1fichier.com Open in urlscan Pro
2a00:fb40:a:1::140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://steamunlocked.pro/link/3658
Effective URL:
https://1fichier.com/?6y81ryjj28mli3r8t95y
Submission: On February 12 via manual (February 12th 2024, 11:37:25 pm UTC) from AU — Scanned from US

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 19 domains to perform 83 HTTP transactions. The main IP is 2a00:fb40:a:1::140, located in France and belongs to DSTORAGE, FR. The main domain is 1fichier.com. The Cisco Umbrella rank of the primary domain is 219033.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on June 23rd 2023. Valid for: a year.

This is the only time 1fichier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:aa3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:fb40:a:1... 2a00:fb40:a:1::140	198792 (DSTORAGE) (DSTORAGE)
15	2a00:fb40:a:1... 2a00:fb40:a:1::141	198792 (DSTORAGE) (DSTORAGE)
2	2600:9000:20e... 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1	() ()
7	104.18.127.252 104.18.127.252	() ()
8	34.149.50.64 34.149.50.64	() ()
2	2a02:6ea0:ca0... 2a02:6ea0:ca00::3	() ()
4	87.230.98.74 87.230.98.74	() ()
2	2620:1ec:48:1... 2620:1ec:48:1::40	() ()
13	68.67.160.132 68.67.160.132	() ()
4	151.101.1.108 151.101.1.108	() ()
6 15	2620:1ec:c11:... 2620:1ec:c11::200	() ()
2	151.101.193.108 151.101.193.108	() ()
1	3.33.220.150 3.33.220.150	() ()
1	23.105.12.131 23.105.12.131	() ()
1	35.168.137.63 35.168.137.63	() ()
1	37.157.6.233 37.157.6.233	() ()
1	2606:4700:440... 2606:4700:4400::6812:22b2	() ()
1	18.210.171.32 18.210.171.32	() ()
1	50.31.142.159 50.31.142.159	() ()
1	34.120.63.153 34.120.63.153	() ()
1	151.101.129.108 151.101.129.108	() ()
2	34.95.69.49 34.95.69.49	() ()
1	18.161.34.71 18.161.34.71	() ()
83	24

1 2606:4700:3037::ac43:aa3a (United States)

ASN13335 (CLOUDFLARENET, US)

steamunlocked.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:fb40:a:1::140 (France)

ASN198792 (DSTORAGE, FR)

1fichier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:fb40:a:1::141 (France)

ASN198792 (DSTORAGE, FR)

img.1fichier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1 (None, )

ASN- ()

tags.refinery89.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.127.252 (None, )

ASN- ()

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.149.50.64 (None, )

ASN- ()

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:ca00::3 (None, )

ASN- ()

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.230.98.74 (None, )

ASN- ()

a.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::40 (None, )

ASN- ()

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 68.67.160.132 (None, )

ASN- ()

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.108 (None, )

ASN- ()

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dcdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:c11::200 (None, ) 6 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.131 (None, )

ASN- ()

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.137.63 (None, )

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (None, )

ASN- ()

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (None, )

ASN- ()

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.171.32 (None, )

ASN- ()

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.159 (None, )

ASN- ()

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (None, )

ASN- ()

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (None, )

ASN- ()

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (None, )

ASN- ()

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.34.71 (None, )

ASN- ()

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adnxs.com nym1-ib.adnxs.com cdn.adnxs.com acdn.adnxs.com ib.adnxs.com dcdn.adnxs.com	139 KB
17	1fichier.com 1fichier.com — Cisco Umbrella Rank: 219033 img.1fichier.com — Cisco Umbrella Rank: 378331	162 KB
15	bing.com 6 redirects www.bing.com	113 KB
15	seedtag.com t.seedtag.com s.seedtag.com config.seedtag.com	149 KB
6	consentmanager.net cdn.consentmanager.net a.delivery.consentmanager.net b.delivery.consentmanager.net	171 KB
2	clean.gg i.clean.gg	104 B
2	microsoft.com adsdk.microsoft.com	62 KB
2	refinery89.com tags.refinery89.com	198 KB
1	trustarc.com choices.trustarc.com	1 KB
1	adnxs-simple.com acdn.adnxs-simple.com	46 KB
1	media.net prebid.media.net	1 KB
1	zemanta.com b1h.zemanta.com	191 B
1	3lift.com tlx.3lift.com	602 B
1	4dex.io mp.4dex.io	2 KB
1	adform.net adx.adform.net	529 B
1	360yield.com ad.360yield.com	99 B
1	smartadserver.com prg.smartadserver.com	2 KB
1	adsrvr.org match.adsrvr.org	562 B
1	steamunlocked.pro steamunlocked.pro	898 B
83	19

	Domain	Requested by
15	www.bing.com	6 redirects config.seedtag.com adsdk.microsoft.com 1fichier.com
15	img.1fichier.com	1fichier.com img.1fichier.com
12	nym1-ib.adnxs.com	config.seedtag.com cdn.adnxs.com 1fichier.com acdn.adnxs-simple.com
8	s.seedtag.com	t.seedtag.com config.seedtag.com
5	t.seedtag.com	1fichier.com t.seedtag.com
3	cdn.adnxs.com	config.seedtag.com tags.refinery89.com
3	b.delivery.consentmanager.net	a.delivery.consentmanager.net b.delivery.consentmanager.net
2	i.clean.gg	acdn.adnxs-simple.com
2	acdn.adnxs.com	config.seedtag.com
2	adsdk.microsoft.com	config.seedtag.com
2	config.seedtag.com	steamunlocked.pro
2	cdn.consentmanager.net	tags.refinery89.com b.delivery.consentmanager.net
2	tags.refinery89.com	1fichier.com tags.refinery89.com
2	1fichier.com	1fichier.com
1	choices.trustarc.com	1fichier.com
1	dcdn.adnxs.com	tags.refinery89.com
1	acdn.adnxs-simple.com	tags.refinery89.com
1	prebid.media.net	tags.refinery89.com
1	b1h.zemanta.com	tags.refinery89.com
1	tlx.3lift.com	tags.refinery89.com
1	mp.4dex.io	tags.refinery89.com
1	adx.adform.net	tags.refinery89.com
1	ad.360yield.com	tags.refinery89.com
1	prg.smartadserver.com	tags.refinery89.com
1	ib.adnxs.com	tags.refinery89.com
1	match.adsrvr.org	tags.refinery89.com
1	a.delivery.consentmanager.net	tags.refinery89.com
1	steamunlocked.pro
83	28

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
dstorage.fr

Subject Issuer	Validity	Valid
steamunlocked.pro GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh
*.1fichier.com AlphaSSL CA - SHA256 - G4	`2023-06-23` - `2024-07-24`	a year	crt.sh
refinery89.com Amazon RSA 2048 M01	`2023-05-27` - `2024-06-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
1376624012.rsc.cdn77.org R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
a.delivery.consentmanager.net R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-13`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://1fichier.com/?6y81ryjj28mli3r8t95y
Frame ID: A39B6F6FCA901435C08D32CA8489F5A8
Requests: 47 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: F8B4057ADC30E33A6824B5949C6F3F7B
Requests: 11 HTTP requests in this frame

Frame: https://config.seedtag.com/standard-iframe/index.v1.html
Frame ID: DED9180C59C025303FBFA7A0A6C25FEE
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=2110686
Frame ID: 97AB8908684C9986C633A3E3E6DC38CE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=2110686
Frame ID: FE7BB37A85D2092049AF49F07162CFF3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 77A410F6DEA20B475511A8368C5323B1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1fichier.com: Cloud Storage

Page URL History Show full URLs

https://steamunlocked.pro/link/3658 Page URL
https://1fichier.com/?6y81ryjj28mli3r8t95y Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

93 %
HTTPS

33 %
IPv6

19
Domains

28
Subdomains

24
IPs

2
Countries

1046 kB
Transfer

3052 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/1fichiercom

Search URL Search Domain Scan URL

URL: https://facebook.com/1fichiercom

Search URL Search Domain Scan URL

URL: https://dstorage.fr/
Title: DStorage SASU © 2009-2024

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://steamunlocked.pro/link/3658 Page URL
https://1fichier.com/?6y81ryjj28mli3r8t95y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b31ff7ae-49fe-4eef-93a6-f8db6665e499&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f36b3c26-3955-4c5d-9250-10f72088641b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D32f886fe1b8240aa92477c7ea13076a2%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=26448351&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1403252862846716788 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=32f886fe1b8240aa92477c7ea13076a2&SNR=1&GV=2&med=10

Request Chain 45

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=705069cc-d1d7-424e-892c-fc367c77d83b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=70988418-abb0-48dd-bccd-0714a8bf901b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D74e7d082591e4a8599d5d940c699ac8c%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=26124084&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1339140243750407483 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=74e7d082591e4a8599d5d940c699ac8c&SNR=1&GV=2&med=10

Request Chain 64

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b31ff7ae-49fe-4eef-93a6-f8db6665e499&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f36b3c26-3955-4c5d-9250-10f72088641b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D32f886fe1b8240aa92477c7ea13076a2%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=26448351&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1403252862846716788 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=32f886fe1b8240aa92477c7ea13076a2&tids=15000&med=10

Request Chain 65

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=705069cc-d1d7-424e-892c-fc367c77d83b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=70988418-abb0-48dd-bccd-0714a8bf901b&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D74e7d082591e4a8599d5d940c699ac8c%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=26124084&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=1339140243750407483 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=74e7d082591e4a8599d5d940c699ac8c&tids=15000&med=10

Request Chain 74

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=6aa9a924-79c7-4307-b36f-c612fc4bdaa8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7dce6031-d7df-436f-9552-aa70b20d3846&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D779caab8631f4bb5ad7fa59b2db62677%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=25120107&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=1311575249235918392 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=779caab8631f4bb5ad7fa59b2db62677&SNR=1&GV=2&med=10

Request Chain 81

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=6aa9a924-79c7-4307-b36f-c612fc4bdaa8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7dce6031-d7df-436f-9552-aa70b20d3846&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D779caab8631f4bb5ad7fa59b2db62677%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=25120107&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=1311575249235918392 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=779caab8631f4bb5ad7fa59b2db62677&tids=15000&med=10

