gofile.io Open in urlscan Pro
151.80.29.83  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
• https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 58

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=QufgenxWVVd0TFlsaWVhNFBDYnNTRFd5dkJGRUNrejN3aUlqWlM3cUJENUFDaitZQWZjUkNXaFQvOUV6alN2Qnl3ZE93NlFmKzJ0ajZwRThxMFNKZ2psREtxemNKeGYrajNZS0JZNHdjZjJDcmxOcUJCMVphZXZOYVAwL3VYaTI2TkM3WGdySjZ2amhyRkczaCtyTk42UVp1cVlYZVlrRjNpVnNFbEdqdTJxbEcrZi9nZ2JaOXlDT2tXYmRRYjF6R3BidmQ5TE1qV2hpQnR6UjFuYzd4TWxiMWpSaFdSck5ybUpiSE82S01BMWExNmlNPXw&cppv=2

Request Chain 85

• https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
• https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA

Request Chain 104

• https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.t13.io%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D1---%2526f%253Di%2526uid%253D%2524UID HTTP 302
• https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=387154005125139452

Request Chain 105

• https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadobe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1--- HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadobe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---&_test=Y-rhlwAAATSlzQAF HTTP 302
• https://s2s.t13.io/setuid?bidder=adobe&uid=Y-rhlwAAATSlzQAF&gdpr=&gdpr_consent=&f=i&us_privacy=1---&_test=Y-rhlwAAATSlzQAF

Request Chain 117

• https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd HTTP 302
• https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd HTTP 302
• https://x.bidswitch.net/sync?dsp_id=4&user_id=eadf47a0-046c-4885-bd06-5c24f3ef4d7a&ssp=sonobi&expires=30&user_group=5&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd

Request Chain 118

• https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0bb763fa-e19a-4900-841c-ead853b797af

