a-35.1fichier.com Open in urlscan Pro
2a00:fb40:a:1::35  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request c784293613 Show response a-35.1fichier.com/	9 KB 10 KB	497ms 15ms	Document text/html	2a00:fb40:a:1::35 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://a-35.1fichier.com/c784293613 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::35 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software [Jun 14 2019 14:32:52] / Resource Hash 0c645dd01b7fceeecf6be5a13c7251ec31d9c0c27dcfab610878574aac8050a7 Request headers Host a-35.1fichier.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 26 Jul 2021 21:42:47 GMT Server [Jun 14 2019 14:32:52] Cache-Control no-cache, no-store, must-revalidate Content-Type text/html; charset=utf-8 Last-Modified Sat, 04 Jan 2020 05:45:11 GMT ETag "200001ab-25a9-5e102667" Connection close Accept-Ranges bytes Content-Length 9641
GET H2	200	style.css img.1fichier.com/css/	10 KB 3 KB	44ms 11ms	Stylesheet text/css	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/css/style.css Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 6fb98a84dcad15b023db035df0fff70ab256cb9dbdb39836da0f6bb31790d749 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT content-encoding gzip last-modified Sun, 24 Feb 2019 17:19:44 GMT server nginx etag "5c72d230-a28" vary Accept-Encoding, Accept-Encoding content-type text/css cache-control public content-length 2600
GET H2	200	jquery.ui.css img.1fichier.com/css/	27 KB 5 KB	46ms 13ms	Stylesheet text/css	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/css/jquery.ui.css Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 12:14:31 GMT server nginx etag "601be527-149b" vary Accept-Encoding, Accept-Encoding content-type text/css cache-control public content-length 5275
GET H2	200	jquery.js Show response img.1fichier.com/js/	253 KB 74 KB	57ms 24ms	Script application/x-javascript	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Full URL https://img.1fichier.com/js/jquery.js Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT content-encoding gzip last-modified Fri, 20 Jul 2018 09:43:03 GMT server nginx etag "5b51aea7-127e0" vary Accept-Encoding, Accept-Encoding content-type application/x-javascript cache-control public content-length 75744
GET H2	200	logo.png img.1fichier.com/	17 KB 17 KB	28ms 28ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/logo.png Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT last-modified Tue, 01 Jul 2014 07:44:08 GMT server nginx etag "53b266c8-43dc" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 17372
GET H2	200	twitter.png img.1fichier.com/	1 KB 1 KB	11ms 11ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/twitter.png Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT last-modified Tue, 15 Dec 2015 17:02:38 GMT server nginx etag "567047ae-4a0" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 1184
GET H2	200	facebook.png img.1fichier.com/	1 KB 1 KB	11ms 11ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/facebook.png Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT last-modified Tue, 15 Dec 2015 17:02:15 GMT server nginx etag "56704797-4f9" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 1273
GET H2	200	logo-footer.png img.1fichier.com/	8 KB 8 KB	12ms 11ms	Image image/png	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/logo-footer.png Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash 9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT last-modified Tue, 01 Jul 2014 07:45:16 GMT server nginx etag "53b2670c-202c" vary Accept-Encoding content-type image/png cache-control public accept-ranges bytes content-length 8236