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 3658 Show response
steamunlocked.pro/link/ 662 B
898 B 374ms
343ms Document
text/html 2606:4700:3037::ac43:aa3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://steamunlocked.pro/link/3658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:aa3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7be3a3fd1ed0080f2cd8f1d0cca0cfb21582612e9dce000305bac51acdb40e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8548a88c3b577d02-EWR
content-encoding: br
content-type: text/html; charset="utf-8"
date: Mon, 12 Feb 2024 23:37:15 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 3; url=https://1fichier.com/?6y81ryjj28mli3r8t95y
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymqvC6GpNnr15xhozKXeXISHcArH2pDc4cbO2XaZJOxIXaY5NA8WbqkoWaHZes5Kh9og74HSojBeaMRSjWuWhoUmCjosneXfwtJ%2B0UyYC1nGkyuPvJrKTO8%2BEQZjVqNSiVtsM%2Bx7PfrmA07ngDO4Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie
x-cache: MISS

GET
H2 200 Primary Request / Show response
1fichier.com/ 10 KB
4 KB 545ms
295ms Document
text/html 2a00:fb40:a:1::140
DSTORAGE

General

Check archive.org

Show headers Download Go to

Full URL

https://1fichier.com/?6y81ryjj28mli3r8t95y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:fb40:a:1::140 , France, ASN198792 (DSTORAGE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a8b820c83401b70e0677c38f6c0b0664eecf0d19e12509d44208695b13e9a53d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://steamunlocked.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 23:37:21 GMT
expires: 0
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 style.css
img.1fichier.com/css/ 10 KB
3 KB 326ms
78ms Stylesheet
text/css 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to

Full URL: https://img.1fichier.com/css/style.css
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: ac77887887b741d9fc2b02f8834f43dd93df814daa182350a4dc7cdababae244

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 05:57:54 GMT
server: nginx
etag: "638d8862-ac5"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: public
accept-ranges: bytes
content-length: 2757

GET
H2 200 jquery.ui.css
img.1fichier.com/css/ 27 KB
5 KB 341ms
93ms Stylesheet
text/css 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to

Full URL: https://img.1fichier.com/css/jquery.ui.css
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 12:14:31 GMT
server: nginx
etag: "601be527-149b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: public
accept-ranges: bytes
content-length: 5275

GET
H2 200 jquery.js Show response
img.1fichier.com/js/ 253 KB
74 KB 416ms
169ms Script
application/x-javascript 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to

Full URL: https://img.1fichier.com/js/jquery.js
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
last-modified: Fri, 20 Jul 2018 09:43:03 GMT
server: nginx
etag: "5b51aea7-127e0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: public
accept-ranges: bytes
content-length: 75744

GET
H2 200 1fichiercom.js Show response
tags.refinery89.com/v2/ 77 KB
16 KB 537ms
46ms Script
text/javascript 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.refinery89.com/v2/1fichiercom.js
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bf342d6364e1dd3909b3348e19ca014b50c8b65f4b271f3f8ce56ebce64a352

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 22:05:45 GMT
content-encoding: br
via: 1.1 64d0258636b5df398ab692be714f6aa0.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 09:33:01 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 5500
x-amz-server-side-encryption: AES256
etag: W/"d674fbadae264022e318a71d2e54deb9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=21600, public
x-amz-cf-id: h1HDkyWtGDJUNe8LifFtpzOnz4iaXKtcXEw_x3a1e3GKY6ex2xXf7g==

GET
H2 200 8789-3513-01.js Show response
t.seedtag.com/t/ 44 KB
14 KB 78ms
19ms Script
application/javascript 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/8789-3513-01.js
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5faabc58a01da733eddb287db4586081c6722e385925b04744d0db159d23a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 23:36:38 GMT
server: cloudflare
age: 41
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 8548a8a8885b42e6-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 Feb 2024 23:57:19 GMT

GET
H2 200 logo.png
img.1fichier.com/ 17 KB
17 KB 548ms
301ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/logo.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Tue, 01 Jul 2014 07:44:08 GMT
server: nginx
etag: "53b266c8-43dc"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 17372

GET
H2 200 qr.pl
1fichier.com/ 1 KB
1 KB 86ms
84ms Image
image/png 2a00:fb40:a:1::140
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1fichier.com/qr.pl?do=0.6y81ryjj28mli3r8t95y&s=1
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::140 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 75f1a5c83df6b2cd16c4fe882b10f834e01b67fdd7ba63fa2d77268c5464b003

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/?6y81ryjj28mli3r8t95y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
cache-control: public, max-age=31536000
server: nginx
content-type: image/png

GET
H2 200 icon_question.png
img.1fichier.com/icons/ 2 KB
2 KB 462ms
303ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/icons/icon_question.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 71cc73e07c93286f879de363886843eef3ca93ad9b54f6e616ea82622b793316

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 05 Aug 2015 09:48:58 GMT
server: nginx
etag: "55c1dc0a-73a"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 1850

GET
H2 200 logo-footer.png
img.1fichier.com/ 8 KB
8 KB 91ms
86ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/logo-footer.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Tue, 01 Jul 2014 07:45:16 GMT
server: nginx
etag: "53b2670c-202c"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 8236

GET
H2 200 twitter.png
img.1fichier.com/ 1 KB
1 KB 90ms
85ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/twitter.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Tue, 15 Dec 2015 17:02:38 GMT
server: nginx
etag: "567047ae-4a0"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 1184

GET
H2 200 facebook.png
img.1fichier.com/ 1 KB
1 KB 91ms
86ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/facebook.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Tue, 15 Dec 2015 17:02:15 GMT
server: nginx
etag: "56704797-4f9"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 1273

GET
H2 200 icon_question.png
img.1fichier.com/icons/ 2 KB
2 KB 91ms
87ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/icons/icon_question.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 71cc73e07c93286f879de363886843eef3ca93ad9b54f6e616ea82622b793316

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 05 Aug 2015 09:48:58 GMT
server: nginx
etag: "55c1dc0a-73a"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 1850

GET
H2 200 background-002.jpg
img.1fichier.com/ 30 KB
31 KB 95ms
93ms Image
image/jpeg 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/background-002.jpg
Requested by: Host: img.1fichier.com
URL: https://img.1fichier.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://img.1fichier.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 02 Jul 2014 09:48:55 GMT
server: nginx
etag: "53b3d587-798f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 31119

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100.png
img.1fichier.com/ui/ 278 B
446 B 230ms
223ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/ui/ui-bg_highlight-soft_100_eeeeee_1x100.png
Requested by: Host: img.1fichier.com
URL: https://img.1fichier.com/css/jquery.ui.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d91d4809e0ed0a5003439f4b251b773a911e4c0885c03450ef476c79b760a76c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://img.1fichier.com/css/jquery.ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 18 Apr 2018 00:49:02 GMT
server: nginx
etag: "5ad695fe-116"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 278

GET
H2 200 ui-bg_gloss-wave_35_f6a828_500x100.png
img.1fichier.com/ui/ 6 KB
6 KB 454ms
447ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/ui/ui-bg_gloss-wave_35_f6a828_500x100.png
Requested by: Host: img.1fichier.com
URL: https://img.1fichier.com/css/jquery.ui.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5d60d8ede5f1a69df1974508c1c2e0fd7098aa9f15d758e00134415a6ae41df7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://img.1fichier.com/css/jquery.ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 18 Apr 2018 00:49:02 GMT
server: nginx
etag: "5ad695fe-16b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 5815

GET
H2 200 ui-icons_ef8c08_256x240.png
img.1fichier.com/ui/ 4 KB
5 KB 463ms
456ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/ui/ui-icons_ef8c08_256x240.png
Requested by: Host: img.1fichier.com
URL: https://img.1fichier.com/css/jquery.ui.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 554c2727b8ce2534941b079597425be134dd257437f76cb04cddc3cbd7227fb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://img.1fichier.com/css/jquery.ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 18 Apr 2018 00:49:02 GMT
server: nginx
etag: "5ad695fe-11c5"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 4549

GET
H2 200 ui-bg_diagonals-thick_20_666666_40x40.png
img.1fichier.com/ui/ 312 B
481 B 447ms
410ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/ui/ui-bg_diagonals-thick_20_666666_40x40.png
Requested by: Host: img.1fichier.com
URL: https://img.1fichier.com/css/jquery.ui.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a9a768e9a115d8884bbe7666fe9f6b63658935631a8226ea152903489fd90b38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://img.1fichier.com/css/jquery.ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Wed, 18 Apr 2018 00:49:02 GMT
server: nginx
etag: "5ad695fe-138"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 312

GET
H2 200 en.png
img.1fichier.com/flags/ 599 B
767 B 433ms
411ms Image
image/png 2a00:fb40:a:1::141
DSTORAGE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1fichier.com/flags/en.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:fb40:a:1::141 , France, ASN198792 (DSTORAGE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Feb 2024 23:37:21 GMT
last-modified: Mon, 23 Aug 2010 00:21:09 GMT
server: nginx
etag: "4c71bef5-257"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 599

GET
H2 200 st_1.deb91c50da82803fe859.js Show response
t.seedtag.com/c/ 59 KB
18 KB 55ms
52ms Script
application/javascript 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_1.deb91c50da82803fe859.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/8789-3513-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c47937e8b71c472c95d3d31468e6384a7a22e954c145edc9c375eb33d191ccc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 44860
x-guploader-uploadid: ABPtcPp7_K2vIXpVciiRfmW-886UZrHQIlMmrTN3R3aZIFPEyo6bDiy2OsSuW_APgsONgNZywRk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"46f2df5acd790b0bec69c8f366de8231"
vary: Accept-Encoding
x-goog-generation: 1707736165469840
content-type: application/javascript
x-goog-hash: crc32c=4k4iKQ==, md5=RvLfWs15CwvsacjzZt6CMQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 17574
cf-ray: 8548a8a8d8c642e6-EWR
expires: Sun, 14 Apr 2024 23:37:19 GMT

GET
H2 200 st_0.f43a5bfe4c554098e387.js Show response
t.seedtag.com/c/ 309 KB
88 KB 101ms
99ms Script
application/javascript 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/8789-3513-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a5b16189a64b452483a35388c93052717e8df65902252b6fcbca64a1441160