Request Chain 119

• https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
• https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
• https://x.bidswitch.net/sync?dsp_id=283&user_id=b6aba312-327f-4352-b342-5bdddeec6fd8&expires=1&user_group=5&ssp=themediagrid&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request qUOAcw Show response gofile.io/d/	16 KB 7 KB	126ms 17ms	Document text/html	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 7dcf3c21241113468fc8fc5e5c2d889f0bbb27a9f46f1c2874d7698b420e0b13 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers cache-control public, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 26 Feb 2023 04:35:31 GMT etag W/"3e6e-18679f52007" expect-ct max-age=0 last-modified Wed, 22 Feb 2023 16:29:13 GMT origin-agent-cluster ?1 referrer-policy no-referrer strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 0
GET H2	200	bootstrap.min.css gofile.io/dist/css/	191 KB 30 KB	21ms 17ms	Stylesheet text/css	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/bootstrap.min.css Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"2fbaa-1857d3988cb" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	bootstrap-icons.css gofile.io/dist/css/	93 KB 14 KB	39ms 35ms	Stylesheet text/css	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/bootstrap-icons.css Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"17579-1857d3988cb" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	bootstrap-nightfall.css gofile.io/dist/css/	50 KB 8 KB	37ms 34ms	Stylesheet text/css	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/bootstrap-nightfall.css Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"c869-1857d3988cb" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	plyr.css gofile.io/dist/css/	33 KB 6 KB	36ms 33ms	Stylesheet text/css	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/plyr.css Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Sun, 08 Jan 2023 19:47:31 GMT etag W/"85ae-18592ec8138" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	allcss.css gofile.io/dist/css/	2 KB 846 B	35ms 33ms	Stylesheet text/css	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/allcss.css Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 765 x-xss-protection 0 referrer-policy no-referrer last-modified Thu, 09 Feb 2023 16:33:45 GMT etag W/"72c-18637069bac" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	logo-small-70.png gofile.io/dist/img/	2 KB 2 KB	27ms 26ms	Image image/png	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://gofile.io/dist/img/logo-small-70.png Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 2392 x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"93f-1857d3988cf" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	patreon.png gofile.io/dist/img/	6 KB 7 KB	26ms 26ms	Image image/png	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://gofile.io/dist/img/patreon.png Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 0c68395ad843ce5107774011154103ae8d17d44f3cafc73e6395bdd05da753c7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:47:21 GMT etag W/"19b3-1857d4042f3" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	bootstrap.bundle.min.js Show response gofile.io/dist/js/	79 KB 24 KB	27ms 26ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/bootstrap.bundle.min.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"13a49-1857d3988cf" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	sha256.min.js Show response gofile.io/dist/js/	9 KB 4 KB	25ms 23ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/sha256.min.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 3701 x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"2339-1857d3988d3" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	qrcode.min.js Show response gofile.io/dist/js/	19 KB 7 KB	26ms 25ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/qrcode.min.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"4dda-1857d3988d3" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	dayjs.min.js Show response gofile.io/dist/js/	7 KB 3 KB	26ms 24ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/dayjs.min.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 3029 x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"1a0e-1857d3988cf" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	customParseFormat.js Show response gofile.io/dist/js/	4 KB 2 KB	25ms 24ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/customParseFormat.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 1803 x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"ea2-1857d3988cf" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	marked.min.js Show response gofile.io/dist/js/	43 KB 16 KB	28ms 27ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/marked.min.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"aca2-1857d3988d3" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	plyr.js Show response gofile.io/dist/js/	108 KB 34 KB	41ms 39ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/plyr.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Sun, 08 Jan 2023 19:47:31 GMT etag W/"1b1b2-18592ec8138" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	alljs.js Show response gofile.io/dist/js/	158 KB 32 KB	40ms 39ms	Script application/javascript	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/js/alljs.js Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 92b02ecd68314080886470574dca15e332eba459129ce704b13dcdccb6e82230 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Sun, 26 Feb 2023 02:06:20 GMT etag W/"27660-1868b7891ab" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	bootstrap-icons.woff2 gofile.io/dist/css/fonts/	118 KB 119 KB	24ms 24ms	Font font/woff2	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 Requested by Host: gofile.io URL: https://gofile.io/dist/css/bootstrap-icons.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash 966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer Origin https://gofile.io accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off x-xss-protection 0 referrer-policy no-referrer last-modified Wed, 04 Jan 2023 14:40:00 GMT etag W/"1d9d0-1857d3988cf" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type font/woff2 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	createAccount Show response api.gofile.io/	67 B 810 B	192ms 49ms	Fetch application/json	51.178.66.33 OVH
General Check archive.org Show headers Download Go to Full URL https://api.gofile.io/createAccount Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.178.66.33 Bayonne, France, ASN16276 (OVH, FR), Reverse DNS ns31226493.ip-51-178-66.eu Software / Resource Hash 9b09a5a0953e8914b629f26174983a9ddea73aaa75affd16b0af94a7401efce1 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests date Sun, 26 Feb 2023 04:35:32 GMT x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp x-dns-prefetch-control off cross-origin-resource-policy cross-origin content-length 67 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"43-ccxs5N7cPP+B92knx7+8kugXeic" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io origin-agent-cluster ?1 access-control-allow-credentials true access-control-allow-headers Content-Type
GET H2	200	getAccountDetails Show response api.gofile.io/	221 B 294 B	40ms 40ms	Fetch application/json	51.178.66.33 OVH
General Check archive.org Show headers Download Go to Full URL https://api.gofile.io/getAccountDetails?token=6B1iAnWVaQAk11ZK9jXfK4blL5cSWJv0 Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.178.66.33 Bayonne, France, ASN16276 (OVH, FR), Reverse DNS ns31226493.ip-51-178-66.eu Software / Resource Hash b46698aa7a22be917cf6052023e81136edee2587da2b0421a7f670b0b313b805 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests date Sun, 26 Feb 2023 04:35:32 GMT x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp x-dns-prefetch-control off cross-origin-resource-policy cross-origin content-length 221 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"dd-eOlwvUUHF2MqHDw1pep5MFdxzIk" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io origin-agent-cluster ?1 access-control-allow-credentials true access-control-allow-headers Content-Type
GET DATA	200 OK	truncated /	634 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2fc8f852f0679486f27664afe8dcc8f67d1f0a35e0382f4dd09370d385b3b828 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/png
GET H2	200	files.html Show response gofile.io/contents/	18 KB 3 KB	18ms 17ms	Fetch text/html	151.80.29.83 OVH
General Check archive.org Show headers Download Go to Full URL https://gofile.io/contents/files.html Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.80.29.83 Roubaix, France, ASN16276 (OVH, FR), Reverse DNS ns3048708.ip-151-80-29.eu Software / Resource Hash f2cbb89cd8582657ffc11b0a1412efddf74557f807eb25e1de264531eb4e620c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none x-dns-prefetch-control off content-length 3250 x-xss-protection 0 referrer-policy no-referrer last-modified Fri, 24 Feb 2023 16:26:46 GMT etag W/"46ce-186843f9cd3" expect-ct max-age=0 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 origin-agent-cluster ?1 x-download-options noopen cache-control public, max-age=0
GET H2	200	plausible.js Show response plausible.gofile.io/js/	1 KB 1 KB	220ms 29ms	Script application/javascript	149.202.85.166 OVH
General Check archive.org Show headers Download Go to Full URL https://plausible.gofile.io/js/plausible.js Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.202.85.166 , France, ASN16276 (OVH, FR), Reverse DNS mail.gofile.io Software Cowboy / Resource Hash ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:31 GMT x-content-type-options nosniff server Cowboy content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400, must-revalidate cross-origin-resource-policy cross-origin content-length 1321