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	136 KB 49 KB	40ms 21ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2dbaa96bdfdb55aa92d43c96f43c7b6e04c611d824da835a849336afef40e5ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49193 x-xss-protection 0 server cafe etag 11465010256990588748 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 26 Jul 2021 21:42:47 GMT
GET H2	200	background-002.jpg img.1fichier.com/	30 KB 31 KB	12ms 12ms	Image image/jpeg	2a00:fb40:a:1::141 DSTORAGE
General Check archive.org Show headers Download Go to Show image Full URL https://img.1fichier.com/background-002.jpg Requested by Host: img.1fichier.com URL: https://img.1fichier.com/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR), Reverse DNS Software nginx / Resource Hash fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f Request headers Referer https://img.1fichier.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Mon, 26 Jul 2021 21:42:50 GMT last-modified Wed, 02 Jul 2014 09:48:55 GMT server nginx etag "53b3d587-798f" vary Accept-Encoding content-type image/jpeg cache-control public accept-ranges bytes content-length 31119
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame E076	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210720/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a-35.1fichier.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a-35.1fichier.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 26 Jul 2021 01:46:23 GMT expires Mon, 09 Aug 2021 01:46:23 GMT content-type text/html; charset=UTF-8 etag 4389807852502320046 x-content-type-options nosniff content-encoding gzip server cafe content-length 4579 x-xss-protection 0 age 71784 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	native_render.js Show response superonclick.com/script/	4 KB 2 KB	46ms 23ms	Script application/javascript	2606:4700:3037::ac43:bd78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_render.js Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ== date Mon, 26 Jul 2021 21:42:47 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3111 x-guploader-uploadid ABg5-Ux3ugDbjZHv9rpPo7PWt7S1qud12-Vw4b8rTYh-k2UMds-oGdb-EGzLhtVd-VxsPwU_T52pajAPwTcwsdI7qDL8U18q4g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:50 GMT server cloudflare etag W/"8b801d68c6f63f9ef8a9a7aa484b9c75" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIPFkK6spjdmOpimnzSqps%2BqfCqBDgXIBgEazXjUIiTqWyPgNkOTTEfynLQH7Rv0ighpQDC70%2FKBBrCFVlWDOCKfJTVjLPZRCfkbiqWlEeAssmvJcjSsxlt%2BJ043OQLUDC4o6XR5ayZfEBs4jYya"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052950916101 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 4285 cf-ray 6750ccc2cfac42f1-FRA expires Mon, 26 Jul 2021 21:44:04 GMT
GET H2	200	native_server.js Show response superonclick.com/script/	9 KB 4 KB	44ms 22ms	Script application/javascript	2606:4700:3037::ac43:bd78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/native_server.js Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw== date Mon, 26 Jul 2021 21:42:47 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3111 x-guploader-uploadid ABg5-UztHarEA9WAL61ya9rea4JSaKO43c4uJRU5ju3QmZnd8lU0dTs1xERvBaCgxHtc9Mw1kzkD_hnNAYAJCEBbKOXI6RQA2w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 13 Feb 2019 10:15:52 GMT server cloudflare etag W/"51d87e9ebd831fccab6a016079a60793" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEMy4veUzS5llzqxmu3yJLkrt1R%2BZZJn5e89T3%2FfsL%2B76aN67Br12r%2BvkcQCrs45F9RJMYvUyNFKosGuHHbdR0l0ISh%2BfBLrLXGs4vmvchxVHhT956jx0vUKMzsjU3Ki0jP5Ys6P7FV%2FcWS%2Ban6W"}],"group":"cf-nel","max_age":604800} x-goog-generation 1550052952705094 access-control-allow-origin * content-type application/javascript cache-control public, max-age=14400 x-goog-stored-content-length 9260 cf-ray 6750ccc2cfb042f1-FRA expires Mon, 26 Jul 2021 20:58:46 GMT