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 44861
x-guploader-uploadid: ABPtcPoVUValBELHhTLj0SppBg1pipqvyvS3gFIp2g_bgJdG4ylkMTxxF70ayZGpDFAXcuLzRqc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"93d30e9addb72d1523cc44e6764c5195"
vary: Accept-Encoding
x-goog-generation: 1707736165554839
content-type: application/javascript
x-goog-hash: crc32c=TzUrag==, md5=k9MOmt23LRUjzETmdkxRlQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 91206
cf-ray: 8548a8a8d8c742e6-EWR
expires: Sun, 14 Apr 2024 23:37:19 GMT

GET
H2 200 st_2.32893653881561af67e2.js Show response
t.seedtag.com/c/ 7 KB
3 KB 52ms
50ms Script
application/javascript 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.32893653881561af67e2.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/8789-3513-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 904440a613768420de3c14bcab8adbb7fa7fdeb669d54931b7d676aba78deb1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 44860
x-guploader-uploadid: ABPtcPp8RXoWGamPKUB0eZkrZAsT3owrNREnbFohQ-dBr-zlsP6r37VceKfG3JmyeOnlVQPI-RLeajCqmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"482f4c2bd44b4cb642445bc57e07aacf"
vary: Accept-Encoding
x-goog-generation: 1707736165208737
content-type: application/javascript
x-goog-hash: crc32c=U0X6gw==, md5=SC9MK9RLTLZCRFvFfgeqzw==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 2469
cf-ray: 8548a8a8d8c842e6-EWR
expires: Sun, 14 Apr 2024 23:37:19 GMT

GET
H2 200 st_3.6813aca45080eef815d6.js Show response
t.seedtag.com/c/ 41 KB
12 KB 53ms
51ms Script
application/javascript 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.6813aca45080eef815d6.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/8789-3513-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 73513b879d0edd7741cafb3dd08786590fec66fd71b24e544173163c6b9ecf2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 44860
x-guploader-uploadid: ABPtcPqjbvj1xWEuvxT7qrhb8fZXGEeA66ETx-BtzDpMw1JA-3qMDQAiQTiH0Ozx_dK5qO32pq-JelOy6w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:26 GMT
server: cloudflare
etag: W/"59a34e76def5d0c6ffc4f796ae8b0554"
vary: Accept-Encoding
x-goog-generation: 1707736166520515
content-type: application/javascript
x-goog-hash: crc32c=O8xNqw==, md5=WaNOdt710Mb/xPeWrosFVA==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 11890
cf-ray: 8548a8a8d8ca42e6-EWR
expires: Sun, 14 Apr 2024 23:37:19 GMT

GET
H2 200 pv Show response
s.seedtag.com/c/ 1 KB
2 KB 429ms
59ms Fetch
application/json 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=8789-3513-01&device=desktop&fullUrl=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&cache=1707781039675&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: f94d770cd83522d7f2af6089ae1f2c6fe7b7558a4a7d0f22e44181898134e775

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 407 KB
89 KB 344ms
90ms Script
application/javascript 2a02:6ea0:ca00::3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/v2/1fichiercom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:ca00::3 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce1305d60562d74aaf2579242401846e239c741f602f3ebfcaa0d98074e72d91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-77-pop: londonGB
date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: gzip
x-age-lb: 33902
x-77-cache: HIT
edge-control: max-age=86400
x-accel-date: 1707747138
x-77-nzt: EwwBw7WkDQH3boQAAAwBuUwKCQH3AAAAAAwBJRPCNAGTgVEBAA
x-accel-expires: @1707833538
x-77-age: 120303
x-cache-lb: HIT
last-modified: Wed, 07 Feb 2024 13:48:30 GMT
server: CDN77-Turbo
etag: W/"65caa-610caf3346780"
x-77-nzt-ray: d09eba0fc574e622b0abca650a42a90e
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 14:12:13 GMT

GET
H2 200 prebid7.54.3-2.js Show response
tags.refinery89.com/prebid/ 563 KB
182 KB 43ms
38ms Script
application/javascript 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/v2/1fichiercom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:2e00:1a:ffda:a3c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 296d2d86087f143fa1dcc6524798ff105b4c459227134487f3633457fa97537c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:52:42 GMT
content-encoding: gzip
via: 1.1 64d0258636b5df398ab692be714f6aa0.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 12:05:07 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
age: 4808678
etag: W/"4826c0680032d27b1709bad55f9c7413"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-id: KNDmC3nIqY_c7wdqaqUwwqYcffvtPQ3gCdMU-YHHBFtnd35ax3EYmg==

GET
H/1.1 200
OK cmp.php Show response
a.delivery.consentmanager.net/delivery/ 943 B
1 KB 535ms
109ms Script
text/javascript 87.230.98.74

General

Check archive.org

Show headers Download Go to

Full URL

https://a.delivery.consentmanager.net/delivery/cmp.php?&cdid=129480d201787&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&o=1707781039937

Requested by

Host: tags.refinery89.com
URL: https://tags.refinery89.com/v2/1fichiercom.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 -, , ASN (),

Reverse DNS

Software

Resource Hash

356b96c1f8e8171991f25895a7dbb59a8b212cf65792dda3c32d79280ae93daa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 23:37:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 23:37:20 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/v2/tag/ 13 KB
5 KB 462ms
459ms Fetch
application/json 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/v2/tag/bid
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: a9b71a7dfdb9eeaf7adc01887bfe852f8097e697ce98f21f9c87c64445e4cb97

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 bid Show response
s.seedtag.com/c/v2/tag/ 13 KB
5 KB 486ms
484ms Fetch
application/json 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/v2/tag/bid
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 30f3500d7b553c574fce2eb552c169a4fc7843aea1c45c6db76b052d5f04de9c

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 bid Show response
s.seedtag.com/c/v2/tag/ 63 B
149 B 33ms
31ms Fetch
application/json 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/v2/tag/bid
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 84b2ea92ed2b84f4e351181e9b830a6e9ba74c6b30a1e1899d525b7b208e3849

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 943 B
1 KB 470ms
96ms Script
text/javascript 87.230.98.74

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=66181&o=1707781040&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&odw=0&dlt=1&l=en

Requested by

Host: a.delivery.consentmanager.net
URL: https://a.delivery.consentmanager.net/delivery/cmp.php?&cdid=129480d201787&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&o=1707781039937

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 -, , ASN (),

Reverse DNS

Software

Resource Hash

c22bfb3dc85d3279ceb27e516f2aff9f72a1eb29959d6484f98921505836a229

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 23:37:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 23:37:20 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 index.v1.html Show response
config.seedtag.com/standard-iframe/ Frame F8B4 310 B
431 B 45ms
25ms Document
text/html 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/standard-iframe/index.v1.html
Requested by: Host: steamunlocked.pro
URL: https://steamunlocked.pro/link/3658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 65407582672dbe330d7ff1c52eb9493b1ea49ffd207701b797b8308bcdc4d41b

Request headers

Referer: https://1fichier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: *
age: 2381
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8548a8b1fc1b42e6-EWR
content-encoding: br
content-type: text/html
date: Mon, 12 Feb 2024 23:37:20 GMT
etag: W/"8e67b211a51f5d2e051dc08d3645dc50"
expires: Mon, 12 Feb 2024 23:57:39 GMT
last-modified: Thu, 21 Dec 2023 16:07:01 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.v1.html Show response
config.seedtag.com/standard-iframe/ Frame DED9 310 B
280 B 22ms
19ms Document
text/html 104.18.127.252

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/standard-iframe/index.v1.html
Requested by: Host: steamunlocked.pro
URL: https://steamunlocked.pro/link/3658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.127.252 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 65407582672dbe330d7ff1c52eb9493b1ea49ffd207701b797b8308bcdc4d41b

Request headers

Referer: https://1fichier.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: *
age: 3305
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8548a8b21c4742e6-EWR
content-encoding: br
content-type: text/html
date: Mon, 12 Feb 2024 23:37:20 GMT
etag: W/"8e67b211a51f5d2e051dc08d3645dc50"
expires: Mon, 12 Feb 2024 23:42:15 GMT
last-modified: Thu, 21 Dec 2023 16:07:01 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F8B4 93 KB
31 KB 206ms
18ms Script
application/javascript 2620:1ec:48:1::40

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer: https://config.seedtag.com/
Origin: https://config.seedtag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: br
last-modified: Tue, 06 Feb 2024 16:37:22 GMT
x-azure-ref-originshield: 0Hv7JZQAAAAD/YaRDXGLYSY2eu3k3prYHTU5aMjIxMDYwNjEyMDUzADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: C6lJlGRJVBUbmTJ6Tx03Gw==
etag: 0x8DC2731E4AD9FE3
x-azure-ref: 0savKZQAAAADKpe3+u5NvQ5zGSLFlAf5TTU5aMjIxMDYwNjE0MDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a310015d-201e-00e1-169b-5d54cb000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19

GET
H2 200 it
nym1-ib.adnxs.com/ Frame F8B4 0
659 B 32ms
6ms Image
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_TEAeQDAAADANYABQEIsNeqrgYQ9JadoLTh1rwTGKjL1czPuceOZyo2CQAAAAA-t_Q_EQAAAIAUrvM_GQAAAIAUrvM_IWTZEy0kA_k_KfCugBQmVPo_MQAAAADXo9A_MN-jzgw4qR9AtV5I4wNQuomKtgFYwtScAWAAaM-CVnjepAWAAQGKAQNVU0SSAQNFVVKYAcoHoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCn0bgAr72MuoCKmh0dHBzOi8vMWZpY2hpZXIuY29tLz9iM2ZzNmRkanBlNjh3dGw2d3FueYADAIgDAZADAJgDFKADAaoDhwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZiM2MyNi0zOTU1LTRjNWQtOTI1MC0xMGY3MjA4ODY0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWYzNmIzYzI2LTM5NTUtNGM1ZC05Mj5xALhydHlwZT1udXJsJnRhZ0lkPTI2NDQ4MzUxJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ6GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNDAzMjUyODYyODQ2NzE2Nzg4IgkzODE4AQ7wmjQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hNell5T0RFNMAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAJxbREARQcjwPgCAUsCIBQGYBQCgBZqAlYObqZ69LqoFIjQ1ZThkMTJkLWQ3YjQtNDQ5My05NGY3LTFfQXBwTmV4dXPABQDJBQVDFADwP9IFCQVYAQE02AUB4AUB8AWn3Az6BQQBliiQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfepAXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB7mUnQqKCAIQAJUIAACAP5gIAcAIn0bSCAkI____PxAAGAA.&s=e9edc38306897cfddbf873ba39dfe41eaf45fca1&pp=1.23