GET H2	200	pubfig.min.js Show response a.pub.network/gofile-io/	107 KB 38 KB	95ms 38ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/gofile-io/pubfig.min.js Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2fe4d1ef421af1f23a39532201f62eb291b0860b471453aafd3cd050e78ef6a9 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip cf-cache-status HIT age 124464 x-guploader-uploadid ADPycdsZStkKchhDS32XpLj4neGQie4rMT-BHYPsIazSVtlLVptme3CVduvx4JO5Ud9nKJ16uuDU7T0h8wMxt3nXoku3oA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Thu, 23 Feb 2023 17:34:18 GMT server cloudflare etag W/"d0da7c4914d6cb2e8f853218fee0ff6e" vary Accept-Encoding x-goog-generation 1677173658234344 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=uxqtnQ==, md5=0Np8SRTWyy6PhTIY/uD/bg== access-control-expose-headers * cache-control public, max-age=1800 x-goog-stored-content-length 109664 cf-ray 79f5f97f2d28999f-CDG expires Sun, 26 Feb 2023 05:05:32 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 47 KB	191ms 76ms	Script text/javascript	2a00:1450:400d:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347 Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba0e9dfd0243227f31fd0485dcbeced239b08fa274575f2654ca00322eecfc19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://gofile.io accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47995 x-xss-protection 0 server cafe etag 5021624106006369670 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sun, 26 Feb 2023 04:35:32 GMT
GET H2	200	getContent Show response api.gofile.io/	989 B 1 KB	72ms 72ms	Fetch application/json	51.178.66.33 OVH
General Check archive.org Show headers Download Go to Full URL https://api.gofile.io/getContent?contentId=qUOAcw&token=6B1iAnWVaQAk11ZK9jXfK4blL5cSWJv0&websiteToken=12345 Requested by Host: gofile.io URL: https://gofile.io/dist/js/alljs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.178.66.33 Bayonne, France, ASN16276 (OVH, FR), Reverse DNS ns31226493.ip-51-178-66.eu Software / Resource Hash bbcf7bb3644483364a41503f5336192a3324562be198d986ff1b0c6a65e84d29 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests date Sun, 26 Feb 2023 04:35:32 GMT x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none cross-origin-embedder-policy require-corp x-dns-prefetch-control off cross-origin-resource-policy cross-origin content-length 989 x-xss-protection 0 referrer-policy no-referrer cross-origin-opener-policy same-origin etag W/"3dd-Eqq6oqzmpy1b5JOX3zSM/rYQiz8" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io origin-agent-cluster ?1 access-control-allow-credentials true access-control-allow-headers Content-Type
GET H2	200	v2qukN-LVECGkq_FAf7Hp4yZhdZ3asMx6GMI5OJO_MANCgqok9CfDvU95Wjo Show response fronttoad.com/	59 KB 22 KB	109ms 27ms	Script text/javascript	2600:1901:0:7ec2::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fronttoad.com/v2qukN-LVECGkq_FAf7Hp4yZhdZ3asMx6GMI5OJO_MANCgqok9CfDvU95Wjo Requested by Host: a.pub.network URL: https://a.pub.network/gofile-io/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash db7b6e7a74337028f19920d6cc2e6918b9378b5b1c8ce9a176beb4c9072a3033 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br via 1.1 google date Sun, 26 Feb 2023 04:35:32 GMT x-datacenter gce-europe-west1 etag "bb562c45d11dd4fa21212ba3905878c7b37e4bbf81c87faf07f55dd8542458c0" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-q5p4 content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 x-buildnumber 787370472 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	init Show response d.pub.network/v2/	35 KB 6 KB	186ms 126ms	Fetch application/json	34.160.110.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/v2/init?siteId=5818&env=PROD Requested by Host: a.pub.network URL: https://a.pub.network/gofile-io/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.110.160.34.bc.googleusercontent.com Software / Resource Hash 8474581e06215fd7361166bf06c55b0dbdcfbe1efcd3dbd439d6dede0aa9faa2 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip via 1.1 google vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent content-type application/json access-control-allow-origin https://gofile.io access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	202	event Show response plausible.gofile.io/api/	2 B 192 B	208ms 99ms	XHR text/plain	149.202.85.166 OVH
General Check archive.org Show headers Download Go to Full URL https://plausible.gofile.io/api/event Requested by Host: plausible.gofile.io URL: https://plausible.gofile.io/js/plausible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.202.85.166 , France, ASN16276 (OVH, FR), Reverse DNS mail.gofile.io Software Cowboy / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Sun, 26 Feb 2023 04:35:31 GMT server Cowboy content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 2 x-request-id F0dFzOiVBQLr45KCxvyi
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 484 B	106ms 24ms	Image image/gif	2600:9000:223f:6000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adunitid=qthlqa&adnum=8756941 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:6000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 25 Jun 2022 14:52:58 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 21217354 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id Hb3QHXQq6g2XONR9FUTpLXx9TFjaZw2VOt5_dnmKmzSKrqcQtzdKsw==
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/	360 KB 119 KB	174ms 92ms	Script text/javascript	2a00:1450:400d:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5469679028990347&plah=gofile.io&bust=31072532 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05bf9d4cd4a8f19d7c2bc7fdbfa713b91d822ef8e637c4d0398b129c17eaab1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121306 x-xss-protection 0 server cafe etag 10232170557839047380 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 26 Feb 2023 04:35:32 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame C542	0 0	103ms 26ms	Document text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers age 18451 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Feb 2023 23:28:01 GMT etag 10353107486223812946 expires Sat, 11 Mar 2023 23:28:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	choice.js Show response cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/	5 KB 2 KB	113ms 28ms	Script application/javascript	2600:9000:206f:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/choice.js?tag_version=V2 Requested by Host: a.pub.network URL: https://a.pub.network/gofile-io/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a5f5db4632bcd4610aaa2394caa743454cdc1906862671abe513500fcb93c78a Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip via 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront) last-modified Wed, 01 Feb 2023 20:37:54 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 19 x-amz-server-side-encryption AES256 etag W/"e5801f26733bc70d2d0c7fb0a0b0b79b" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id tRRo4HCJufEV7UAvId9j2TnqUwl7zOACDfi7pkRUHV_cUnOB5eFi1Q==
GET H2	200	pubfig.engine.js Show response a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/	435 KB 130 KB	32ms 31ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Requested by Host: a.pub.network URL: https://a.pub.network/gofile-io/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 269c79f74113a32f750ea6f0407f79e2df6667c1b341d66d8abc9b2dc512002c Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip cf-cache-status HIT age 124465 x-guploader-uploadid ADPycdtvJqbX99N_UzJm1jjQGBigvb2LQUzCazxTIyr1es-NzJuvg4PtEOFaVF00CTYxn4i4z511ghc6SOsLTxILERtAO2SthyhC x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 21 Feb 2023 16:31:21 GMT server cloudflare etag W/"7fffd5c5be5bc700f6146d97db30864d" vary Accept-Encoding x-goog-generation 1676997081049075 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=kD96/Q==, md5=f//Vxb5bxwD2FG2X2zCGTQ== access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 445873 cf-ray 79f5f9814da7999f-CDG expires Sun, 26 Feb 2023 05:35:32 GMT
OPTIONS H2	200	/ optimise.net/ Frame	0 0	84ms 26ms	Preflight	34.111.152.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://optimise.net/?k=1&d=gofile.io&t=desktop Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.152.111.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://gofile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL access-control-allow-origin https://gofile.io access-control-expose-headers fs-client-rtt access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Sun, 26 Feb 2023 04:35:32 GMT expires 0 fs-client-rtt 19 pragma no-cache strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google
GET H2	200	config.js Show response cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/	162 KB 36 KB	83ms 28ms	Script text/javascript	2606:4700:4400::6812:220a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc59c1f15b2d606f042968c7c77a7f3f445f0661b470eb519b2cc9f6ba0fc40f Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding br cf-cache-status HIT last-modified Sun, 26 Feb 2023 04:06:13 GMT server cloudflare x-amz-request-id 0F55P27SSM1NW0ME age 310 etag W/"ffc9e7026c864455bdde04888a4afafd" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript cache-control public, max-age=900, stale-while-revalidate=3600 cf-ray 79f5f9826ece3cd7-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 sirXyWu6lrWQe5IJE/KP5ychtrC87f4CpO5jrWv7b6TpaEK5o0Ko8d02Qa++OH/lLB0p1KDE2n4=
GET H3	200	/ Show response optimise.net/	511 B 536 B	59ms 19ms	Fetch application/json	34.111.152.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://optimise.net/?k=1&d=gofile.io&t=desktop Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.152.111.34.bc.googleusercontent.com Software / Resource Hash e46a89d3a88b8dac4452c19c702e70a75f1a5a90fae796c0be26d1c1469e7683 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google date Sun, 26 Feb 2023 04:19:54 GMT fs-client-rtt 18 age 938 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 511 pragma no-cache access-control-max-age 3600 access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL content-type application/json access-control-allow-origin https://gofile.io access-control-expose-headers fs-client-rtt cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization expires 0