GET H2	200	identify.html Show response ufpcdn.com/script/ Frame DCDA	2 KB 2 KB	171ms 148ms	Document text/html	2606:4700:3037::ac43:8e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: superonclick.com URL: https://superonclick.com/script/native_server.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a Request headers :method GET :authority ufpcdn.com :scheme https :path /script/identify.html?frmt=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a-35.1fichier.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a-35.1fichier.com/ Response headers date Mon, 26 Jul 2021 21:42:47 GMT content-type text/html last-modified Tue, 15 May 2018 06:39:25 GMT cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" set-cookie __cf_bm=40bd32ee2583d59e4e6c73124c8a0965e547fe4e-1627335767-1800-AaEmrr7tiZFrb3olFwFQbN7FRiFHTeTD0N3CAgCUjsj7StgfMnY6hc19IK2OKjW4MUl1BClJhBwCDzGFhYA4dPM=; path=/; expires=Mon, 26-Jul-21 22:12:47 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkTuwgg69oIEQaks%2BaWRRs8LUWNXV%2FkmFerLLdI90CJ%2F3dWoOquNbt6I%2BRPmg7ZfjEiCC%2FtUDLhHIrre6DcCK9%2BeORmHTZ%2FTmSfnkyf7rqX86rFGDwI6m9hfKJjxCv4clNP%2BOnPiV3gY"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6750ccc46e484414-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	native.php Show response discovernative.com/script/	6 KB 4 KB	213ms 172ms	Script application/json	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/native.php?nwpsv=1&r=2285595&cbrandom=0.3243119543393418&cbWidth=1600&cbHeight=1200&cbtitle=1fichier.com%3A%20Cloud%20Storage&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&callback=jsonp705782 Requested by Host: a-35.1fichier.com URL: https://a-35.1fichier.com/c784293613 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash f0b66aaf5f4f1ae8d1045cb216640f8978cf9d0635a23ba4cf42b4124e1c56f0 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT content-encoding gzip alt-svc clear server openresty content-type application/json; charset=utf-8 access-control-allow-origin * link <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect via 1.1 google
GET H3-29	200	style.js Show response superonclick.com/script/	40 KB 13 KB	33ms 18ms	Script text/javascript	2606:4700:3037::ac43:bd78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://superonclick.com/script/style.js Requested by Host: superonclick.com URL: https://superonclick.com/script/native_render.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=r+9kWg==, md5=9vnEM2N/er/68OuRi4OHTA== date Mon, 26 Jul 2021 21:42:48 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2927 x-guploader-uploadid ABg5-UzK_ZrcCVCauhLePG--Ux2MRLyyQJZxsdzL8wMGFtGjRkADxsXRV1k5UyXdBNmy1pYbs-Qcn8Ok0VglbFSByPRdJdq_qQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Thu, 10 Oct 2019 07:15:34 GMT server cloudflare etag W/"f6f9c433637f7abffaf0eb918b83874c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RIbTFmJ8JCKHaeEwGJ8M6dCdMSTh65WNYvFUfLIiga6v9jL9W3M1ZPAN5nod4kSI4jhDhpkAHzjdoJQ3SdyHoyqWRwrB9e01ZYQtvf3KILVgQUaBicWWN%2B7lUui0qOTs8f35%2F9z%2Bovr4jK4JSIt"}],"group":"cf-nel","max_age":604800} x-goog-generation 1570691734888336 access-control-allow-origin * content-type text/javascript cache-control public, max-age=14400 x-goog-stored-content-length 41280 cf-ray 6750ccc6f9952c22-FRA expires Mon, 26 Jul 2021 21:35:09 GMT