Requested by

Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: 67f68209-3e44-47c7-a93c-4f72f8970496
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame F8B4 80 KB
28 KB 47ms
3ms Script
application/x-javascript 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Mon, 12 Feb 2024 23:37:21 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 7723821
X-Cache: HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21925-LGA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1707781041.049382,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 411957

GET
H3 200 event
s.seedtag.com/s/ Frame F8B4 43 B
74 B 23ms
21ms Image
image/gif 34.149.50.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/s/event?type=imp&id=45e8d12d-d7b4-4493-94f7-1_AppNexus_1
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame DED9 93 KB
31 KB 200ms
22ms Script
application/javascript 2620:1ec:48:1::40

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381

Request headers

Referer: https://config.seedtag.com/
Origin: https://config.seedtag.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 23:37:20 GMT
content-encoding: br
last-modified: Tue, 06 Feb 2024 16:37:22 GMT
x-azure-ref-originshield: 0Hv7JZQAAAAD/YaRDXGLYSY2eu3k3prYHTU5aMjIxMDYwNjEyMDUzADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5: C6lJlGRJVBUbmTJ6Tx03Gw==
etag: 0x8DC2731E4AD9FE3
x-azure-ref: 0savKZQAAAADB5DsSZ5fgRIFDRP1jqwRITU5aMjIxMDYwNjE0MDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a310015d-201e-00e1-169b-5d54cb000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-ms-version: 2009-09-19

GET
H2 200 it
nym1-ib.adnxs.com/ Frame DED9 0
658 B 59ms
43ms Image
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_BM5AMAAAMA1gAFAQiw16quBhC7mrGpzp7lyhIYjMzUyYTay6hJKjYJcxCyuh-mzT8RoY-PJJ4qzD8ZAAAA4KNw9T8hoY-PJJ4qzD8pdBAJJAQxAAUB9F4B0D8wtL66DDipH0C1XkjjA1C6iYq2AVjC1JwBYABoz4JWeOboAoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AKfRuACvvYy6gIqaHR0cHM6Ly8xZmljaGllci5jb20vP2IzZnM2ZGRqcGU2OHd0bDZ3cW55gAMAiAMBkAMAmAMUoAMBqgOHAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTcwOTg4NDE4LWFiYjAtNDhkZC1iY2NkLTA3MTRhOGJmOTAxYiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NzA5ODg0MTgtbnEAuHJ0eXBlPW51cmwmdGFnSWQ9MjYxMjQwODQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnw0GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxMzM5MTQwMjQzNzUwNDA3NDgzIgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hOVEUwTURjMcAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJQZEQnFtEQBEBCfA-AIBSwIgFAZgFAKAFwMbV_823wZZqqgUiOTgxNmEyYzgtMmQwOC00YzljLTkzYjYtMV9BcHBOZXh1c8AFAMkFBUMYAPA_0gUJCQkMeAAA2AUB4AUB8AWn3Az6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBAcVg4AYB8gYCCACABwGIBwCgBwHIB-boAtIHDRVlASYM2gcGCAUJrOAHAOoHAggA8Ae5lJ0KiggCEACVCAAAgD-YCAHACJ9G0ggJCP___z8QABgA&s=e3e59d1c89cbfebe000d738087f6a648137a0300&pp=0.220051

Requested by

Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: 9371a13f-d83e-4b02-a802-728c2097fb18
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame DED9 80 KB
28 KB 52ms
18ms Script
application/x-javascript 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Mon, 12 Feb 2024 23:37:21 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 7723821
X-Cache: HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21922-LGA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1707781041.061045,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 480994

GET
H3 200 event
s.seedtag.com/s/ Frame DED9 43 B
74 B 71ms
70ms Image
image/gif 34.149.50.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/s/event?type=imp&id=9816a2c8-2d08-4c9c-93b6-1_AppNexus_1
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 56 KB
18 KB 107ms
106ms Script
text/javascript 87.230.98.74

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=66181&o=1707781040&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&odw=0&dlt=1&l=en

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=66181&o=1707781040&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&odw=0&dlt=1&l=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 -, , ASN (),

Reverse DNS

Software

Resource Hash

783c21b581f3db6b7e8294621eb88fa9af7b56cec628c035551cb34d8ab37d69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 23:37:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 23:37:21 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame F8B4
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b31ff7ae-49fe-4eef-93a6-f8db6665e499&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f36b3c26-3955-4c5d...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=32f886fe1b8240aa92477c7ea13076a2&SNR=1&GV=2&med=10

0
186 B

72ms
65ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=32f886fe1b8240aa92477c7ea13076a2&SNR=1&GV=2&med=10
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4B41F48593F4A97B77C4BAEAA98C517 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BCCCF139B41842AFBC9902C03EBEF66C Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=32f886fe1b8240aa92477c7ea13076a2&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame F8B4 22 KB
22 KB 382ms
10ms Image
image/jpeg 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPHS.y9qpz429PV9NUQ474C474&o=5&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9db2ebadc8a6eae48f5c4f900660775082a6f1ac177b25d474d400b2e5e68f86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D06C4F36B5D540039CFCF33A936B2BB9 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22734

GET
H2 200 th
www.bing.com/ Frame DED9 22 KB
23 KB 354ms
7ms Image
image/jpeg 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPHS.y9qpz429PV9NUQ474C474&o=5&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9db2ebadc8a6eae48f5c4f900660775082a6f1ac177b25d474d400b2e5e68f86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAF47FB80466416D98CED0AA5031F1B8 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22734

GET
H2

200

c.gif
www.bing.com/aes/ Frame DED9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=705069cc-d1d7-424e-892c-fc367c77d83b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=70988418-abb0-48dd...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=74e7d082591e4a8599d5d940c699ac8c&SNR=1&GV=2&med=10

0
242 B

26ms
18ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=74e7d082591e4a8599d5d940c699ac8c&SNR=1&GV=2&med=10
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5056487874B40B084B07B4642E878C7 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F42483F895D4F2E88839DF06CB8A1B2 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:21Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=74e7d082591e4a8599d5d940c699ac8c&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 97AB 52 KB
17 KB 84ms
3ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=2110686
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://config.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 65641
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Feb 2024 23:37:21 GMT
ETag: W/"623de86a-cf34"
Expires: Tue, 13 Feb 2024 05:23:23 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 186389
X-Served-By: cache-lga21970-LGA
X-Timer: S1707781042.742131,VS0,VE0

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame F8B4 0
658 B 5ms
4ms Script
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLZBPS2AVkCAAADANYABQEIsNeqrgYQ9JadoLTh1rwTGKjL1czPuceOZyo2CQAAAAA-t_Q_EQAAAIAUrvM_GQAAAIAUrvM_IWTZEy0kA_k_KfCugBQmVPo_MQAAAADXo9A_MN-jzgw4qR9AtV5I4wNQuomKtgFYwtScAWAAaM-CVnjepAWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCn0bgAr72MuoCKmh0dHBzOi8vMWZpY2hpZXIuY29tLz9iM2ZzNmRkanBlNjh3dGw2d3FueYADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAJxbREARAAAAAACAUsCIBQGYBQCgBZqAlYObqZ69LqoFIjQ1ZThkMTJkLWQ3YjQtNDQ5My05NGY3LTFfQXBwTmV4dXPABQDJBQAAAAAAAPA_0gUJCQAhkHwAAADYBQHgBQHwBafcDPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB96kBdIHDQkRKAEmCNoHBgFeqBgA4AcA6gcCCADwB7mUnQqKCAIQAJUIAACAP5gIAcAIn0bSCAYIABAAGAA.&s=9276e318f04535632a72ab89d77d353e7dd24c95&bdref=https%3A%2F%2F1fichier.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2F1fichier.com,https%3A%2F%2F1fichier.com%2F,https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&

Requested by

Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: 7da14f5d-0be2-4c17-9f54-5030fe433394
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FE7B 52 KB
17 KB 83ms
4ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=4009&pub_id=2110686
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://config.seedtag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 65640
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Feb 2024 23:37:21 GMT
ETag: W/"623de86a-cf34"
Expires: Tue, 13 Feb 2024 05:23:23 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 186479
X-Served-By: cache-lga21955-LGA
X-Timer: S1707781042.742941,VS0,VE0

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame DED9 0
657 B 29ms
25ms Script
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLZBPBMWQIAAAMA1gAFAQiw16quBhC7mrGpzp7lyhIYjMzUyYTay6hJKjYJcxCyuh-mzT8RoY-PJJ4qzD8ZAAAA4KNw9T8hoY-PJJ4qzD8pdBAJJAQxAAUB9F4B0D8wtL66DDipH0C1XkjjA1C6iYq2AVjC1JwBYABoz4JWeOboAoABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AKfRuACvvYy6gIqaHR0cHM6Ly8xZmljaGllci5jb20vP2IzZnM2ZGRqcGU2OHd0bDZ3cW55gAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgD1JUw4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNNS4xODEuMjM0LjEzM6gEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8AS6iYq2AfoEEgkAAAAAnFtEQBEAAAAAAIBSwIgFAZgFAKAFwMbV_823wZZqqgUiOTgxNmEyYzgtMmQwOC00YzljLTkzYjYtMV9BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAJWRw2AUB4AUB8AWn3Az6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-boAtIHDQkRKAEmDNoHBggFCaDgBwDqBwIIAPAHuZSdCooIAhAAlQgAAIA_mAgBwAifRtIIBggAEAAYAA..&s=d6697fabee904569e0ad660afcab5a30706cf85e&bdref=https%3A%2F%2F1fichier.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2F1fichier.com,https%3A%2F%2F1fichier.com%2F,https%3A%2F%2Fconfig.seedtag.com%2Fstandard-iframe%2Findex.v1.html&

Requested by

Host: config.seedtag.com
URL: https://config.seedtag.com/standard-iframe/index.v1.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: e4c762ca-3e23-429f-881e-5c3912afd2d1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bV8xLndfNjYxODEucl9ST1cubF9lbi5kXzI1MjA0LnhfMTcudi5wLnRfMjUyMDQueHRfMTc.js Show response
cdn.consentmanager.net/delivery/customdata/ 283 KB
62 KB 84ms
81ms Script
text/javascript 2a02:6ea0:ca00::3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfNjYxODEucl9ST1cubF9lbi5kXzI1MjA0LnhfMTcudi5wLnRfMjUyMDQueHRfMTc.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=66181&o=1707781040&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&&l=en&odw=0&dlt=1&l=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:ca00::3 -, , ASN (),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