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	76 KB 26 KB	362ms 46ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d4c629484b1e3e138c9f0fbcb670bf03c9a9f9adc8ceec4fd1944cb9bcad54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26563 x-xss-protection 0 server sffe etag "1494 / 989 of 1000 / last-modified: 1677280057" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 26 Feb 2023 04:35:33 GMT
GET H2	200	tag Show response btloader.com/ Redirect Chain https://freestar-io.videoplayerhub.com/gallery.js https://btloader.com/tag?h=freestar-io&upapi=true	458 KB 79 KB	97ms 34ms	Script application/javascript	2606:4700:20::ac43:4686 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=freestar-io&upapi=true Protocol H2 Server 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccec448d14a7c9d4f7f212fdf1dfb7ba69dd7f55a40603e58c838ae44e383075 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT via 1.1 google content-encoding br cf-cache-status HIT last-modified Sun, 26 Feb 2023 04:32:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 166 etag W/"9f5c2d75f7c7daa8c5ad6ab1bd26cb90" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y78pwVxe%2Boy7Yt8Ro1bjqOomnAdcp2Af0HbMks4z9kDDeEejhYu5b9LgecjZwgMc6TlyZiAzLE0A9jNCBahPb%2FwaZiWl5QjYiIaUIaptnfzpBOjRT2NqTQ5i%2Ff9SW5iqcnE8U2IlJQZ7Hw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 79f5f9832f6bf13c-CDG Redirect headers date Sun, 26 Feb 2023 04:35:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEQSlfXH1q3k6gIK8rpUoZcSASzkQUYXSDyrL8LKx5zaAZK60S1UwyIUieBu7eTeL3%2BCqCkUem%2BQJBCG2E4DGJjLtKBI07S%2Bpmy%2BTkRrg0xaV7b6NO4Y7RSQ7TnkFnnRH%2B9G9fFu2vMndk95gBfOjV%2BIFUHZly88gItfkg%3D%3D"}],"group":"cf-nel","max_age":604800} location https://btloader.com/tag?h=freestar-io&upapi=true cache-control max-age=3600 cf-ray 79f5f9828f4af1a4-CDG expires Sun, 26 Feb 2023 05:35:32 GMT
GET H2	200	hadron.js Show response cdn.hadronid.net/	55 KB 11 KB	87ms 29ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&ref=&_it=freestar&partner_id=474 Requested by Host: gofile.io URL: https://gofile.io/d/qUOAcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 7AWRQN4CGQS0W502 age 5718 x-amz-id-2 f73y2Ccm2Iy791AMOuLV02ndA+M8paiWCM0X79pqxRnUSLWs97gtH95XapA3kQNWZhbpiCmlBCs= cf-bgj minify last-modified Fri, 18 Nov 2022 10:57:44 GMT server cloudflare etag W/"2280e2148e4ee3c06f679f8fac039778" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3ypBAfAO0eh7slaYtj4YTZlYv5C%2B1Z8T2ajRJ%2BYXjWa%2BcayB%2FoZ66oWFtPR11ho4NRBduB1AmgvDnS%2B77xeTlC1qJqdi9eVov7%2Bffk%2FEQMFKfqha7jkoFzgKLA7s7rXQnP6VQNhBsfvho9CKCg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=3600 cf-ray 79f5f9828c3a99c9-CDG
GET H2	200	prebid-analytics-7.19.9.js Show response a.pub.network/core/	548 KB 170 KB	34ms 34ms	Script text/html	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/prebid-analytics-7.19.9.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9dd859ef10e3134d568f88192e90148b1ff8ca734e3b9ef0da63e65b053edfc Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding gzip cf-cache-status HIT age 38064 x-guploader-uploadid ADPycdvmYsYSO_s3nKxg5Pw3QmHbpK5XCRD1o7_gnyqEmFiJ81OdjaOlpujwQH97mol-DHQvz-sw7Q4eEDucrBHJS6rz8A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Thu, 19 Jan 2023 21:04:22 GMT server cloudflare etag W/"63f38dd07f88d1501fbaebc315cb56fb" vary Accept-Encoding x-goog-generation 1674162262212600 content-type text/html access-control-allow-origin * x-goog-hash crc32c=F3256A==, md5=Y/ON0H+I0VAfuuvDFctW+w== content-language en access-control-expose-headers * cache-control public, max-age=31497936 x-goog-stored-content-length 561234 cf-ray 79f5f9823deb999f-CDG expires Sun, 25 Feb 2024 18:01:08 GMT
GET H2	200	cmp2.js Show response cmp.quantcast.com/tcfv2/	178 KB 44 KB	27ms 27ms	Script text/javascript	2600:9000:206f:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/choice.js?tag_version=V2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:30:55 GMT content-encoding br via 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 306 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 08 Feb 2023 17:32:57 GMT server AmazonS3 etag W/"15d537792bfc5eb18136ef129a7ec0a5" access-control-max-age 86400 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 x-amz-meta-qc-ineu True vary Accept-Encoding x-amz-cf-id tnZr4B0zR9JVrb_0CPzraMHvtOlroC_UoTuOGLgsmOAIV4ji1a_O7Q==
GET H3	200	rum_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/	54 KB 21 KB	39ms 39ms	Script text/javascript	2a00:1450:400d:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/rum_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5469679028990347&plah=gofile.io&bust=31072532 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 157a74033897672fd1c554137a7ed332ecece75c8e5b8b4a74d44906d1a86332 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 25 Feb 2023 05:11:57 GMT content-encoding br x-content-type-options nosniff age 84215 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21203 x-xss-protection 0 server cafe etag 11337872500594943504 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 11 Mar 2023 05:11:57 GMT
GET H2	200	cmp-list.json Show response test.cmp.quantcast.com/GVL-v2/	10 KB 3 KB	119ms 34ms	XHR application/json	2600:9000:2304:9c00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.cmp.quantcast.com/GVL-v2/cmp-list.json Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2304:9c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ffcb781ed80a91db9503ff9d2b971d8a55e3b1062610d0e7373c2964577f846b Request headers Accept application/json, text/plain, */* Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 03:00:35 GMT x-amz-version-id OSqPlQh2dAesboanu.zH8HBJO.QXo2z_ content-encoding br via 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-P1 age 5699 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Mon, 13 Feb 2023 19:52:29 GMT server AmazonS3 etag W/"12f623cd633f13b89439f79baf7b3f72" access-control-max-age 86400 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id E8IDJtrCmEgJTkopK1412XRidM-1Ze69TmiMYi8727rzGUW6Z4h7Jg==
POST H3	200	v2cslMJ2oc6iolXa3DSte-fxeCYxT1fOFA_snl3x98o8Jt_fnCl_iy0j4mqNGqBRm8_HUAlF7KVfm Show response fronttoad.com/	206 B 233 B	61ms 37ms	Fetch application/json	2600:1901:0:7ec2::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fronttoad.com/v2cslMJ2oc6iolXa3DSte-fxeCYxT1fOFA_snl3x98o8Jt_fnCl_iy0j4mqNGqBRm8_HUAlF7KVfm Requested by Host: fronttoad.com URL: https://fronttoad.com/v2qukN-LVECGkq_FAf7Hp4yZhdZ3asMx6GMI5OJO_MANCgqok9CfDvU95Wjo Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash b0ca17e8ece7d73098c0330fe035d0e8424769bf74c04b2c88577ecb9357f843 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Sun, 26 Feb 2023 04:35:32 GMT via 1.1 google x-buildnumber 787370472 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io x-hostname fen-hoothoot-europe-west1-q5p4 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Sun, 26 Feb 2023 04:35:31 GMT
GET H2	200	wrap.js Show response cdn.confiant-integrations.net/gptprebidnative/202212211045/	216 KB 68 KB	30ms 29ms	Script application/javascript	2606:4700:4400::6812:220a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js Requested by Host: cdn.confiant-integrations.net URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:32 GMT content-encoding br cf-cache-status HIT last-modified Wed, 21 Dec 2022 15:47:15 GMT server cloudflare x-amz-request-id BYC0YB77C5Y2X31A age 2688811 etag W/"fa407ba001f2ac06196124f41d523471" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 79f5f9830ef63cd7-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 5yHvaedJSHhYKoDWKqFzbYPoz5TCEruUFYPTYpi7xIpfwwJEA2Q5NeyQQ5fiutgBQfedC0RePok=
POST H2	204	csi csi.gstatic.com/	0 235 B	81ms 23ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lekwe7kw&c=3348899335869513&e=44759876%2C44759927%2C44777876%2C44759837%2C31072436%2C31072532%2C31061691%2C31061692&ctx=1&met.3=1001.ni_1__1~1032.vc~326.vg_3~832.vk~868.vk~843.vb_a~1032.vn~326.vn~832.vo~868.vo~113.xj_1~112.xi_2&met.1=1.lekwe6ne~6.0~7.1~8.z~9.z~10.32~11.1f~12.32~13.3j~14.3m~15.3r~16.6n~17.6n~18.6n~19.75~20.75~21.7c~22.5h~23.67 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/rum_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	v2ttjCpkt-XMYZrmj3pEYJAFEOs7W43mcTZe79B9A0jn8j0Rumqgi2gQn12jUSVpIBhYT-FI0iEh7 Show response fronttoad.com/	3 B 27 B	29ms 29ms	Fetch application/json	2600:1901:0:7ec2::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fronttoad.com/v2ttjCpkt-XMYZrmj3pEYJAFEOs7W43mcTZe79B9A0jn8j0Rumqgi2gQn12jUSVpIBhYT-FI0iEh7 Requested by Host: fronttoad.com URL: https://fronttoad.com/v2qukN-LVECGkq_FAf7Hp4yZhdZ3asMx6GMI5OJO_MANCgqok9CfDvU95Wjo Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Sun, 26 Feb 2023 04:35:33 GMT via 1.1 google x-buildnumber 787370472 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io x-hostname fen-hoothoot-europe-west1-q5p4 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
GET H2	200	cmp2ui-en.js Show response cmp.quantcast.com/tcfv2/46/	248 KB 61 KB	31ms 31ms	Script text/javascript	2600:9000:206f:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 25 Feb 2023 15:50:57 GMT content-encoding br via 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 45876 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Wed, 08 Feb 2023 17:32:24 GMT server AmazonS3 etag W/"56cdb8d3d5e2ab2d10d42277297ff84e" access-control-max-age 604800 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id tcj250UaZSVW51ewBippvL8BW3gOrFfgM9nJ4YLzkFd-CrnBaBfkRQ==
GET H2	200	vendor-list-trimmed-v1.json Show response cmp.quantcast.com/GVL-v2/	349 KB 47 KB	86ms 28ms	XHR application/json	2600:9000:206f:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1f36db00b3e9b8eb895b542ddfe422a48d700eafa5649a730d3b74b8dd1dd99c Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 03:00:36 GMT content-encoding gzip via 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 5698 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 26 Feb 2023 03:00:33 GMT server AmazonS3 etag W/"a6bef310ca1fe0d68c4cca76ef531524" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 access-control-allow-credentials true vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id 0Zj2FDGrJ1M5cSNLyCPeyVDhn9oz4IFRlM8lRC6EhQI_aX8SjR0vHQ==
