyyjbfPPG8Htr68D855Mizh6zgaKMrhci40qE7x5CSSisXtWvEg7aAoYuw5MBJB7dEGEPRL-Dw9CAYXIAhBhlosOEGheSwIy-wRChj1EV1SHVVGW5gibE60nBIqBuuwkE-M8SgrqMYrmoBohouEoOG_2jIYYYxcKiBqazmKGMOh8J4EiQYbnAq2qo6iokjaMloYSqpZJBhWjN6giEr3hzSaFUdJsJBr5902EhXgmHQK6s6wnCoiTf0SI6NMF6oQVUQUGiCINQ8mwONHUBIwo0G2QDh4jFAeGIKELAAgcMvYpjhixpSACEItdgo44oyxFjiTYlnuMGFvipeAgkqmmCCBRDEGw2EI25d4w2Zh0BDjivLeOFVVYGeIQcbXGgKhCnCmMrQnn_uK6sxPhWBiCKyYkNtFVTIigyqBVNozoNC9bGyyzLb7IVIJ9WzUta49BJMMck8w0w01cRjjW5ldYjq6DyTY261kdAiKzpyjaEGGmCgQYb-YuhDgYAA&r=1&s=55d46e86fa3fe5e15881f3149d89a4b0d4f849fbb610eccc227cac2731af9f901540420021&w=t
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
46efde52ee5ebf07-FRA
content-length
35
expires
Thu, 25 Oct 2018 02:27:02 GMT
p.gif
pixel.run-syndicate.com/api/v1/p/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.run-syndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQBBkaM2qMsVEjTIswMHDcaEHDzMYWYsiMKdNi5BgYMHLYkFFDJQ0RCsPUGePQRsQyFmHIaDGGjI2SNMTEGBNyBkgcG2_YMEMQB5kwYmIOJGPnoIwZMhTCqSNVB44YCQfCgXOQ5QyFc-AYRKjxhsIxbcrqkBGWhkwyZg6KFePGzV4aGnMorCOHzd6jN8TWkeEQDR06cOboePHizmUXZ97QkUNwTQwXZea8-GGGTR08X8zQmdMDD5wxcejgYcPmzZgwdMLEecMmDp4yccaMSWN7DJ40aTaHQR4mjJ4cWMWY4VInpQwbY9ikGbPmSxoyPSBKpGgRo9uOHzmKJGlyeMqVLV9Wv549jNwwac64-R6-bgwa6NvJPjrK0EyOPPrrQUDswiBDrc0UjMEtBrOTo4zc0rCjDAkDwyGHCtcoI4873pDjwR5KuEGIFUQk0cQHV1CRiAovNKMMOS6Uo4fHIpujhBmCKEEGI4Y0IgYzuEMjDRxdGOONNowE0ggc3siBBjrQeIw2hmRoIw053EBtjQrnSKPAL9B4Yw46ekBSSSblcBLKMs_kELwezqoQtxzj7GEqONq4SiEyoHTozTGWbPJJQeHK7aAtYOhiKzlq0kEiuAL9Ao5KD4LBBRhiwIGGuhSSw465tBKhjDEC9RRUUW_I4S0R6qgjDYd8uiGqUWdowQwxnOsohqhayAGHGmwIiQbcaMhhhjGQPWqqOURzKAwkI4LhBo6SfaojGMrIwVhkyfg1DKZkkEEMj3SaKo25RJAhoxh08AgHunbSIYwcdIDBX4AbIywMh5p4Q4_i2AjjhRpABQGFJghKww061kRjBxCSoLgMNkCIeAwQnpgCBCxAmPCLGGb4ooYUQAiCLDbKuKIMMZY4k-EZbnBhBhseXgIJKppgggUQthMRhCNYXeONlodAQw4oy3jBBp0_nWGGlVzYCIQpwmhKjjRw1pnnqYZziIgipmLDUhFUUGEqMqDeS6E1D0JLBBsdg0wyyl5AVFE5GSWtyiuz3JKNLr8Mc0xqT3UIat0qlgNutpHQYio6BEWohsBIvS6GPhQICA%3D%3D&r=1&s=c61058cf7f30e1917119b7a68f54c9dbaea83b21cf6c2bd7e0661d3fe888c6c71540420021&w=t
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
46efde52ee5fbf07-FRA
content-length
35
expires
Thu, 25 Oct 2018 02:27:02 GMT
p.gif
pixel.run-syndicate.com/api/v1/p/ 		35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.run-syndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQBI0xZsrEGCPmRgszNWDMaEGjRhkbLXCIkREShpgxNsRMLEMGR5gcIhSGqTPGoQ0aM8rUCANDRosxZGyU6SiGYgsxM3BcxLH0hg0zBHGQCSNG5kAydg7KmCFDIZw6VnXgiJFwIBw4B21wVTgHjkGEMJYqHNMmrQ4ZNzbOJGPmoFkxbtz8xWEDp8I6ctgQrlFjBmIZDtHQoQNnjo4XL-i8eSuH4Joycny6SOPGzJsXP8ywqYPnixk6c3qkoaOHNuU0cAqiDaMnzOYyccaMScPmzRg8adK8oRMmeZjeY8LUyEGGSx0YPm2MYZNmzJovacj0gCiRokWMGjl6BCmSpEmUKlm6hHk9e0npdsOkOeMm_Pi8NrJPO-noKOOMN-TI478eBiwpDDLcYo7BGOS6wcHt5CjjtzTsKIPCwnDCELQ87kgwwh5KuEGIFUg0UY4IV1CRCAw1lEgODeXoYbLK5ihhhiBKkMEIIY2IwQzv0EgjNBfGeKONIn80Aoc3cqCBDjQmw4MNhmRoIw053GhtDQznoO1DNN6Yg44ejkxySTmafLLMMxlcawYMpcMRzh6ugqONrRQi40mH3BxDSSadBJSu3w7aAoYuvpLDJh1gcCG7Guj68ws4Jj3IUhhikIE6s-Sw4y6vRChjjD8_vVRUHGjAAbE60nAoqBuqipUjM8SArqMYqmohBxxqCEkMiMKgIYcZxihWqavmKGMOh8I4MicYbrjI2Kk6gqGMHIYtlgyMwoBKBhmQzainq3JzSIaeYtCBBjNwwMsnHWCqdF8Y8LqqjjAcauIN29hgI4wXargUBBSaIKi0zeZAYwcQknDDQDZAcHgMEJ6YAgQsQKjwixhm-KKGFEAIAi02yriiDDGWoC3hGW5wYQYbGF4CCSqaYIIFELoDDYQjVl3jjZSHQEOOJ8t4wQabLZ1hhhxscGEpEKYIIyo50qDZZpyvGs4hIoq4ig1KRVBBhavIYPovhdQ86DERbJSMMsswe8FQRONUNDUqrcRSSy7P8BJMMfFYI1pTHWK6uc3kaDttJLS4ig5AEaqBBhhokOG-GPpQICA%3D&r=1&s=19ae573ce0d1be87e073b36139fd09552746875468e67c76ab6732b2f79ad6cb1540420021&w=t