GET H2	200	146d09cbf42ede93bc58bb6a302384db_9473.jpeg cdnativ.com/extban/216329220/creatives/23055112/	82 KB 82 KB	45ms 19ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055112/146d09cbf42ede93bc58bb6a302384db_9473.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5121c6c9f15405ea739bfd8af98eb9e2939dfa827c474dac27426b430fd04ce8 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 485 etag W/"60eef558-1481e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDY5PLvj84yXKMc6KuF2M5D2jy7afewYBT%2FabQdRJxIgjPZKpG6kFQmF5jvXkMgZf1IwTAI20SLaadnkoFC7XCT%2FlbgEBTeX7uqUJBxumaQQsAsV6cC%2BWkB9XWqlxXXz1t%2F3b%2BBzoskObg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc74da4432d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg cdnativ.com/extban/216329220/creatives/23055110/	52 KB 52 KB	45ms 20ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055110/c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e5495f391e2e57f29da205688c78251df85c41edf2eadb717d3017fe80cfdc2 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 6010 etag W/"60eef558-d00c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf6R7Eq492mFBoXo6C1ZlEsnVVnwZrYLJdixMmufe%2BuZbW7C85BHnlJ2KO1fzTJ2lF6v1%2FWtBfJzeLomQSpxTYW6GHhIdozWUlVplq1qjsIvj0k5IG093S4ZT4oAGqpXONrKCvSB3VbJ7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc74da8432d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg cdnativ.com/extban/247895220/creatives/23218086/	70 KB 70 KB	45ms 20ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218086/cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2298 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcROtXF7hl3%2BmfUd%2FcMTaBKK4rWwh2Po%2FYKhZI%2B0qS%2FYvh8yT%2FmacRHPY23Thzj8y9apNlGbST7fQw7VfQtAKhYS2H87WAoPYCSBurmKHs0WPWKFI6eNuuFEiJLK2k1VhvcCg%2Ff%2FgloczA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc74daa432d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg cdnativ.com/extban/247895220/creatives/23218084/	70 KB 71 KB	38ms 13ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218084/cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2422 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vns91retKq8F90MHqz0R7z5%2FVmfv5IxniiN6ITgAZ9UooXuoCWuctKav2LJ6kqzEV%2FqmoXqP%2BLaKZu%2BHwVCGC%2BsCYrpGY7qBuq6py6kxK8Y2TkqNCc7307mHsJNzqdtjPBfUhh6ipBvD6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc74dac432d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg cdnativ.com/extban/247895220/creatives/23218088/	70 KB 70 KB	44ms 20ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218088/cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2476 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFvCq%2BRPA1et%2BcbaWXy83e0IRNetFZ5ElngTE1fyyJyqPlxiqPtupN7cewkvcNrnlyyQ2FzZe5Sfxn3mfO6CRurrJnT%2BLr%2BluiFCUwcePIbFOKUiLduBWN522eZDvo6ILMzbQ11RFNqJIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc74daf432d-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	146d09cbf42ede93bc58bb6a302384db_9473.jpeg cdnativ.com/extban/216329220/creatives/23055112/	82 KB 83 KB	26ms 15ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055112/146d09cbf42ede93bc58bb6a302384db_9473.jpeg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5121c6c9f15405ea739bfd8af98eb9e2939dfa827c474dac27426b430fd04ce8 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 485 etag W/"60eef558-1481e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQQ7SxEEAASZkJeyidYs8%2FZFVc3BQV8KXvvm6pItpNOpSlUqjB8JUwVFWieJ%2F1lLdJ%2FR1MhCl6vxveKprwITN98%2BS8RLDiN3d8BpAYdW9xwb%2B5BH%2BtLo%2B4d4nr8K2lNbHTYQYxMnRKoBBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc79a25e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg cdnativ.com/extban/216329220/creatives/23055110/	52 KB 53 KB	55ms 44ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055110/c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e5495f391e2e57f29da205688c78251df85c41edf2eadb717d3017fe80cfdc2 Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 6010 etag W/"60eef558-d00c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ORa%2B83FrLXhUbql7PjLczdsUcXhIR9trspacFOWdySBKTPXBwW1y78AtIuj26Dah2wnXAIqxBtczWkCIXiR2dVYGPxPcEYYF7%2FkNUF%2FgV3%2FhgC8EIXFszwAjfvR9L4dNnnNFag7X%2FKrZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc79a2be007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg cdnativ.com/extban/247895220/creatives/23218086/	70 KB 71 KB	45ms 35ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218086/cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2298 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZanLRvkZyIsfOy1pdPFnnSaYuNKmwBdQ6DFlQSWJ3EGQRt0Gq66YxsR8Bl8wS9sjelr%2FzhlEUVLcpc%2BIbnDiBmwh3R0Xn2%2FEXSnj6AXtvXiCsz2rE7gQ8F0XWNQqYEqV%2FSZJEtg%2BAHz2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc79a27e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg cdnativ.com/extban/247895220/creatives/23218084/	70 KB 71 KB	49ms 39ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218084/cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2422 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwAN2citJ%2FF63elGtSEa2WMOMBWsNaokoXIpHJuRGa7eweYkLWVUcnkwFkg9%2FvcOKR2RTDiauOufnhv8PSk5875G24sI3y63EfJitoK89JJgz4e53ctwBlyybdnDMtk0l5ZXbNvt%2BQPo2g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc79a29e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg cdnativ.com/extban/247895220/creatives/23218088/	70 KB 71 KB	56ms 47ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218088/cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer https://a-35.1fichier.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2476 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdYB%2BrcWg7tWOs7sDYBQzuB9aJ5CbzxQdVj%2BScOH0FFcHECsSJh%2BoI2qeA%2BAkZ8jO4IdedDD%2Baaiu3vKdfCsqBtIQJbL%2FuUBEtX1OeHrGdOukplOSKNLCSZJ6GUCWFq7iwhL79WH5GFx2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc79a2ce007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET DATA	200 OK	truncated /	350 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 454D	350 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	146d09cbf42ede93bc58bb6a302384db_9473.jpeg cdnativ.com/extban/216329220/creatives/23055112/ Frame 454D	82 KB 83 KB	16ms 15ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055112/146d09cbf42ede93bc58bb6a302384db_9473.jpeg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5121c6c9f15405ea739bfd8af98eb9e2939dfa827c474dac27426b430fd04ce8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 485 etag W/"60eef558-1481e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAfZWI9RSMV1OJYPizEoXxV24a5Fcp%2BoPo9I31sLTDlx20%2Fyqsx70QvBihdEE0GdZq3t7N%2Bvq2yoA35Yi7YZAFd0twQWNV41HqjTSTdg97rDxYvoclQNjprqI%2FqOAeNp7xmKpoYlUUwiZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc82b0de007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg cdnativ.com/extban/216329220/creatives/23055110/ Frame 454D	52 KB 53 KB	19ms 17ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/216329220/creatives/23055110/c7141d1b23a8bd6a8cde55dea9a806ea_8698.jpeg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e5495f391e2e57f29da205688c78251df85c41edf2eadb717d3017fe80cfdc2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:31:52 