GET H2	200	google-atp-list.json Show response cmp.quantcast.com/tcfv2/	151 KB 35 KB	121ms 65ms	XHR application/json	2600:9000:206f:4000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/google-atp-list.json Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:4000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b Request headers Accept application/json, text/plain, */* Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 03:00:29 GMT content-encoding br via 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 age 5705 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sun, 26 Feb 2023 03:00:26 GMT server AmazonS3 etag W/"1dbfd79d4ea7f69c0c42a2f6065532e7" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 access-control-allow-credentials true vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id IGgLMklm2IF5zctBwl70hTGDxiOKQL2FuV9r77JRdqy18QX6OZpAQg==
GET H2	200	px.gif ad-delivery.net/	43 B 964 B	101ms 36ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1916611 x-guploader-uploadid ADPycdvu8cl3C-jHz4VF7Ty74ZRpprD2G-ByqCBPH6Hz8Zfp2ljPyxuxZABKh9mkn6zl7OWNcO9GmKqhzNcDsRmq2PYF_Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary X-Goog-Allowed-Resources, Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42uK6WMVhih1pUBAkr44E1Y%2BQQjNkbCyHMVO17Q%2FP6i2FAHdXvp%2FPDBl%2FuMKRWhJamIthEfl9GoHOsgJfbZ6%2BzgkJDR10xVov3LH3s4V6I0gSdx7UO8aUOf79iy6DdyhzyLA3SCtQROjC4z6nQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 79f5f9844f352167-CDG expires Sat, 04 Feb 2023 00:52:00 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	176ms 56ms	Image image/x-icon	142.250.180.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.180.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s33-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 25 Feb 2023 06:29:31 GMT content-encoding gzip x-content-type-options nosniff age 79562 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 26 Feb 2023 06:29:31 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 343 B	102ms 36ms	Image image/gif	2606:4700:20::681a:246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.680705724962172 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1916611 x-guploader-uploadid ADPycdvu8cl3C-jHz4VF7Ty74ZRpprD2G-ByqCBPH6Hz8Zfp2ljPyxuxZABKh9mkn6zl7OWNcO9GmKqhzNcDsRmq2PYF_Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary X-Goog-Allowed-Resources, Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR0%2B02xYBYFiXedPH0Md2MtJHbykX9OXpjJNcwKkhK%2BSbayq4u6%2FklCRvYon9B2NXmhu2CtuhTuvmQBphUkjUCN%2FQvMPEQiF6Mqk8BSHxRrqQfZvsPbTouRtLYFgECf1Fw%2BHLvNM7Vl79biR1Q%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 79f5f9844f362167-CDG expires Sat, 04 Feb 2023 00:52:00 GMT
GET H2	200	/ Show response audit-tcfv2.cmp.quantcast.com/	2 B 102 B	101ms 24ms	XHR text/plain	52.58.116.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22gofile.io%22%2C%22publisher%22%3A%22gofile.io%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.46%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22t78RKvel67DgcMbHc4D2kg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1677386133127%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mpjyxz4e44njh3kpmpi4%22%7D Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.116.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-116-34.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin * date Sun, 26 Feb 2023 04:35:33 GMT content-length 2 content-type text/plain; charset=utf-8
GET H2	200	pubads_impl_2023022102.js Show response securepubads.g.doubleclick.net/gpt/	383 KB 130 KB	114ms 26ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 25 Feb 2023 21:44:27 GMT content-encoding gzip x-content-type-options nosniff age 24666 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132325 x-xss-protection 0 last-modified Tue, 21 Feb 2023 21:18:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 25 Feb 2024 21:44:27 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	3 KB 1 KB	122ms 35ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f962daa3921e1303d5c9da9d80889c6669bc47fc74501bda768c2653c2491b84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 644 x-xss-protection 0 expires Sun, 26 Feb 2023 04:35:33 GMT
GET H2	200	country Show response api.btloader.com/	16 B 204 B	170ms 121ms	Fetch application/json	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16
GET H2	204	pv Show response api.btloader.com/	0 67 B	171ms 122ms	XHR text/plain	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=ZROJbDmsy&w=5912996595892224&o=5714937848528896&cv=2.1.07-4-g5b119f8&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&sid=CzYSqWoqX&upapi=true Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin * date Sun, 26 Feb 2023 04:35:33 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	68ms 21ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://gofile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://gofile.io cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sun, 26 Feb 2023 04:35:32 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 1535485 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=QufgenxWVVd0TFlsaWVhNFBDYnNTRFd5dkJGRUNrejN3aUlqWlM3cUJENUFDaitZQWZjUkNXaFQvOUV6alN2Qnl3ZE93NlFmKzJ0ajZwRThxMFNKZ2psREtxemNKeGYrajNZS0JZNHdjZjJDcmxOcUJCMVphZXZOYVAwL3...	362 B 649 B	64ms 22ms	XHR application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QufgenxWVVd0TFlsaWVhNFBDYnNTRFd5dkJGRUNrejN3aUlqWlM3cUJENUFDaitZQWZjUkNXaFQvOUV6alN2Qnl3ZE93NlFmKzJ0ajZwRThxMFNKZ2psREtxemNKeGYrajNZS0JZNHdjZjJDcmxOcUJCMVphZXZOYVAwL3VYaTI2TkM3WGdySjZ2amhyRkczaCtyTk42UVp1cVlYZVlrRjNpVnNFbEdqdTJxbEcrZi9nZ2JaOXlDT2tXYmRRYjF6R3BidmQ5TE1qV2hpQnR6UjFuYzd4TWxiMWpSaFdSck5ybUpiSE82S01BMWExNmlNPXw&cppv=2 Protocol H2 Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash c2399145325a439109c1b6ab6c581b8c5db1daa696957caafba4cf4431dac2cf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 594204 expires 0 Redirect headers pragma no-cache date Sun, 26 Feb 2023 04:35:32 GMT strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-methods GET location https://mug.criteo.com/sid?cpp=QufgenxWVVd0TFlsaWVhNFBDYnNTRFd5dkJGRUNrejN3aUlqWlM3cUJENUFDaitZQWZjUkNXaFQvOUV6alN2Qnl3ZE93NlFmKzJ0ajZwRThxMFNKZ2psREtxemNKeGYrajNZS0JZNHdjZjJDcmxOcUJCMVphZXZOYVAwL3VYaTI2TkM3WGdySjZ2amhyRkczaCtyTk42UVp1cVlYZVlrRjNpVnNFbEdqdTJxbEcrZi9nZ2JaOXlDT2tXYmRRYjF6R3BidmQ5TE1qV2hpQnR6UjFuYzd4TWxiMWpSaFdSck5ybUpiSE82S01BMWExNmlNPXw&cppv=2 access-control-allow-origin https://gofile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 486120 content-length 0 expires 0
GET H2	200	pbhid Show response id.hadron.ad.gt/api/v1/	131 B 309 B	89ms 25ms	XHR application/json	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4b477f4fd25809aa28a6f947a4d9eadc228d190b3f7053c05534298651fd536 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip server cloudflare allow POST, OPTIONS, GET vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 79f5f9870e6dd636-CDG access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET		envelope api.rlcdn.com/api/identity/	0 0
GET H2	200	rid Show response match.adsrvr.org/track/	63 B 386 B	116ms 36ms	XHR application/json	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 13b171c57f4fd0bf8e30ef6012c25a40b67c7355e837e680079ed461652073c3 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Sun, 26 Feb 2023 04:35:33 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Tue, 28 Mar 2023 04:35:33 GMT
GET H2	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/	62 KB 23 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 58fad70c6f1cbf5134f2fb9e9ae1e0f7b5eb7dd27895f22e0e6cf61574f968cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:09:38 GMT content-encoding br x-content-type-options nosniff age 1555 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23523 x-xss-protection 0 server cafe etag 10769982060255438035 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Sun, 26 Feb 2023 05:09:38 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	71ms 71ms	Image image/gif	2a00:1450:400d:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=gofile.io&doc=complete&pg_h=1200&pg_w=1600&pg_hs=1200&c=1&aa_c=0&av_h=280&av_w=381&av_a=106680&b=848&all_b=848&d=0.233&all_d=0.233&ard=0.056&all_ard=0.056&dt=d Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/	0 55 B	24ms 23ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lekwe823&c=3348899335869513&e=31072020%2C31072563%2C31061691%2C31061692&ctx=1&met.1=1.lekwe6ne~6.0~7.1~8.z~9.z~10.32~11.1f~12.32~13.3j~14.3m~15.3r~16.6n~17.6n~18.6n~19.75~20.75~21.7c~22.5h~23.67&met.3=113.1eq_3~112.1eo_4 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	21 KB 9 KB	113ms 27ms	Script application/javascript	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip etag "liYNKlRv1+e+pwbkZBrDjQ==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sun, 05 Mar 2023 04:35:33 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	fslogo-green.svg a.pub.network/core/imgs/	1 KB 1 KB	30ms 30ms	Image image/svg+xml	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.pub.network/core/imgs/fslogo-green.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip cf-cache-status HIT age 1988 x-guploader-uploadid ADPycduYIV91P1_P60GVMO83syajnP5KQS7TocenfZPwEZJmuwW2nAU89SH24zSWMb5niF8k_0QCvAdzWBq63WA6xWXixw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 08 Sep 2020 17:04:37 GMT server cloudflare etag W/"326d6cbd977657e1205bd616d1f2faca" vary Accept-Encoding x-goog-hash crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg== x-goog-generation 1599584677716817 content-type image/svg+xml access-control-allow-origin * access-control-expose-headers *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-goog-stored-content-length 1193 cf-ray 79f5f9871f55999f-CDG expires Sun, 26 Feb 2023 05:35:33 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	221ms 21ms	Preflight application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QufgenxWVVd0TFlsaWVhNFBDYnNTRFd5dkJGRUNrejN3aUlqWlM3cUJENUFDaitZQWZjUkNXaFQvOUV6alN2Qnl3ZE93NlFmKzJ0ajZwRThxMFNKZ2psREtxemNKeGYrajNZS0JZNHdjZjJDcmxOcUJCMVphZXZOYVAwL3VYaTI2TkM3WGdySjZ2amhyRkczaCtyTk42UVp1cVlYZVlrRjNpVnNFbEdqdTJxbEcrZi9nZ2JaOXlDT2tXYmRRYjF6R3BidmQ5TE1qV2hpQnR6UjFuYzd4TWxiMWpSaFdSck5ybUpiSE82S01BMWExNmlNPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sun, 26 Feb 2023 04:35:33 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 303329 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	rules-p-UeXruRVtZz7w6.js Show response rules.quantcount.com/	2 KB 1 KB	475ms 46ms	Script application/javascript	2600:9000:223c:3600:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:27:56 GMT content-encoding gzip via 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 458 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 07 Dec 2017 17:06:25 GMT server AmazonS3 etag W/"cbc97d16c77ea1fcbbf42d246001e982" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-id zkwlzwbcqz8Jns9KI3gdQZHtxdvcTl8OjUjgfw0-yDGSgzcOOlGq_A==