Requested by
Host: 1fichier.com
URL: https://1fichier.com/?8o94thhtxltg2mirnuxk
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6811:22cd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
46efde52ee60bf07-FRA
content-length
35
expires
Thu, 25 Oct 2018 02:27:02 GMT
rhpop_61.2-1.js
p289046.mycdn.co/script/ 		154 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p289046.mycdn.co/script/rhpop_61.2-1.js
Requested by
Host: mybestmv.com
URL: https://mybestmv.com/adServe/banners?tid=IF1FICHIER_POP_HY&tagid=2&pop_dl=false&hybridPop=true
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
301c0ef22eef185e465005c929ef9f1e0b49e563b8ddddffeec498674f8376f3

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:27:02 GMT
content-encoding
gzip
last-modified
Wed, 05 Sep 2018 14:42:30 GMT
server
NetDNA-cache/2.2
etag
W/"5b8feb56-266d2"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Sat, 19 Oct 2019 22:27:02 GMT
en.png
img.1fichier.com/flags/ 		599 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/flags/en.png
Requested by
Host: img.1fichier.com
URL: https://img.1fichier.com/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
Cookie
__qca=P0-657615011-1540420022045
Connection
keep-alive
Cache-Control
no-cache
Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:04 GMT
Last-Modified
Mon, 23 Aug 2010 00:21:09 GMT
Server
DStorage
ETag
"4c71bef5-257"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
599
Expires
Mon, 30 Aug 2010 00:21:09 GMT
ui-icons_ef8c08_256x240.png
img.1fichier.com/ui/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1fichier.com/ui/ui-icons_ef8c08_256x240.png
Requested by
Host: img.1fichier.com
URL: https://img.1fichier.com/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software
DStorage /
Resource Hash
554c2727b8ce2534941b079597425be134dd257437f76cb04cddc3cbd7227fb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img.1fichier.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://img.1fichier.com/css/jquery.ui.css
Cookie
__qca=P0-657615011-1540420022045
Connection
keep-alive
Cache-Control
no-cache
Referer
https://img.1fichier.com/css/jquery.ui.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 24 Oct 2018 22:27:04 GMT
Last-Modified
Wed, 18 Apr 2018 00:49:02 GMT
Server
DStorage
ETag
"5ad695fe-11c5"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
no-cache public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4549
Expires
Wed, 25 Apr 2018 00:49:02 GMT
pwii1mw6T8vude6jNhaeJuRUWaqE8SGVvtigme5TerMDlzSFqgH.do
www.ps7894.com/ 		160 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ps7894.com/pwii1mw6T8vude6jNhaeJuRUWaqE8SGVvtigme5TerMDlzSFqgH.do?callback=AA3jEjZM.getSnoozing&affiliate=dstorage&subid=dstorage&adCountIntervalHours=24&maxAdCountsPerInterval=0&protocol=https&fulldomain=1fichier.com&domain=1fichier.com&documentdomain=1fichier.com&title=1fichier.com%20Cloud%20Storage&fullcleantitle=1fichier.com%20Cloud%20Storage&secUntilMidnight=5578&metakeywords=&pop=under&check=true&attributionDisabled=true&adultdisabled=undefined&iyd=true&ref=
Requested by
Host: www.ps7894.com