0b7666714b322b47cd944a95dae249b7790deebb91e342f2a3482236df8f00d2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-77-pop: londonGB
date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
x-age-lb: 854
x-77-cache: HIT
edge-control: public, max-age=1800
x-accel-date: 1707780187
x-xss-protection: 0
x-77-nzt: EwwBw7WkDQH3VgMAAAwBuUwKDAH3AQAAAAwB1GY4EQGzCQcAAA
x-accel-expires: @1707781986
x-77-age: 2656
x-cache-lb: HIT
last-modified: Mon, 12 Feb 2024 23:23:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: d09eba0fc574e622b1abca6576252919
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Mon, 12 Feb 2024 23:53:06 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame F8B4 0
675 B 56ms
29ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_TEAeQDAAADANYABQEIsNeqrgYQ9JadoLTh1rwTGKjL1czPuceOZyo2CQAAAAA-t_Q_EQAAAIAUrvM_GQAAAIAUrvM_IWTZEy0kA_k_KfCugBQmVPo_MQAAAADXo9A_MN-jzgw4qR9AtV5I4wNQuomKtgFYwtScAWAAaM-CVnjepAWAAQGKAQNVU0SSAQNFVVKYAcoHoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCn0bgAr72MuoCKmh0dHBzOi8vMWZpY2hpZXIuY29tLz9iM2ZzNmRkanBlNjh3dGw2d3FueYADAIgDAZADAJgDFKADAaoDhwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZiM2MyNi0zOTU1LTRjNWQtOTI1MC0xMGY3MjA4ODY0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWYzNmIzYzI2LTM5NTUtNGM1ZC05Mj5xALhydHlwZT1udXJsJnRhZ0lkPTI2NDQ4MzUxJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ6GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNDAzMjUyODYyODQ2NzE2Nzg4IgkzODE4AQ7wmjQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hNell5T0RFNMAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAJxbREARQcjwPgCAUsCIBQGYBQCgBZqAlYObqZ69LqoFIjQ1ZThkMTJkLWQ3YjQtNDQ5My05NGY3LTFfQXBwTmV4dXPABQDJBQVDFADwP9IFCQVYAQE02AUB4AUB8AWn3Az6BQQBliiQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfepAXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB7mUnQqKCAIQAJUIAACAP5gIAcAIn0bSCAkI____PxAAGAA.&s=e9edc38306897cfddbf873ba39dfe41eaf45fca1&type=nv&nvt=5&jm=1003&px=0&py=0&bw=250&bh=250&sid=5436528081477814979&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26448351&sw=1600&sh=1200&pw=970&ph=378&ww=970&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: d37d14df-23ac-4942-a5ec-26d9baae5fa7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://config.seedtag.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 30ms
18ms Fetch 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:21 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame DED9 0
675 B 5ms
4ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_BM5AMAAAMA1gAFAQiw16quBhC7mrGpzp7lyhIYjMzUyYTay6hJKjYJcxCyuh-mzT8RoY-PJJ4qzD8ZAAAA4KNw9T8hoY-PJJ4qzD8pdBAJJAQxAAUB9F4B0D8wtL66DDipH0C1XkjjA1C6iYq2AVjC1JwBYABoz4JWeOboAoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AKfRuACvvYy6gIqaHR0cHM6Ly8xZmljaGllci5jb20vP2IzZnM2ZGRqcGU2OHd0bDZ3cW55gAMAiAMBkAMAmAMUoAMBqgOHAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTcwOTg4NDE4LWFiYjAtNDhkZC1iY2NkLTA3MTRhOGJmOTAxYiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NzA5ODg0MTgtbnEAuHJ0eXBlPW51cmwmdGFnSWQ9MjYxMjQwODQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnw0GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxMzM5MTQwMjQzNzUwNDA3NDgzIgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hOVEUwTURjMcAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJQZEQnFtEQBEBCfA-AIBSwIgFAZgFAKAFwMbV_823wZZqqgUiOTgxNmEyYzgtMmQwOC00YzljLTkzYjYtMV9BcHBOZXh1c8AFAMkFBUMYAPA_0gUJCQkMeAAA2AUB4AUB8AWn3Az6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBAcVg4AYB8gYCCACABwGIBwCgBwHIB-boAtIHDRVlASYM2gcGCAUJrOAHAOoHAggA8Ae5lJ0KiggCEACVCAAAgD-YCAHACJ9G0ggJCP___z8QABgA&s=e3e59d1c89cbfebe000d738087f6a648137a0300&type=nv&nvt=5&jm=1003&px=0&py=0&bw=250&bh=250&sid=5436528081477814979&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26124084&sw=1600&sh=1200&pw=970&ph=378&ww=970&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
an-x-request-uuid: f84dd5d7-d254-4550-b010-fb6130aa8585
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://config.seedtag.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
562 B 94ms
8ms XHR
application/json 3.33.220.150

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6aarzke&fmt=json
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 27fb8259e243a9d3b8b156cbb1478f9961273364122e16615550a0cf949c6c0f

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:22 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://1fichier.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 13 Mar 2024 23:37:22 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
404 B 306ms
104ms Image
image/gif 87.230.98.74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=66181&did=1&cfdid=1&t=pv.cn.d_reg0.d_dnsx&h=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&o=1707781042095&l=EN&lv=59792&d=1&ct=14&e=&e2=&e3=&i=&sv=29&dv=17&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 -, , ASN (),

Reverse DNS

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 23:37:22 GMT
Last-Modified: Mon, 12 Feb 2024 23:37:22 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 16 KB
8 KB 345ms
325ms XHR
application/json 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4a45d51ff517bd49eaff25dc40f8b2915cfe6bb6236ad1d234b48193112e1652

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
content-encoding: gzip
an-x-request-uuid: b62e56d4-a146-4433-ba7c-8609a874479b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 298ms
65ms XHR
application/json 23.105.12.131

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.131 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63d095ee252b3c019e7820f3353b6351790fee496711a5ab7394dd2a946721be

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://1fichier.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 pb Show response
ad.360yield.com/ 0
99 B 61ms
10ms XHR
text/plain 35.168.137.63

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/pb
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.168.137.63 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1fichier.com
date: Mon, 12 Feb 2024 23:37:22 GMT
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
529 B 381ms
125ms XHR
text/plain 37.157.6.233

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://1fichier.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ 3 KB
2 KB 132ms
92ms XHR
application/json 2606:4700:4400::6812:22b2

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: be026f3d727ecaf9e5a08357252e6aa56ef20a46ae77f9d8f580df0d080c8b7a

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-las
date: Mon, 12 Feb 2024 23:37:22 GMT
content-encoding: gzip
via: 1.1 google
x-err: Shapings: no adunits with size and seat and mapping
cf-cache-status: DYNAMIC
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: r89-desktop-billboard-low-0
content-length: 938
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8548a8ba69478cc6-EWR
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
602 B 105ms
57ms XHR
application/json 18.210.171.32

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.3&referrer=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&tmax=1500&gdpr=false&cmp_cs=CP54zlAP54zlAAfC1BENAnEsAP_gAEPgAAigg1NX_H__bX9v-Xr36ft0eY1f99j77uQxBhfJs-4FzLvW_JwX32EzNE36tqYKmRIEu3bBIQFtHJnUTVihaogVrzHsYkGchTNKJ-BkiHMRe2dYCF5vmYtj-QKZ5_p_d3f52T_9_dv-3dzzz91nv3f9f-f1eLida59tH_v_bRKb-_If9_7-_4v0_t_rk2_eTVv_9evv79-u_t____9_9____4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAEQamr_j__tr-3_L179P26PMav--x993IYgwvk2fcC5l3rfk4L77CZmib9W1MFTIkCXbtgkIC2jkzqJqxQtUQK15j2MSDOQpmlE_AyRDmIvbOsBC83zMWx_IFM8_0_u7v87J_-_u3_bu555-6z37v-v_P6vFxOtc-2j_3_tolN_fkP-_9_f8X6f2_1ybfvJq3_-vX39-_Xf2____-_-____8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA

Requested by

Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.210.171.32 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
191 B 163ms
28ms XHR
text/plain 50.31.142.159

General

Check archive.org

Show headers Download Go to

Full URL

https://b1h.zemanta.com/api/bidder/prebid/bid/

Requested by

Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.31.142.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://1fichier.com
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
1 KB 108ms
74ms XHR
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU3GWXE7
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 9094d8332126151bc7798356a87c4c83288e4a9f77c570131966f5e694cb782e

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:21 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 23:37:22 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame F8B4
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b31ff7ae-49fe-4eef-93a6-f8db6665e499&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f36b3c26-3955-4c5d...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=32f886fe1b8240aa92477c7ea13076a2&tids=15000&med=10

0
185 B

18ms
18ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=32f886fe1b8240aa92477c7ea13076a2&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9976F2C700E94E679B4CBDD3AD3B5968 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E88EE1B19298441A886F4962EC18BA45 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=32f886fe1b8240aa92477c7ea13076a2&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame DED9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=705069cc-d1d7-424e-892c-fc367c77d83b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=70988418-abb0-48dd...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=74e7d082591e4a8599d5d940c699ac8c&tids=15000&med=10

0
186 B

19ms
19ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=74e7d082591e4a8599d5d940c699ac8c&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FDB3CF4282E49A78C0060CEEAD8908B Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CD9C891B7B24551AAE8B2F5A7821C9E Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=74e7d082591e4a8599d5d940c699ac8c&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 77A4 130 KB
46 KB 27ms
4ms Script
application/javascript 151.101.129.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3b793e8be4d2c26a689aabd0d17fa2933b7b767d2883c8fdc37081adda6cbcf2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: Thu, 08 Feb 2024 05:23:27 GMT
Date: Mon, 12 Feb 2024 23:37:22 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 65627
X-Cache: HIT
Connection: keep-alive
Content-Length: 47024
X-Served-By: cache-lga21947-LGA
Last-Modified: Tue, 06 Feb 2024 18:10:30 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1707781043.684437,VS0,VE0
ETag: W/"65c27616-2063a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 22057