GET H2	200	hadronid Show response id.hadron.ad.gt/api/v1/	54 KB 9 KB	173ms 130ms	Script text/javascript	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0460b016fa470f9548aceaa335c01cd1fe68052a3abd44cb642ac299fe5b7e2 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare content-type text/javascript; charset=UTF-8 origin-trial debug NON-OPTIONS cf-ray 79f5f9880afcd54c-CDG
POST H2	200	cookie_sync Show response s2s.t13.io/	1 KB 706 B	128ms 30ms	XHR application/json	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://s2s.t13.io/cookie_sync Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash 4a07a1374dd99585c169e32c1c444e9d35247a7026141e399f5cfc7441988f5e Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip via 1.1 google content-type application/json access-control-allow-origin https://gofile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 487 expires 0
POST H2	200	auction Show response s2s.t13.io/openrtb2/	172 B 256 B	125ms 33ms	XHR application/json	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://s2s.t13.io/openrtb2/auction Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash 6e1e5cd2303dbb143f7ff9a7df15cb0d26708414a649fd457925191a939ffe62 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip via 1.1 google x-prebid pbs-java/1.94.0 content-type application/json access-control-allow-origin https://gofile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 168 expires 0
GET H2	200	pbjs Show response htlb.casalemedia.com/openrtb/	36 B 568 B	101ms 46ms	XHR application/json	104.18.25.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2273c917a7c5fdb4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22name%22%3A%22gofile-io%22%2C%22domain%22%3A%22gofile.io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.7%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22tmax%22%3A562%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22adunitcode%22%3A%22gofileio_adhesion%22%2C%22divId%22%3A%22gofileio_adhesion%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22819fd0ccebb6ca%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fgofileio_adhesion%22%2C%22gpid%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22tid%22%3A%229314a80c-2e0d-469a-90b1-24a24649d262%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22f62a251c-9f1b-43e2-8682-b3adfcca579a%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%7D%5D%7D%5D%2C%22id%22%3A%228e6dd291-3a52-4516-ad8b-1d494b5735a2%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a554c42ab1557d80b6244067a507a18408828e143427f0884eabde9465d2441 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaUfXVH4c59HdEvy1dpXlZODVyYHwhtiYvGE0K5JxBWU8Dys3hSTXDWpilBSVqqvB2OUx%2BoHE2c3L%2BVCPD%2F058fYj%2FuEZGwgdGR%2FBEYeOTs0eyI82KPXJEMYIR8wPC%2Bt45HXTEuN"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://gofile.io cache-control no-cache access-control-allow-credentials true cf-ray 79f5f988bfc3d64a-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 36 expires 0
GET H2	200	arj Show response freestar-d.openx.net/w/1.0/	190 B 598 B	113ms 38ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9314a80c-2e0d-469a-90b1-24a24649d262&nocache=1677386133815&us_privacy=1---&audigentid=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl&pubcid=a6c82aca-b221-429e-bad5-cdcd67490ae0&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&aus=970x90%2C728x90%2C468x60%2C1x1&divids=gofileio_adhesion&aucs=%252F15184186%252Fgofileio_adhesion%252Fgofileio_adhesion&auid=539181725 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash a08f9d35e194eb3b94a1f2e2a6cb96adc47732d71e6b3784a52a636ac209d672 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type application/json p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://gofile.io cache-control private, max-age=0, no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	522 B 2 KB	446ms 127ms	XHR application/json	69.166.1.15 AS-XFERNET
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22179859d769a9168%22%3A%221374b2b838cb3c97488f%7C970x90%2C728x90%2C468x60%2C1x1%7Cgpid%3D%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&s=5e433be9-3b27-4eef-a4a5-ce3b5db157f7&pv=dcfbf36d-9879-4a69-a075-a9713fd51a08&vp=desktop&lib_name=prebid&lib_v=7.19.7&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22gofile-io%22%2C%22domain%22%3A%22gofile.io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%228e6dd291-3a52-4516-ad8b-1d494b5735a2%22%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22dnt%22%3A0%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22hadronId%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22pubcid%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.166.1.15 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash a0cc6707cc85c8ff8073bb123deb743b554cd31c07720f6bcbfcfe59c7e79645 Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:34 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-146 Content-Type application/json P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://gofile.io Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Length 357 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	hbjson Show response grid.bidswitch.net/	24 B 236 B	321ms 26ms	XHR application/json	18.192.139.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/hbjson Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.192.139.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-192-139-123.eu-central-1.compute.amazonaws.com Software / Resource Hash a96aa4b0c94ef6d400b51942482c04d2353c60f6f70069ade4bc5b43611e436c Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true content-length 49 content-type application/json
POST H2	200	cdb Show response bidder.criteo.com/	18 B 307 B	250ms 22ms	XHR application/json	2a02:2638::24 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=54112295103&lsavail=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 44
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 153 B	166ms 29ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:33 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 153 B	191ms 53ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:33 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 154 B	165ms 28ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:33 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 111 B	186ms 54ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:32 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 822 B	107ms 25ms	XHR application/json	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:33 GMT AN-X-Request-Uuid 97020bd4-4c33-4a80-af04-9ed8edcd8579 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://gofile.io Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 178.33.144.178; 178.33.144.178; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pubfig.messaging.js Show response a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/	215 KB 66 KB	30ms 29ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.messaging.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ec97942aac2d3e9077b1cc29e7412b2b149c4478e46255280475960a7ebb16 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip cf-cache-status HIT age 124466 x-guploader-uploadid ADPycduFC19G283sX2dKTY96XoWxFuIfe4wHHVbebshNfvoq-qvnzOtDreeGzh9RWg0gDwBF-4ZoKKo5zamZXI8mY9n2OZrC1hax x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 21 Feb 2023 16:31:26 GMT server cloudflare etag W/"59e5894830e9275ffe056968de6745a3" vary Accept-Encoding x-goog-generation 1676997086688821 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=2D5KSA==, md5=WeWJSDDpJ1/+BWlo3mdFow== access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 219763 cf-ray 79f5f9887fe6999f-CDG expires Sun, 26 Feb 2023 05:35:33 GMT
POST H2	200	c Show response c.pub.network/	36 B 120 B	134ms 121ms	XHR text/plain	34.160.110.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c.pub.network/c Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/bed1cb78af38193abb700f81f4481a18b8b21757/pubfig.messaging.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.110.160.34.bc.googleusercontent.com Software / Resource Hash 26b5ff8641a59a0eda1cba52ec90aed07ad1cdb389c076966e13e4437a58e121 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 26 Feb 2023 04:35:33 GMT via 1.1 google vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/plain;charset=utf-8 access-control-allow-origin https://gofile.io access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36
GET H3	200	setuid s2s.t13.io/ Redirect Chain https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%3C... https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA	86 B 117 B	26ms 25ms	Image image/png	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA Protocol H3 Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip via 1.1 google content-type image/png cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=86400 ; includeSubDomains, max-age=604800 date Sun, 26 Feb 2023 04:35:34 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA location https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=0000EEA content-type text/html cache-control max-age=0, no-cache, no-store content-length 154 x-mnet-hl2 E expires Sun, 26 Feb 2023 04:35:34 GMT