URL: https://www.ps7894.com/p1.0-SNAPSHOT.144%2C858.do?a=true&e=click&ab=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.107.161.102 , United States, ASN33313 (WILCON - Wilcon, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8a77e802f0b3590a8f48368047eaa5375d5c7941a136bec590e2f6bc7a0fc4d9

Request headers

Referer
https://1fichier.com/?8o94thhtxltg2mirnuxk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Oct 2018 22:27:02 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Vary
Accept-Encoding
P3P
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
Cache-Control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $jscomp function| $ function| jQuery function| getCookie function| NativeAd undefined| callbackb7tm8 object| revDiv object| cs object| rc_criteo function| callCriteo_rc_743 function| callRev_rc_743 function| revMap object| criteo_pubtag object| Criteo object| rc_head object| rc_body object| rc2css object| rc2js undefined| rc2js_beacon_5bd0f1b5d11b6 object| rc2js_beacon_5bd0f1b5d1379 object| rc2js_beacon_5bd0f1b5d14e2 object| quant_push_tag object| rcel object| rcds object| beaconNoScript object| rc_segmented_creatives object| rc_segmented_widgets object| rc_loaded_widgets undefined| rc_chosen_interests number| rc_loader_limit number| rc_loader_runs object| beacon object| rcsc object| RevContentLoader string| rc_p_uuid number| provider string| do_branding object| _comscore object| _qevents boolean| incognito function| InterYieldNativeAddEventListener function| InterYieldNativeWindowOpen object| InterYieldOptions function| udm_ object| ns_p object| COMSCORE object| Base64 function| rcjq boolean| scrolled boolean| swiped boolean| resized boolean| rc_segments_sent function| Hammer function| quantserve function| __qc object| ezt object| _qoptions undefined| jQuery110209514525520473878_1540420021983 object| jQuery110209514525520473878 undefined| jQuery110209514525520473878_1540420021985 undefined| jQuery110209514525520473878_1540420021987 number| ad6sinpb object| _rhat3 string| _p function| Kmh9332Td180 function| _bp number| cookie_start function| x6mm object| _0x8ec3 function| _0x38ec object| viewportSize object| AA3jEjZM

3 Cookies

Domain/Path Name / Value
1fichier.com/ Name: check
Value: true
1fichier.com/ Name: rhid_c
Value: 0
.1fichier.com/ Name: __qca
Value: P0-657615011-1540420022045

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.ps7894.com/p1.0-SNAPSHOT.144%2C858.do?a=true&e=click&ab=false(Line 1)
Message:
InterYield clickbind 1.0-SNAPSHOT.144,858 2018-10-24T17:40:53Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fichier.com
b1sync.zemanta.com
bidder.criteo.com
brzadrs8n9.s.ad6media.fr
cdn.revcontent.com
cdn.run-syndicate.com
cm.revcontent.com
fonts.googleapis.com
fonts.gstatic.com
g.cwkuki.com
ib.adnxs.com
img.1fichier.com
img.revcontent.com
mybestmv.com
p289046.clksite.com
p289046.mycdn.co
pixel.quantserve.com
pixel.run-syndicate.com
rules.quantcount.com
run-syndicate.com
sb.scorecardresearch.com
secure.quantserve.com
static.criteo.net
sync.upravel.com
trends.revcontent.com
www.ps7894.com
x.bidswitch.net
108.168.193.189
148.251.129.43
173.192.101.24
178.250.0.93
178.250.2.130
18.153.11.3
18.185.209.124
185.33.223.209
2.16.94.240
205.185.216.42
207.244.108.217
2400:cb00:2048:1::6811:22cd