GMT server cloudflare age 6010 etag W/"60eef558-d00c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cN71crhNxWpW2rWSxDAFktFrIevYxn0sV8Qh7lPZonmpg9F3UO%2FgeD1TSiUxETxL%2B%2FV6qgcFBbAmgo2UbdE5WbMfRxBMmJ6X%2FZaqVmF%2FlAjfI4jD9WJM1EOgVRL6zXrepYptnJeVEkC5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc82b0ee007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg cdnativ.com/extban/247895220/creatives/23218086/ Frame 454D	70 KB 71 KB	22ms 21ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218086/cb586a8b65b06c4260c3529fc7a3ec5e_3826.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2298 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smnoy9G685Ye8UbkydhyGh9cp47zoOHMWSLXaKIxyZ6GFWOLaPNxL5WWGQeJNpWahJR8wpN5L5b%2FdATkJuMxLUTqktJx6PbxL40vNrznkLSiSN%2Fnq8v2voqgKHiDg%2B8LiJhOkYY1Ot01xw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc82b0fe007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg cdnativ.com/extban/247895220/creatives/23218084/ Frame 454D	70 KB 71 KB	23ms 23ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218084/cb586a8b65b06c4260c3529fc7a3ec5e_7462.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2422 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACcFzBKkG6Q%2FmouVf8ImdiPRdhERg3AMkMTfB7FPFDGdSKTgGf2csUJ8s3b0a6wfSMmRxwYrqoBqpqBnqSlCY%2BqPsdFQ5Doq9ghHIeD9Sb8YtmBdOIlMLt3Tt8HHFmV8HV2ERAAaQMrLWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc82b12e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg cdnativ.com/extban/247895220/creatives/23218088/ Frame 454D	70 KB 71 KB	19ms 19ms	Image image/jpeg	2606:4700:3034::6815:1cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnativ.com/extban/247895220/creatives/23218088/cb586a8b65b06c4260c3529fc7a3ec5e_5229.jpg Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 14 Jul 2021 15:40:19 GMT server cloudflare age 2476 etag W/"60ef0563-117c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVkux4Y%2BTx3Os5JtnrsSax3TNJVnKyvRskoi1qf2wfVDod7aUGsgTkBgPiTTXRkf9aledaGwMFfl1uji4kIJ5Grj7sPEhSqxjPyRqNQsB1%2BUy%2BB5E2sg6ndk9DlYfh8RXuWe5SiJ8DWo8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6750ccc82b13e007-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	204	i.php Show response discovernative.com/script/ Frame 454D	0 40 B	227ms 227ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/i.php?stamat=m%7C%2C%2Cg3Ey4iLuoGU3Bv_GH0dEdHP3xP.a7c%2CSXmqcBsiZaST6DXjUMlgo9B99_t5e369WOSYwYc6ksVHbMYEz2djC65e7ZME2WxTEFbK4OQUz4Ssocq7M1ShF0BB4k4CO4YKP8q-fNnorAyRxLhnQsexhdvqmwcPsvPhrYido2qPJqTeenVdFRzzAAxwWgj9KNPwdWgREtVSDKZ9-MDk4gKMJKXWBtV5u1L_eGJBfdOq7sSLi7pm7jUXppKlIl9LECzGmU9jOHB-bmaSwH3fUK0p2pz9zpkIfynXPVX2TWs0pkH9FFIztxu1HGNhrFmDMYhV0snDtCbxvjA39yTIU8vNHyczx0PluiMCWRFAX4NUSAqE9LchyB119sIIc-yyXfmFpJmkeEG4qbBIjcS5TqmjOawVen-ZwPqNRm9OPxcTO9zkS8m0K0IPYGPaEVkaAxhfjez7ybu7oTl7sZt85Ki2-QXz1969AqQtVw0ZjeIg3iWo-ol0KTBeko8OWbbtn-LoH0XOpvkJzJ3Y26YPvWH1e6aq5ou5PUncs2EQ1aa8pLQvIHitKVQSQV7zhJ74dWXvuv3bbm9LupdpTvrzAwvDNiLBhYQlSKayuvKZO9eKVde_T9hQ_hDViBn8tPNQPilf493upCVpwY0MF5LvLMCezEFOULc037_nJNhwCMzzAsl_26V_bGVqUAScSPbVRkXux1xj7kaWWcipYtpEUuM9EQmaKX5OYFpUIuxCS1ZPKoaN8IstrAyKqpawfLyHK5k6i8vbksxwLtJwcrViZ2DTEDCOgHO3Gv8n&track=0,1,2,3,4 Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google referrer-policy no-referrer server openresty alt-svc clear