POST H2	200	auction Show response s2s.t13.io/openrtb2/	172 B 233 B	39ms 38ms	XHR application/json	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://s2s.t13.io/openrtb2/auction Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash 3114eea76bb9f82bbe7eb38ca30da191d562a63234154485af106189d14cebc2 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip via 1.1 google x-prebid pbs-java/1.94.0 content-type application/json access-control-allow-origin https://gofile.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 168 expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 56 B	60ms 59ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	hbjson Show response grid.bidswitch.net/	24 B 235 B	144ms 27ms	XHR application/json	18.192.139.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/hbjson Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.192.139.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-192-139-123.eu-central-1.compute.amazonaws.com Software / Resource Hash 83f31eb6d52edc16b21f690a355292e14032c7a42d8df927bc88c2a2890f1914 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-encoding gzip content-length 49 content-type application/json
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 153 B	30ms 29ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 153 B	33ms 32ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 153 B	29ms 29ms	XHR text/plain	3.70.64.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.70.64.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-70-64-6.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://gofile.io date Sun, 26 Feb 2023 04:35:34 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 822 B	26ms 25ms	XHR application/json	37.252.171.53 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:34 GMT AN-X-Request-Uuid fbc1bc0d-23b2-4bee-b60f-fc67084a1d56 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://gofile.io Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 178.33.144.178; 178.33.144.178; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pbjs Show response htlb.casalemedia.com/openrtb/	37 B 336 B	63ms 61ms	XHR application/json	104.18.25.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/openrtb/pbjs?s=676941&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22516f5a7b94947fd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22name%22%3A%22gofile-io%22%2C%22domain%22%3A%22gofile.io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.7%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22tmax%22%3A562%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22adunitcode%22%3A%22gofileio_adhesion%22%2C%22divId%22%3A%22gofileio_adhesion%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225257ef40eef9b91%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22676941%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fgofileio_adhesion%22%2C%22gpid%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22tid%22%3A%2298d7b3c9-25a6-4bd6-93e9-0018ace28717%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%227494b359-b2c9-4fe0-a525-6eb988f2f30b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%7D%5D%7D%5D%2C%22id%22%3A%228e6dd291-3a52-4516-ad8b-1d494b5735a2%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 922d6a87e3670fffddcf667faad171088822003bb1f7d8b272f939be3f1c2661 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:34 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3Kqxn5M7S683d3aocyBHAGWlzU5s4v4hyaho34Yn1vLKJPKODNzfwAISWZfWLJnTfMTJqyh22UGW4VtDR9t4AwYQoO63foKEL7AEwjC%2FLJoXzwS7Wzt%2Bk6IUcwjhyVCDNDlWB29"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://gofile.io cache-control no-cache access-control-allow-credentials true cf-ray 79f5f989982ed64a-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37 expires 0
POST H2	200	cdb Show response bidder.criteo.com/	18 B 306 B	67ms 23ms	XHR application/json	2a02:2638::24 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.7&cb=58751772790&lsavail=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers date Sun, 26 Feb 2023 04:35:33 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 44
GET H2	200	arj Show response freestar-d.openx.net/w/1.0/	190 B 369 B	77ms 76ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=98d7b3c9-25a6-4bd6-93e9-0018ace28717&nocache=1677386134007&us_privacy=1---&audigentid=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl&pubcid=a6c82aca-b221-429e-bad5-cdcd67490ae0&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&aus=970x90%2C728x90%2C468x60%2C1x1&divids=gofileio_adhesion&aucs=%252F15184186%252Fgofileio_adhesion%252Fgofileio_adhesion&auid=539181725 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash c161e8f1994b5bbdc0aa2f073065aff93e9dd5b5c3b1e401152fafb92e6e6bfa Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type application/json p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://gofile.io cache-control private, max-age=0, no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	trinity.json Show response apex.go.sonobi.com/	522 B 2 KB	402ms 141ms	XHR application/json	69.166.1.15 AS-XFERNET
General Check archive.org Show headers Download Go to Full URL https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2264028bc37fd14a1%22%3A%221374b2b838cb3c97488f%7C970x90%2C728x90%2C468x60%2C1x1%7Cgpid%3D%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw&s=83e0dd3b-ea4e-4a0f-9e7b-f765158bb95c&pv=dcfbf36d-9879-4a69-a075-a9713fd51a08&vp=desktop&lib_name=prebid&lib_v=7.19.7&us=3&fpd=%7B%22site%22%3A%7B%22name%22%3A%22gofile-io%22%2C%22domain%22%3A%22gofile.io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2FqUOAcw%22%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%228e6dd291-3a52-4516-ad8b-1d494b5735a2%22%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22dnt%22%3A0%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%7D%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22hadronId%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22pubcid%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22019af49c-93bb-47f9-8bc9-f34b1dfe9c1e%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.166.1.15 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 211b935f63f35999443182f389c6f50881a2c1a8173f6c648860fd5eb9f0f7ca Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:34 GMT Content-Encoding gzip Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-95 Content-Type application/json P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://gofile.io Cache-Control no-cache, no-store, private Access-Control-Allow-Credentials true Tcn Choice Content-Length 356 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	v2cplEFW42I3SbWnQIsSRPzk3uNgd0Qht6uXS9xCTYKfDZNMQmLsUGUEM8WWgUH5lwW5EQRzK-_E_tQ fronttoad.com/	2 B 333 B	26ms 24ms	Ping application/json	2600:1901:0:7ec2::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fronttoad.com/v2cplEFW42I3SbWnQIsSRPzk3uNgd0Qht6uXS9xCTYKfDZNMQmLsUGUEM8WWgUH5lwW5EQRzK-_E_tQ Requested by Host: fronttoad.com URL: https://fronttoad.com/v2qukN-LVECGkq_FAf7Hp4yZhdZ3asMx6GMI5OJO_MANCgqok9CfDvU95Wjo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Sun, 26 Feb 2023 04:35:34 GMT via 1.1 google x-buildnumber 787370472 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://gofile.io x-hostname fen-hoothoot-europe-west1-q5p4 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Sun, 26 Feb 2023 04:35:33 GMT
GET H2	200	hadron.json Show response id.hadron.ad.gt/v1/	47 B 179 B	131ms 129ms	XHR application/json	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=gofile.io&url= Requested by Host: id.hadron.ad.gt URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c4dff416fc6da4c8f69988e216fc24b1b94f8c06a41c168b1aaa0e9018da106 Request headers Referer accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/json Response headers date Sun, 26 Feb 2023 04:35:34 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin https://gofile.io cache-control public,max-age=30 access-control-allow-credentials true debug NON-OPTIONS cf-ray 79f5f98af956d636-CDG content-length 47
OPTIONS H2	200	hadron.json id.hadron.ad.gt/v1/ Frame	0 0	127ms 126ms	Preflight application/json	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=prebid&partner_id=474&sync=0&domain=gofile.io&url= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://gofile.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-origin * allow POST, OPTIONS, GET cache-control max-age=31536000 public, no-transform cf-cache-status DYNAMIC cf-ray 79f5f98a28c8d636-CDG content-length 0 content-type application/json date Sun, 26 Feb 2023 04:35:34 GMT debug OPTIONS block expires Mon, 26 Feb 2024 04:35:34 GMT server cloudflare
GET H2	204	/ ssc-cms.33across.com/ps/ Frame 14DA	0 0	746ms 111ms	Document text/plain	67.202.105.24 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D33XUSERID33X Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.24 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip24.67-202-105.static.steadfastdns.net Software 33XP001 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers date Sun, 26 Feb 2023 04:35:34 GMT server 33XP001 x-33x-status 2000208
GET H2	200	474 Show response a.ad.gt/api/v1/u/matches/	11 KB 4 KB	101ms 30ms	Script application/javascript	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/474?_it=prebid Requested by Host: id.hadron.ad.gt URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4286d3a777d2f86e0355932a04318c453b1a4bf1a9a9d225e670b17834ef0a4e Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 26 Feb 2023 04:30:46 GMT server cloudflare age 288 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cross-origin-resource-policy cross-origin cf-ray 79f5f98c4cfb2a0a-CDG