2600:9000:20bb:2800:6:44e3:f8c0:93a1
2a00:1450:4001:819::2003
2a00:1450:4001:819::200a
2a00:fb40:a:1::140
2a00:fb40:a:1::141
35.177.223.59
35.201.83.118
38.107.161.102
54.154.249.155
87.98.153.73
94.31.29.128
0079abdf4947d85299202dcf14bdd2e5141dd085653daeb8434d75d2275d6de3
06bc4147b43229995495155ddb04f91a12448d986867b4e5513d2c81b157df9f
1451068768e51657d9d30d10abbe9b99250c17dc2fd8318935b6e3b8feaba5c1
18c28d31b9a7e77b5b7f1a7e54c7c6df0a728f49c0ba3045574418d21107298c
190da8512f16b3afda76f2f40abb699cba6d61b0fa8d2e88e7ec9ea69c66e738
1bb33da015e40392c387bdb088b426bd437fa0d25195c56d73e722f1a4a45c92
1bc44294b20b803c5567713b1c8f9569d30371360321a2e88600c66030885f39
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1f2ba3b279aa70eed0373d18327f75b7c72b456403321b0bc23f7c6431a03ee1
20ca22ef73463c41a2b8b641913582d516a555ed94e6830fbfc5c5065abc8534
25465a40f0ffc964a613f9d34fda11fa6a5b343a933b1218fb16437e5ba0efb2
29b01a4881d577c4429c60ed6403ef1fe8f8a1e6ffcbc1336670497970b53b52
29e99a10f4fcf453b23fb1d2e6606f1900aa0723faa8466161fc3ee2356b74cd
301c0ef22eef185e465005c929ef9f1e0b49e563b8ddddffeec498674f8376f3
3c106f82eecab7b4cdfb3d8f47ee29e0b093012b5029f80dbca422f7855dba55
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
40f007bd73adc81d164fb48f845516055fb92d5446619aed950e3553d0bafc7f
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4f51f6124ad1c9acf95a5b73158e502dab76341c77dbdbb81c50727435c5e5b0
554c2727b8ce2534941b079597425be134dd257437f76cb04cddc3cbd7227fb3
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7
70dc65383f26c00ab95e5d376ef78263bc7e1a85a9f7168771cd17518604c668
71cc73e07c93286f879de363886843eef3ca93ad9b54f6e616ea82622b793316
781e4e706b0bee9f6b610f188790d58fde83fa4b8eae9f2646365d6e5bd4846d
7daa2dd2bacf6b8a3eb4016f254f730bdb8315f5b86de253bdedfc3fb6e68678
802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b
8360491766c74c438319ded282408c8a4e7f915ff2574830ed37e3827bcf0010
84c92e1a750bc168f340c0a52083d84617b66ac39354657be73bdb65f687ec2e
8864aa6f4be02d125d9d817b46ef204802098791282af4de0e3db410f7f6f425
8a77e802f0b3590a8f48368047eaa5375d5c7941a136bec590e2f6bc7a0fc4d9
90cef8c612ea1919c6e7fe72a1e8be855bc340327dd542e8d2b60c1d2e0d51f6
9235f1cfb61fbc6b7ceb801d1296ff5ac06df37310af266101481143c53e045b
9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a688567d002e5783f919a69c717dd5b4b62ad30e0c503b23e439df4f4f05fac1
ab2390f699e3cf9867fd7bed06ae63b87ff220019472c8df2278e8ec70241dd2
b7d8fea172fea340ab9efb722199f76f44f5fa0738d14e0434c00c1d6c3642af
b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b
bdcc716a6dafc52fdb8ef9d3dc5a097e1fd782a60f575ae3ac61271d728ff9d9
c3f0e0acd3d6ff59441b2110e7bdb1027f66a451119e069506eb0b5402288e3a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd2b32b8a34775459203f4a080a0d36cae974dd960bc8c8948870e0706e014cf
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d3cabd1ffd1367c891db8e0fcc3f603ba802181919fc9ba4a1f20c6d761d65c7
da1964dd650ffa47c719b41fa7a417d7618c49d8d377689c4e3a07a3f390eebc
e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dd4912990c753c9a6c91a0b0684084f68e3f5f622ba054d0a5ffff44ff81e3
f08188890b03fd5c0cd7213f54ad2f2162af9e8f44b5bcc37dd6205ec453a20a
f2878d8f4616a95624e59a9c0a5d80e61171b95f1dbf01f8ecda2e3a091d39b6
fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f