GET H2	204	i.php Show response discovernative.com/script/ Frame 454D	0 61 B	132ms 131ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/i.php?stamat=m%7C%2C%2Cg3Ey4iLuoGU3Bv_GH0dEdHP3xP.a7c%2CSXmqcBsiZaST6DXjUMlgo9B99_t5e369WOSYwYc6ksVHbMYEz2djC65e7ZME2WxTEFbK4OQUz4Ssocq7M1ShF0BB4k4CO4YKP8q-fNnorAyRxLhnQsexhdvqmwcPsvPhrYido2qPJqTeenVdFRzzAAxwWgj9KNPwdWgREtVSDKZ9-MDk4gKMJKXWBtV5u1L_eGJBfdOq7sSLi7pm7jUXppKlIl9LECzGmU9jOHB-bmaSwH3fUK0p2pz9zpkIfynXPVX2TWs0pkH9FFIztxu1HGNhrFmDMYhV0snDtCbxvjA39yTIU8vNHyczx0PluiMCWRFAX4NUSAqE9LchyB119sIIc-yyXfmFpJmkeEG4qbBIjcS5TqmjOawVen-ZwPqNRm9OPxcTO9zkS8m0K0IPYGPaEVkaAxhfjez7ybu7oTl7sZt85Ki2-QXz1969AqQtVw0ZjeIg3iWo-ol0KTBeko8OWbbtn-LoH0XOpvkJzJ3Y26YPvWH1e6aq5ou5PUncs2EQ1aa8pLQvIHitKVQSQV7zhJ74dWXvuv3bbm9LupdpTvrzAwvDNiLBhYQlSKayuvKZO9eKVde_T9hQ_hDViBn8tPNQPilf493upCVpwY0MF5LvLMCezEFOULc037_nJNhwCMzzAsl_26V_bGVqUAScSPbVRkXux1xj7kaWWcipYtpEUuM9EQmaKX5OYFpUIuxCS1ZPKoaN8IstrAyKqpawfLyHK5k6i8vbksxwLtJwcrViZ2DTEDCOgHO3Gv8n&track=NaN,NaN,NaN Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google referrer-policy no-referrer server openresty alt-svc clear
GET H2	204	i.php Show response discovernative.com/script/ Frame 454D	0 40 B	133ms 132ms	Script text/plain	130.211.31.231 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://discovernative.com/script/i.php?stamat=m%7C%2C%2Cg3Ey4iLuoGU3Bv_GH0dEdHP3xP.a7c%2CSXmqcBsiZaST6DXjUMlgo9B99_t5e369WOSYwYc6ksVHbMYEz2djC65e7ZME2WxTEFbK4OQUz4Ssocq7M1ShF0BB4k4CO4YKP8q-fNnorAyRxLhnQsexhdvqmwcPsvPhrYido2qPJqTeenVdFRzzAAxwWgj9KNPwdWgREtVSDKZ9-MDk4gKMJKXWBtV5u1L_eGJBfdOq7sSLi7pm7jUXppKlIl9LECzGmU9jOHB-bmaSwH3fUK0p2pz9zpkIfynXPVX2TWs0pkH9FFIztxu1HGNhrFmDMYhV0snDtCbxvjA39yTIU8vNHyczx0PluiMCWRFAX4NUSAqE9LchyB119sIIc-yyXfmFpJmkeEG4qbBIjcS5TqmjOawVen-ZwPqNRm9OPxcTO9zkS8m0K0IPYGPaEVkaAxhfjez7ybu7oTl7sZt85Ki2-QXz1969AqQtVw0ZjeIg3iWo-ol0KTBeko8OWbbtn-LoH0XOpvkJzJ3Y26YPvWH1e6aq5ou5PUncs2EQ1aa8pLQvIHitKVQSQV7zhJ74dWXvuv3bbm9LupdpTvrzAwvDNiLBhYQlSKayuvKZO9eKVde_T9hQ_hDViBn8tPNQPilf493upCVpwY0MF5LvLMCezEFOULc037_nJNhwCMzzAsl_26V_bGVqUAScSPbVRkXux1xj7kaWWcipYtpEUuM9EQmaKX5OYFpUIuxCS1ZPKoaN8IstrAyKqpawfLyHK5k6i8vbksxwLtJwcrViZ2DTEDCOgHO3Gv8n&track=NaN,NaN,NaN Requested by Host: superonclick.com URL: https://superonclick.com/script/style.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Mon, 26 Jul 2021 21:42:48 GMT via 1.1 google referrer-policy no-referrer server openresty alt-svc clear

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $jscomp function| $ function| jQuery object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative string| zone object| adcashUfp function| NativeAd object| core object| nativeWatermarkModal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-35.1fichier.com
cdnativ.com
discovernative.com
googleads.g.doubleclick.net
img.1fichier.com
pagead2.googlesyndication.com
superonclick.com
ufpcdn.com
130.211.31.231
2606:4700:3034::6815:1cb
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:bd78
2a00:1450:4001:800::2002
2a00:1450:4001:811::2002
2a00:fb40:a:1::141
2a00:fb40:a:1::35
07e8d6ea069f651d48ad47731cce6d24417176b3a353554f40fe2d5f8b81afb1
0c645dd01b7fceeecf6be5a13c7251ec31d9c0c27dcfab610878574aac8050a7
1e5495f391e2e57f29da205688c78251df85c41edf2eadb717d3017fe80cfdc2
2dbaa96bdfdb55aa92d43c96f43c7b6e04c611d824da835a849336afef40e5ee
3c41f4da5f7d6569364d3f152d18ab9875d24b8d65b88a51349722676fc96eed
5121c6c9f15405ea739bfd8af98eb9e2939dfa827c474dac27426b430fd04ce8
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7
6ebaed13c11d421d00df54c7ae704bb53cb48e366dd721ddbb8f35c985b4ef2f
6fb98a84dcad15b023db035df0fff70ab256cb9dbdb39836da0f6bb31790d749
72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b
9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65
b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0b66aaf5f4f1ae8d1045cb216640f8978cf9d0635a23ba4cf42b4124e1c56f0
fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a