GET H2	200	publishertag.prebid.130.js Show response static.criteo.net/js/ld/	88 KB 29 KB	113ms 52ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.130.js Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Sat, 17 Sep 2022 19:59:55 GMT server nginx etag W/"6326273b-16120" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 27 Feb 2023 04:35:34 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	89 KB 29 KB	105ms 51ms	XHR text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:34 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 27 Feb 2023 04:35:34 GMT
GET H3	200	setuid s2s.t13.io/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.t13.io%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D1---%2526f%253Di%2526uid%253D%2524UID https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=387154005125139452	86 B 117 B	27ms 26ms	Image image/png	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=387154005125139452 Protocol H3 Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:35 GMT content-encoding gzip via 1.1 google content-type image/png cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0 Redirect headers Date Sun, 26 Feb 2023 04:35:35 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 178.33.144.178; 178.33.144.178; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 981b3018-5b4a-42ce-9aaa-a34cd2ca0e53 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&f=i&uid=387154005125139452 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	setuid s2s.t13.io/ Redirect Chain https://sync-tm.everesttech.net/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadobe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1--- https://sync-tm.everesttech.net/ct/upi/pid/1508?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadobe%26uid%3D%24%7BTM_USER_ID%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D1---&_test=Y-... https://s2s.t13.io/setuid?bidder=adobe&uid=Y-rhlwAAATSlzQAF&gdpr=&gdpr_consent=&f=i&us_privacy=1---&_test=Y-rhlwAAATSlzQAF	86 B 117 B	26ms 26ms	Image image/png	34.107.140.113 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://s2s.t13.io/setuid?bidder=adobe&uid=Y-rhlwAAATSlzQAF&gdpr=&gdpr_consent=&f=i&us_privacy=1---&_test=Y-rhlwAAATSlzQAF Protocol H3 Server 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 113.140.107.34.bc.googleusercontent.com Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 04:35:35 GMT content-encoding gzip via 1.1 google content-type image/png cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0 Redirect headers x-served-by cache-cdg20746-CDG pragma no-cache date Sun, 26 Feb 2023 04:35:35 GMT via 1.1 varnish server Varnish x-timer S1677386136.529866,VS0,VE0 x-cache HIT location https://s2s.t13.io/setuid?bidder=adobe&uid=Y-rhlwAAATSlzQAF&gdpr=&gdpr_consent=&f=i&us_privacy=1---&_test=Y-rhlwAAATSlzQAF cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	204	pbsync ads.yieldmo.com/	0 36 B	215ms 31ms	Image text/plain	99.81.17.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.17.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-17-47.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:35 GMT
GET H2	200	ixmatch.html js-sec.indexww.com/um/ Frame D576	0 0	90ms 25ms	Document text/html	104.18.10.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers age 597 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 79f5f99e8fc3f110-CDG content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 26 Feb 2023 04:35:37 GMT expires Sun, 26 Feb 2023 08:35:37 GMT last-modified Mon, 25 Jul 2022 19:18:26 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame A52E	0 0	65ms 27ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1--- Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 539 content-type text/html date Sun, 26 Feb 2023 04:35:37 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame 10EE	0 0	135ms 19ms	Document text/html	151.101.193.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 79276 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Sun, 26 Feb 2023 04:35:37 GMT ETag W/"623de86a-cf34" Expires Thu, 23 Feb 2023 06:34:17 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 33, 631483 X-Served-By cache-lga13626-LGA, cache-cdg20785-CDG X-Timer S1677386137.425544,VS0,VE0
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/dmp/ Frame AC03	0 0	132ms 19ms	Document text/html	151.101.193.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 79277 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Sun, 26 Feb 2023 04:35:37 GMT ETag W/"623de86a-cf34" Expires Thu, 23 Feb 2023 06:34:17 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 33, 636827 X-Served-By cache-lga13626-LGA, cache-cdg20737-CDG X-Timer S1677386137.425787,VS0,VE0
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 6C14	0 0	212ms 45ms	Document text/html	23.203.124.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-203-124-192.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers accept-ranges bytes cache-control max-age=38922 content-encoding gzip content-length 5554 content-type text/html date Sun, 26 Feb 2023 04:35:37 GMT expires Sun, 26 Feb 2023 15:24:19 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 40BA	0 0	210ms 47ms	Document text/html	23.203.124.192 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1--- Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-203-124-192.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers accept-ranges bytes cache-control max-age=38922 content-encoding gzip content-length 5554 content-type text/html date Sun, 26 Feb 2023 04:35:37 GMT expires Sun, 26 Feb 2023 15:24:19 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H2	204	pbcas ads.yieldmo.com/ Frame 09C1	0 0	32ms 31ms	Document text/plain	99.81.17.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.17.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-17-47.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers date Sun, 26 Feb 2023 04:35:37 GMT
GET H2	204	pbcas ads.yieldmo.com/ Frame E0CB	0 0	31ms 30ms	Document text/plain	99.81.17.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.17.47 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-17-47.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers date Sun, 26 Feb 2023 04:35:37 GMT
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame 5D59	0 0	44ms 26ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1--- Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 539 content-type text/html date Sun, 26 Feb 2023 04:35:37 GMT p3p CP="CUR ADM OUR NOR STA NID" server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	ixmatch.html js-sec.indexww.com/um/ Frame 69F7	0 0	63ms 27ms	Document text/html	104.18.10.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.19.9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers age 597 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 79f5f99e8fc4f110-CDG content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 26 Feb 2023 04:35:37 GMT expires Sun, 26 Feb 2023 08:35:37 GMT last-modified Mon, 25 Jul 2022 19:18:26 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd https://x.bidswitch.net/sync?dsp_id=4&user_id=eadf47a0-046c-4885-bd06-5c24f3ef4d7a&ssp=sonobi&expires=30&user_group=5&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd	49 B 535 B	286ms 96ms	Image image/gif	69.166.1.10 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd Protocol HTTP/1.1 Server 69.166.1.10 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:37 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-145 Content-Type image/gif P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers location //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd date Sun, 26 Feb 2023 04:35:37 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Redirect Chain https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0bb763fa-e19a-4900-841c-ead853b797af	49 B 533 B	439ms 106ms	Image image/gif	69.166.1.10 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0bb763fa-e19a-4900-841c-ead853b797af Protocol HTTP/1.1 Server 69.166.1.10 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Sun, 26 Feb 2023 04:35:37 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-44 Content-Type image/gif P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Sun, 26 Feb 2023 04:35:37 GMT Server MT3 530 4e92630 master zrh-pixel-x13 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0bb763fa-e19a-4900-841c-ead853b797af P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sun, 26 Feb 2023 04:35:36 GMT
GET H2	200	sync x.bidswitch.net/ Redirect Chain https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=themediagrid&bsw_custom_parameter=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=1--- https://x.bidswitch.net/sync?dsp_id=283&user_id=b6aba312-327f-4352-b342-5bdddeec6fd8&expires=1&user_group=5&ssp=themediagrid&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd	43 B 146 B	24ms 24ms	Image image/gif	52.28.147.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=283&user_id=b6aba312-327f-4352-b342-5bdddeec6fd8&expires=1&user_group=5&ssp=themediagrid&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd Protocol H2 Server 52.28.147.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-28-147-41.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 04:35:37 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers Location https://x.bidswitch.net/sync?dsp_id=283&user_id=b6aba312-327f-4352-b342-5bdddeec6fd8&expires=1&user_group=5&ssp=themediagrid&bsw_param=e343493f-cfc1-4b3f-8fea-26ef00eb0fbd Date Sun, 26 Feb 2023 04:35:37 GMT Strict-Transport-Security max-age=63072000; preload Server nginx Connection keep-alive Keep-Alive timeout=5 Content-Length 0
GET H2	200	generic match.adsrvr.org/track/cmf/	70 B 265 B	37ms 36ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=92e0ecff80&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sun, 26 Feb 2023 04:35:37 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.rlcdn.com

URL

https://api.rlcdn.com/api/identity/envelope?pid=106