GET
H/1.1 200
OK 9a7efbb9-21f4-4987-8bb0-fd9b64949f57 Show response
dcdn.adnxs.com/renderer-content/ Frame 77A4 11 KB
3 KB 226ms
5ms Script
text/javascript 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/9a7efbb9-21f4-4987-8bb0-fd9b64949f57
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 990af602ddb96f001d8d8e00b0f4f6c93bc247bc96057cfd82487ce0e996d2ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 23:37:22 GMT
content-encoding: gzip
Via: 1.1 varnish
x-b3-traceid: ab1c277b1c881def
Age: 76660
X-Cache: HIT
an-served-by: hbapi-proxy-production-bfc9874b9-k88bc
Connection: keep-alive
Content-Length: 3040
X-Served-By: cache-lga21947-LGA
Server: nginx/1.21.3
X-Timer: S1707781043.882374,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 77A4 80 KB
28 KB 9ms
9ms Script
application/x-javascript 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: tags.refinery89.com
URL: https://tags.refinery89.com/prebid/prebid7.54.3-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Mon, 12 Feb 2024 23:37:22 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 7723823
X-Cache: HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21922-LGA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1707781043.667446,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 480997

POST
H2 200 1a Show response
i.clean.gg/ Frame 77A4 0
104 B 13ms
12ms XHR
application/octet-stream 34.95.69.49

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 -, , ASN (),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 23:37:22 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame F8B4 0
987 B 4ms
4ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_TEAeQDAAADANYABQEIsNeqrgYQ9JadoLTh1rwTGKjL1czPuceOZyo2CQAAAAA-t_Q_EQAAAIAUrvM_GQAAAIAUrvM_IWTZEy0kA_k_KfCugBQmVPo_MQAAAADXo9A_MN-jzgw4qR9AtV5I4wNQuomKtgFYwtScAWAAaM-CVnjepAWAAQGKAQNVU0SSAQNFVVKYAcoHoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCn0bgAr72MuoCKmh0dHBzOi8vMWZpY2hpZXIuY29tLz9iM2ZzNmRkanBlNjh3dGw2d3FueYADAIgDAZADAJgDFKADAaoDhwMKsQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMzZiM2MyNi0zOTU1LTRjNWQtOTI1MC0xMGY3MjA4ODY0MWImYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWYzNmIzYzI2LTM5NTUtNGM1ZC05Mj5xALhydHlwZT1udXJsJnRhZ0lkPTI2NDQ4MzUxJnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ6GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxNDAzMjUyODYyODQ2NzE2Nzg4IgkzODE4AQ7wmjQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hNell5T0RFNMAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAJxbREARQcjwPgCAUsCIBQGYBQCgBZqAlYObqZ69LqoFIjQ1ZThkMTJkLWQ3YjQtNDQ5My05NGY3LTFfQXBwTmV4dXPABQDJBQVDFADwP9IFCQVYAQE02AUB4AUB8AWn3Az6BQQBliiQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfepAXSBw0VZQEmCNoHBgFetBgA4AcA6gcCCADwB7mUnQqKCAIQAJUIAACAP5gIAcAIn0bSCAkI____PxAAGAA.&s=e9edc38306897cfddbf873ba39dfe41eaf45fca1&type=pv&jm=1003&px=0&py=0&bw=250&bh=250&sf=1&sid=5436528081477814979&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26448351&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
an-x-request-uuid: dc841e99-da7e-4591-94b9-a9847038f470
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://config.seedtag.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 177ms
11ms Preflight
text/plain 34.95.69.49

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 -, , ASN (),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1fichier.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 12 Feb 2024 23:37:22 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 get
choices.trustarc.com/ Frame 77A4 739 B
1 KB 37ms
8ms Image
image/png 18.161.34.71

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.34.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 04:13:41 GMT
via: 1.1 da1815f8c76e376684e7d01242493d36.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-P2
age: 69821
x-cache: Hit from cloudfront
content-length: 739
pragma: public
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: BK2WE35YPJnUFYhn4KVT9fCMm_rYQ47wWxkr9tljuc1awfJ6psub8w==
expires: Wed, 13 Mar 2024 04:13:41 GMT

GET
H2 200 th
www.bing.com/ Frame 77A4 64 KB
64 KB 10ms
9ms Image
image/jpeg 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPHS.y9qpz429PV9NUQ474C474&o=5&pid=21.1&w=1200&h=627&dynsize=1&qlt=90&c=17
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae22dfe175f638eaadd65286829cb1c85d33207fd92b0277cd545fd50b883e6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 23:37:22 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1574AC5D45848C1AD668FDC77818175 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_HIT
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 65265

GET
H2

200

c.gif
www.bing.com/aes/ Frame 77A4
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=6aa9a924-79c7-4307-b36f-c612fc4bdaa8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7dce6031-d7df-436f...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=779caab8631f4bb5ad7fa59b2db62677&SNR=1&GV=2&med=10

0
243 B

20ms
20ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=779caab8631f4bb5ad7fa59b2db62677&SNR=1&GV=2&med=10
Requested by: Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C032C0D4646242998A2E7CC5D1FD2355 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEA4F8750A9E4CC4BA2C22BF893FAD4D Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:22Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=779caab8631f4bb5ad7fa59b2db62677&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 154
expires: 0

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 77A4 0
970 B 29ms
28ms Image
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&e=wqT_3QLVE-jVCQAAAwDWAAUBCLLXqq4GELj8mtfX1-mZEhgAKjYJGigBZTIloT8RTBnBrLxJoD8ZAAAA4FG4vj8hTA0SACkRJPReATEAAABA4XqUPzDrmv0LOIBPQLVeSOMDUMuswnVYh4qcAWAAaPfvvAF4gMoFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKFp03qAipodHRwczovLzFmaWNoaWVyLmNvbS8_Nnk4MXJ5amoyOG1saTNyOHQ5NXmAAwCIAwGQAwCYAxegAwGqA5sDCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9N2RjZTYwMzEtZDdkZi00MzZmLTk1NTItYWE3MGIyMGQzODQ2JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTEyNzAmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGNlNn5xALhydHlwZT1udXJsJnRhZ0lkPTI1MTIwMTA3JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9DYCX2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEzMTE1NzUyNDkyMzU5MTgzOTIiCTI0NjQ1MzgzNSoEYmluZzokVTJodmNIQnBibWRCWkNNeE5EQTNOalU1T0RreE5URTBNRGMwwAPgqAHIAwDYA9SVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBZnE5_X8nMXXesAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBafcDPoFBAgAEACQBgGYBgCyBqQLQ1A1NHpsQVA1NHpsQUFmQzFCRU5BbkVzQVBfZ0FFUGdBQWlnZzFOWF9IX19iWDl2LVhyMzZmdDBlWTFmOTlqNzd1UXhCaGZKcy00RnpMdldfSndYMzJFek5FMzZ0cVlLbVJJRXUzYkJJUUZ0SEpuVVRWaWhhb2dWcnpIc1lrR2NoVE5LSi1Ca2lITVJlMmRZQ0Y1dm1ZdGotUUtaNV9wX2QzZjUyVF85X2R2LTNkenp6OTFudjNmOWYtZjFlTGlkYTU5dEhfdl9iUktiLV9JZjlfNy1fNHYwX3RfcmsyX2VUVnZfOWV2djc5LXVfdF9fX185XzlfX19fNEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB_hIA_hIA_hIA_hIA_hIA_hIA_hIADRLw3lFBQUFFUWFtcl9qX190ci0zX0wxNzlQMjZQTWF2LS14OTkzSVlnd3ZrMmZjQzVsM3JmazRMNzdDWm1pYjlXMU1GVElrQ1hidGdrSUMyamt6cUpxeFF0VVFLMTVqMk1TRE9RcG1sRV9BeVJEbUl2Yk9zQkM4M3pNV3hfSUZNOF8wX3U3djg3Sl8tX3UzX2J1NTU1LTZ6Mzd2LXZfUDZ2RnhPdGMtMmpfM190b2xOX2ZrUC1fOV9mOFg2ZjJfMXliZnZKcTNfLXZYMzktX1hmMl9fX18tXy1fX19fOEFBQUH-pgL-pgL-pgL-pgL-pgL-pgL-pgJNpmIBACxJQUFBQ0FBuAYAwQapyyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgMoF0gcNCREoASYM2gcGCAUJ8J7gBwDqBwIIAPAHuZSdCooIcQptAAABjZ-ur1ASM6a9eua-OIOirULSncmUt6Ytx1IUuDZZ2uOq9v9YnPbaAep_jrxgvS7_6A0CNont0To-9n47zPO-efnYVedLSli_IMyq0R5d_K4zlXtm7KUeVNWv78gxXciA6ZqcTVMQaYd-RhABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=a8c28845f630aabd44ff8dc347deb8deb53f78ef

Requested by

Host: 1fichier.com
URL: https://1fichier.com/?6y81ryjj28mli3r8t95y

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
an-x-request-uuid: 826ac993-339c-4ede-b1cc-c3eb68944d13
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 77A4 0
970 B 9ms
8ms Script
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&e=wqT_3QL-EOh-CAAAAwDWAAUBCLLXqq4GELj8mtfX1-mZEhgAKjYJGigBZTIloT8RTBnBrLxJoD8ZAAAA4FG4vj8hTA0SACkRJPSsAjEAAABA4XqUPzDrmv0LOIBPQLVeSOMDUMuswnVYh4qcAWAAaPfvvAF4gMoFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKFp03qAipodHRwczovLzFmaWNoaWVyLmNvbS8_Nnk4MXJ5amoyOG1saTNyOHQ5NXmAAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgD1JUw4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFmcTn9fycxdd6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAeoFEAoJcHVibGlzaGVyEgMzOTnqBRQKBHNpdGUSDDFmaWNoaWVyLmNvbeoFIAoHYWRfc2xvdBIVRGVza3RvcC1CaWxsYm9hcmQtTG938AWn3Az6BQQIABAAkAYBmAYAsgakC0NQNTR6bEFQNTR6bEFBZkMxQkVOQW5Fc0FQX2dBRVBnQUFpZ2cxTlhfSF9fYlg5di1YcjM2ZnQwZVkxZjk5ajc3dVF4QmhmSnMtNEZ6THZXX0p3WDMyRXpORTM2dHFZS21SSUV1M2JCSVFGdEhKblVUVmloYW9nVnJ6SHNZa0djaFROS0otQmtpSE1SZTJkWUNGNXZtWXRqLVFLWjVfcF9kM2Y1MlRfOV9kdi0zZHp6ejkxbnYzZjlmLWYxZUxpZGE1OXRIX3ZfYlJLYi1fSWY5XzctXzR2MF90X3JrMl9lVFZ2XzlldnY3OS11X3RfX19fOV85X19fXzRBQUFBQUFBQUFBQUFBQUFBQUFBQUH-FQD-FQD-FQD-FQD-FQD-FQD-FQA6FQDw3lFBQUFFUWFtcl9qX190ci0zX0wxNzlQMjZQTWF2LS14OTkzSVlnd3ZrMmZjQzVsM3JmazRMNzdDWm1pYjlXMU1GVElrQ1hidGdrSUMyamt6cUpxeFF0VVFLMTVqMk1TRE9RcG1sRV9BeVJEbUl2Yk9zQkM4M3pNV3hfSUZNOF8wX3U3djg3Sl8tX3UzX2J1NTU1LTZ6Mzd2LXZfUDZ2RnhPdGMtMmpfM190b2xOX2ZrUC1fOV9mOFg2ZjJfMXliZnZKcTNfLXZYMzktX1hmMl9fX18tXy1fX19fOEFBQUH-rgL-rgL-rgL-rgL-rgL-rgL-rgI6rgJCAQAsSUFBQUNBQbgGAMEG0SYk0AbCjQTaBhYKEAkSGQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAeAygXSBw0JESgBJgzaBwYIBQnwluAHAOoHAggA8Ae5lJ0KighxCm0AAAGNn66vUBIzpr165r44g6KtQtKdyZS3pi3HUhS4Nlna46r2_1ic9toB6n-OvGC9Lv_oDQI2ie3ROj72fjvM8755-dhV50tKWL8gzKrRHl38rjOVe2bspR5U1a_vyDFdyIDpmpxNUxBph35GEAGVCAAAgD-YCAHACADSCAYIABAAGAA.&s=9ff2c5e2d6c788026bc3f33696e72f871efd288e&bdref=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&bdtop=true&bdifs=1&bstk=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y,https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
an-x-request-uuid: cd686bee-d03d-4b37-a451-42b1c95787c0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 77A4 0
983 B 6ms
5ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&e=wqT_3QLVE-jVCQAAAwDWAAUBCLLXqq4GELj8mtfX1-mZEhgAKjYJGigBZTIloT8RTBnBrLxJoD8ZAAAA4FG4vj8hTA0SACkRJPReATEAAABA4XqUPzDrmv0LOIBPQLVeSOMDUMuswnVYh4qcAWAAaPfvvAF4gMoFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKFp03qAipodHRwczovLzFmaWNoaWVyLmNvbS8_Nnk4MXJ5amoyOG1saTNyOHQ5NXmAAwCIAwGQAwCYAxegAwGqA5sDCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9N2RjZTYwMzEtZDdkZi00MzZmLTk1NTItYWE3MGIyMGQzODQ2JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTEyNzAmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGNlNn5xALhydHlwZT1udXJsJnRhZ0lkPTI1MTIwMTA3JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9DYCX2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEzMTE1NzUyNDkyMzU5MTgzOTIiCTI0NjQ1MzgzNSoEYmluZzokVTJodmNIQnBibWRCWkNNeE5EQTNOalU1T0RreE5URTBNRGMwwAPgqAHIAwDYA9SVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBZnE5_X8nMXXesAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBafcDPoFBAgAEACQBgGYBgCyBqQLQ1A1NHpsQVA1NHpsQUFmQzFCRU5BbkVzQVBfZ0FFUGdBQWlnZzFOWF9IX19iWDl2LVhyMzZmdDBlWTFmOTlqNzd1UXhCaGZKcy00RnpMdldfSndYMzJFek5FMzZ0cVlLbVJJRXUzYkJJUUZ0SEpuVVRWaWhhb2dWcnpIc1lrR2NoVE5LSi1Ca2lITVJlMmRZQ0Y1dm1ZdGotUUtaNV9wX2QzZjUyVF85X2R2LTNkenp6OTFudjNmOWYtZjFlTGlkYTU5dEhfdl9iUktiLV9JZjlfNy1fNHYwX3RfcmsyX2VUVnZfOWV2djc5LXVfdF9fX185XzlfX19fNEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB_hIA_hIA_hIA_hIA_hIA_hIA_hIADRLw3lFBQUFFUWFtcl9qX190ci0zX0wxNzlQMjZQTWF2LS14OTkzSVlnd3ZrMmZjQzVsM3JmazRMNzdDWm1pYjlXMU1GVElrQ1hidGdrSUMyamt6cUpxeFF0VVFLMTVqMk1TRE9RcG1sRV9BeVJEbUl2Yk9zQkM4M3pNV3hfSUZNOF8wX3U3djg3Sl8tX3UzX2J1NTU1LTZ6Mzd2LXZfUDZ2RnhPdGMtMmpfM190b2xOX2ZrUC1fOV9mOFg2ZjJfMXliZnZKcTNfLXZYMzktX1hmMl9fX18tXy1fX19fOEFBQUH-pgL-pgL-pgL-pgL-pgL-pgL-pgJNpmIBACxJQUFBQ0FBuAYAwQapyyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgMoF0gcNCREoASYM2gcGCAUJ8J7gBwDqBwIIAPAHuZSdCooIcQptAAABjZ-ur1ASM6a9eua-OIOirULSncmUt6Ytx1IUuDZZ2uOq9v9YnPbaAep_jrxgvS7_6A0CNont0To-9n47zPO-efnYVedLSli_IMyq0R5d_K4zlXtm7KUeVNWv78gxXciA6ZqcTVMQaYd-RhABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=a8c28845f630aabd44ff8dc347deb8deb53f78ef&type=nv&nvt=5&jm=1400|1003&px=436&py=1110&bw=728&bh=125&sid=6269899921853809957&vd=ct~0|rr~0&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=25120107&sw=1600&sh=1200&pw=1600&ph=1347&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:22 GMT
an-x-request-uuid: 7fe2cb7b-45ab-4184-926c-a469175bb2e4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame DED9 0
987 B 35ms
35ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3Fb3fs6ddjpe68wtl6wqny&e=wqT_3QLkB_BM5AMAAAMA1gAFAQiw16quBhC7mrGpzp7lyhIYjMzUyYTay6hJKjYJcxCyuh-mzT8RoY-PJJ4qzD8ZAAAA4KNw9T8hoY-PJJ4qzD8pdBAJJAQxAAUB9F4B0D8wtL66DDipH0C1XkjjA1C6iYq2AVjC1JwBYABoz4JWeOboAoABAYoBA1VTRJIBA0VVUpgBygegAfoBqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AKfRuACvvYy6gIqaHR0cHM6Ly8xZmljaGllci5jb20vP2IzZnM2ZGRqcGU2OHd0bDZ3cW55gAMAiAMBkAMAmAMUoAMBqgOHAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTcwOTg4NDE4LWFiYjAtNDhkZC1iY2NkLTA3MTRhOGJmOTAxYiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYzJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NzA5ODg0MTgtbnEAuHJ0eXBlPW51cmwmdGFnSWQ9MjYxMjQwODQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnw0GVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMxMzM5MTQwMjQzNzUwNDA3NDgzIgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVNU9Ea3hOVEUwTURjMcAD2ATIAwDYA9SVMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDTUuMTgxLjIzNC4xMzOoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJQZEQnFtEQBEBCfA-AIBSwIgFAZgFAKAFwMbV_823wZZqqgUiOTgxNmEyYzgtMmQwOC00YzljLTkzYjYtMV9BcHBOZXh1c8AFAMkFBUMYAPA_0gUJCQkMeAAA2AUB4AUB8AWn3Az6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBAcVg4AYB8gYCCACABwGIBwCgBwHIB-boAtIHDRVlASYM2gcGCAUJrOAHAOoHAggA8Ae5lJ0KiggCEACVCAAAgD-YCAHACJ9G0ggJCP___z8QABgA&s=e3e59d1c89cbfebe000d738087f6a648137a0300&type=pv&jm=1003&px=0&py=0&bw=250&bh=250&sf=1&sid=5436528081477814979&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26124084&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://config.seedtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:23 GMT
an-x-request-uuid: 17f2565a-0087-4bb0-ab8a-e2298c702087
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://config.seedtag.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 30ms
29ms Fetch 34.149.50.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1fichier.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 23:37:23 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://1fichier.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 77A4 0
983 B 5ms
4ms Ping
text/html 68.67.160.132

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2F1fichier.com%2F%3F6y81ryjj28mli3r8t95y&e=wqT_3QLVE-jVCQAAAwDWAAUBCLLXqq4GELj8mtfX1-mZEhgAKjYJGigBZTIloT8RTBnBrLxJoD8ZAAAA4FG4vj8hTA0SACkRJPReATEAAABA4XqUPzDrmv0LOIBPQLVeSOMDUMuswnVYh4qcAWAAaPfvvAF4gMoFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKFp03qAipodHRwczovLzFmaWNoaWVyLmNvbS8_Nnk4MXJ5amoyOG1saTNyOHQ5NXmAAwCIAwGQAwCYAxegAwGqA5sDCsUCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9N2RjZTYwMzEtZDdkZi00MzZmLTk1NTItYWE3MGIyMGQzODQ2JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW5pdD0zOTEyNzAmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ZGNlNn5xALhydHlwZT1udXJsJnRhZ0lkPTI1MTIwMTA3JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9DYCX2d2cnEtcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEzMTE1NzUyNDkyMzU5MTgzOTIiCTI0NjQ1MzgzNSoEYmluZzokVTJodmNIQnBibWRCWkNNeE5EQTNOalU1T0RreE5URTBNRGMwwAPgqAHIAwDYA9SVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA01LjE4MS4yMzQuMTMzqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBZnE5_X8nMXXesAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBafcDPoFBAgAEACQBgGYBgCyBqQLQ1A1NHpsQVA1NHpsQUFmQzFCRU5BbkVzQVBfZ0FFUGdBQWlnZzFOWF9IX19iWDl2LVhyMzZmdDBlWTFmOTlqNzd1UXhCaGZKcy00RnpMdldfSndYMzJFek5FMzZ0cVlLbVJJRXUzYkJJUUZ0SEpuVVRWaWhhb2dWcnpIc1lrR2NoVE5LSi1Ca2lITVJlMmRZQ0Y1dm1ZdGotUUtaNV9wX2QzZjUyVF85X2R2LTNkenp6OTFudjNmOWYtZjFlTGlkYTU5dEhfdl9iUktiLV9JZjlfNy1fNHYwX3RfcmsyX2VUVnZfOWV2djc5LXVfdF9fX185XzlfX19fNEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB_hIA_hIA_hIA_hIA_hIA_hIA_hIADRLw3lFBQUFFUWFtcl9qX190ci0zX0wxNzlQMjZQTWF2LS14OTkzSVlnd3ZrMmZjQzVsM3JmazRMNzdDWm1pYjlXMU1GVElrQ1hidGdrSUMyamt6cUpxeFF0VVFLMTVqMk1TRE9RcG1sRV9BeVJEbUl2Yk9zQkM4M3pNV3hfSUZNOF8wX3U3djg3Sl8tX3UzX2J1NTU1LTZ6Mzd2LXZfUDZ2RnhPdGMtMmpfM190b2xOX2ZrUC1fOV9mOFg2ZjJfMXliZnZKcTNfLXZYMzktX1hmMl9fX18tXy1fX19fOEFBQUH-pgL-pgL-pgL-pgL-pgL-pgL-pgJNpmIBACxJQUFBQ0FBuAYAwQapyyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHgMoF0gcNCREoASYM2gcGCAUJ8J7gBwDqBwIIAPAHuZSdCooIcQptAAABjZ-ur1ASM6a9eua-OIOirULSncmUt6Ytx1IUuDZZ2uOq9v9YnPbaAep_jrxgvS7_6A0CNont0To-9n47zPO-efnYVedLSli_IMyq0R5d_K4zlXtm7KUeVNWv78gxXciA6ZqcTVMQaYd-RhABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=a8c28845f630aabd44ff8dc347deb8deb53f78ef&type=pv&jm=1400|1003|1421&px=436&py=1110&bw=728&bh=125&sf=0.72&sid=6269899921853809957&vd=ct~0|rr~5&sv=240&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=25120107&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:23 GMT
an-x-request-uuid: 4f489bd7-a452-4619-baf9-a15236a6875a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1fichier.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=6aa9a924-79c7-4307-b36f-c612fc4bdaa8&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=7dce6031-d7df-436f...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=779caab8631f4bb5ad7fa59b2db62677&tids=15000&med=10

0
187 B

27ms
27ms

Image
text/plain

2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=779caab8631f4bb5ad7fa59b2db62677&tids=15000&med=10
Protocol: H2
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1fichier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 23:37:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DFAC8B496F444F3880F60BA9FA53216A Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 12 Feb 2024 23:37:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 687659244C514185B81947985EEF7C09 Ref B: EWR30EDGE1407 Ref C: 2024-02-12T23:37:23Z
vary: Origin
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=779caab8631f4bb5ad7fa59b2db62677&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
content-length: 146
expires: 0

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.seedtag.com/	1970-01-21 03:08:37	Name: st_uid Value: 45cf0c35-a9f4-4eec-95f5-184a144149df
.seedtag.com/	1970-01-20 19:06:13	Name: st_ssp Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9TmV3IFlvcmsmcmVnaW9uX2lzbzI9TlkmY2l0eV9uYW1lPU5ldyBZb3JrJmxvbmdpdHVkZT0tNzQmbGF0aXR1ZGU9NDAuNzE1NyZtZXRybz01MDEmemlwPTEwMDEz
s.seedtag.com/	1969-12-31 23:59:59	Name: gv Value: -
a.delivery.consentmanager.net/	1970-01-21 03:51:49	Name: __cmpcc Value: 1
1fichier.com/	1970-01-21 03:51:49	Name: __cmpcc Value: 1
.adnxs.com/	1970-01-21 03:59:01	Name: receive-cookie-deprecation Value: 1
b.delivery.consentmanager.net/	1970-01-21 03:51:49	Name: __cmpcc Value: 1

74 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://1fichier.com/?6y81ryjj28mli3r8t95y Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fichier.com
a.delivery.consentmanager.net
acdn.adnxs-simple.com
acdn.adnxs.com
ad.360yield.com
adsdk.microsoft.com
adx.adform.net
b.delivery.consentmanager.net
b1h.zemanta.com
cdn.adnxs.com
cdn.consentmanager.net
choices.trustarc.com
config.seedtag.com
dcdn.adnxs.com
i.clean.gg
ib.adnxs.com
img.1fichier.com
match.adsrvr.org
mp.4dex.io
nym1-ib.adnxs.com
prebid.media.net
prg.smartadserver.com
s.seedtag.com
steamunlocked.pro
t.seedtag.com
tags.refinery89.com
tlx.3lift.com
www.bing.com
104.18.127.252
151.101.1.108
151.101.129.108
151.101.193.108
18.161.34.71
18.210.171.32
23.105.12.131
2600:9000:20ee:2e00:1a:ffda:a3c0:93a1
2606:4700:3037::ac43:aa3a
2606:4700:4400::6812:22b2
2620:1ec:48:1::40
2620:1ec:c11::200
2a00:fb40:a:1::140
2a00:fb40:a:1::141
2a02:6ea0:ca00::3
3.33.220.150
34.120.63.153
34.149.50.64
34.95.69.49
35.168.137.63
37.157.6.233
50.31.142.159
68.67.160.132
87.230.98.74
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0b7666714b322b47cd944a95dae249b7790deebb91e342f2a3482236df8f00d2
0f5faabc58a01da733eddb287db4586081c6722e385925b04744d0db159d23a4
27fb8259e243a9d3b8b156cbb1478f9961273364122e16615550a0cf949c6c0f
296d2d86087f143fa1dcc6524798ff105b4c459227134487f3633457fa97537c
2bf342d6364e1dd3909b3348e19ca014b50c8b65f4b271f3f8ce56ebce64a352
30f3500d7b553c574fce2eb552c169a4fc7843aea1c45c6db76b052d5f04de9c
356b96c1f8e8171991f25895a7dbb59a8b212cf65792dda3c32d79280ae93daa
3b793e8be4d2c26a689aabd0d17fa2933b7b767d2883c8fdc37081adda6cbcf2
3c47937e8b71c472c95d3d31468e6384a7a22e954c145edc9c375eb33d191ccc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
4a45d51ff517bd49eaff25dc40f8b2915cfe6bb6236ad1d234b48193112e1652
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
554c2727b8ce2534941b079597425be134dd257437f76cb04cddc3cbd7227fb3
56a3cef734f0fe9d757aaf0a3c7f46176eadf4f87f41ab8ea2ee4d2f82733381
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5d60d8ede5f1a69df1974508c1c2e0fd7098aa9f15d758e00134415a6ae41df7
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
63d095ee252b3c019e7820f3353b6351790fee496711a5ab7394dd2a946721be
65407582672dbe330d7ff1c52eb9493b1ea49ffd207701b797b8308bcdc4d41b
6c7be3a3fd1ed0080f2cd8f1d0cca0cfb21582612e9dce000305bac51acdb40e
6cd9c5a94c50340eb1ba7d0038d2f973c88a22916e1b9f2b293dee636db72ed7
71cc73e07c93286f879de363886843eef3ca93ad9b54f6e616ea82622b793316
72dae5ab8b6e0d4b62794591e1c79ec3463e12882b9e853450cd17e3dba2ae30
73513b879d0edd7741cafb3dd08786590fec66fd71b24e544173163c6b9ecf2f
75f1a5c83df6b2cd16c4fe882b10f834e01b67fdd7ba63fa2d77268c5464b003
783c21b581f3db6b7e8294621eb88fa9af7b56cec628c035551cb34d8ab37d69
802b26490cde1ca26cc8f48d7491488ac7d3d39c5f7a1c6a9581f898bbcb995b
81a5b16189a64b452483a35388c93052717e8df65902252b6fcbca64a1441160
84b2ea92ed2b84f4e351181e9b830a6e9ba74c6b30a1e1899d525b7b208e3849
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
904440a613768420de3c14bcab8adbb7fa7fdeb669d54931b7d676aba78deb1b
9094d8332126151bc7798356a87c4c83288e4a9f77c570131966f5e694cb782e
990af602ddb96f001d8d8e00b0f4f6c93bc247bc96057cfd82487ce0e996d2ec
9db2ebadc8a6eae48f5c4f900660775082a6f1ac177b25d474d400b2e5e68f86
9f9fb62bdbc49f27ac570baf18d2737a848cf7d3d0b75407f1863ebd90192d65
a8b820c83401b70e0677c38f6c0b0664eecf0d19e12509d44208695b13e9a53d
a9a768e9a115d8884bbe7666fe9f6b63658935631a8226ea152903489fd90b38
a9b71a7dfdb9eeaf7adc01887bfe852f8097e697ce98f21f9c87c64445e4cb97
ac77887887b741d9fc2b02f8834f43dd93df814daa182350a4dc7cdababae244
ae22dfe175f638eaadd65286829cb1c85d33207fd92b0277cd545fd50b883e6a
b8f4efaee57c1b5382e14ebb364a669a1adc98165e18544c875e5e4e4850857b
be026f3d727ecaf9e5a08357252e6aa56ef20a46ae77f9d8f580df0d080c8b7a
c22bfb3dc85d3279ceb27e516f2aff9f72a1eb29959d6484f98921505836a229
ce1305d60562d74aaf2579242401846e239c741f602f3ebfcaa0d98074e72d91
d91d4809e0ed0a5003439f4b251b773a911e4c0885c03450ef476c79b760a76c
e2881f313c665745bcc4ca5b73d69a5463b786e1318b14359b9aa28750de286d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f94d770cd83522d7f2af6089ae1f2c6fe7b7558a4a7d0f22e44181898134e775
fbea54912c1b262832e2db623c5deb7ee9e7afc780b3e5d80553e9283852128f

1fichier.com Open in urlscan Pro 2a00:fb40:a:1::140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

93 %HTTPS

33 %IPv6

19 Domains

28 Subdomains

24 IPs

2 Countries

1046 kBTransfer

3052 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1fichier.com Open in urlscan Pro
2a00:fb40:a:1::140 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

93 %
HTTPS

33 %
IPv6

19
Domains

28
Subdomains

24
IPs

2
Countries

1046 kB
Transfer

3052 kB
Size

7
Cookies

83 HTTP transactions
0 data transactions