Submitted URL: https://file110.gofile.io/download/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip
Effective URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Submission: On August 31 via manual from FR — Scanned from CA

Summary

This website contacted 47 IPs in 5 countries across 39 domains to perform 130 HTTP transactions. The main IP is 151.80.29.83, located in Roubaix, France and belongs to OVH, FR. The main domain is gofile.io. The Cisco Umbrella rank of the primary domain is 143340.
TLS certificate: Issued by R3 on July 9th 2023. Valid for: 3 months.
This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.222.249.232 16276 (OVH)
1 1 31.14.70.244 203698 (MOJI moji)
18 151.80.29.83 16276 (OVH)
3 51.38.43.18 16276 (OVH)
2 149.202.85.166 16276 (OVH)
1 213.239.205.245 24940 (HETZNER-AS)
6 104.18.20.206 13335 (CLOUDFLAR...)
3 34.160.63.134 15169 (GOOGLE)
7 34.160.152.31 396982 (GOOGLE-CL...)
1 13.226.34.33 16509 (AMAZON-02)
4 34.111.152.239 396982 (GOOGLE-CL...)
2 172.64.144.166 13335 (CLOUDFLAR...)
5 172.217.13.130 15169 (GOOGLE)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 104.26.7.139 13335 (CLOUDFLAR...)
1 104.22.52.173 13335 (CLOUDFLAR...)
6 172.67.23.234 13335 (CLOUDFLAR...)
3 130.211.23.194 15169 (GOOGLE)
2 104.26.3.70 13335 (CLOUDFLAR...)
1 172.217.13.102 15169 (GOOGLE)
1 3.160.5.94 16509 (AMAZON-02)
1 1 3.160.22.113 16509 (AMAZON-02)
1 18.173.219.12 16509 (AMAZON-02)
4 74.119.119.139 19750 (AS-CRITEO)
2 192.184.68.149 14618 (AMAZON-AES)
1 35.71.131.137 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 3.160.22.102 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 151.101.129.229 54113 (FASTLY)
1 104.22.53.86 13335 (CLOUDFLAR...)
3 74.119.119.131 19750 (AS-CRITEO)
1 172.64.152.89 13335 (CLOUDFLAR...)
3 34.107.140.113 396982 (GOOGLE-CL...)
6 3.232.158.174 14618 (AMAZON-AES)
2 74.119.119.129 19750 (AS-CRITEO)
2 68.67.161.208 29990 (ASN-APPNEX)
6 34.233.175.87 14618 (AMAZON-AES)
2 34.107.148.139 396982 (GOOGLE-CL...)
1 141.95.33.111 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 13.226.34.89 16509 (AMAZON-02)
1 52.203.22.13 14618 (AMAZON-AES)
2 142.251.41.2 15169 (GOOGLE)
3 172.217.13.161 15169 (GOOGLE)
4 142.251.40.193 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 172.217.13.196 15169 (GOOGLE)
1 104.77.8.253 16625 (AKAMAI-AS)
1 172.217.13.138 ()
130 47
Apex Domain
Subdomains
Transfer
25 gofile.io
file110.gofile.io
store3.gofile.io
gofile.io — Cisco Umbrella Rank: 143340
api.gofile.io — Cisco Umbrella Rank: 231056
plausible.gofile.io — Cisco Umbrella Rank: 269008
390 KB
13 pub.network
a.pub.network — Cisco Umbrella Rank: 4666
d.pub.network — Cisco Umbrella Rank: 4897
c.pub.network — Cisco Umbrella Rank: 4652
393 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
21 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
10 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1105
3 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
bidder.criteo.com — Cisco Umbrella Rank: 767
1 KB
6 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1772
458 B
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
ad.doubleclick.net — Cisco Umbrella Rank: 173
181 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1014
83 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5832
4 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1329
google-bidout-d.openx.net — Cisco Umbrella Rank: 1333
495 B
3 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4741
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
73 KB
3 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1367
sync.intentiq.com — Cisco Umbrella Rank: 1117
sync1.intentiq.com — Cisco Umbrella Rank: 2963
3 KB
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 26959
24 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1307
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
8 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
27 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
12 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
pixel.quantserve.com — Cisco Umbrella Rank: 928
10 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1048
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1417
100 KB
1 googleapis.com
fonts.googleapis.com
2 KB
1 ampproject.org
cdn.ampproject.org
62 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 513
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1136
1 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1074
9 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
897 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1404
8 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
539 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1866
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5696
454 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 607
483 B
1 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 36521
0 gstatic.com Failed
fonts.gstatic.com Failed
0 casalemedia.com Failed
ssum-sec.casalemedia.com Failed
0 rubiconproject.com Failed
pixel.rubiconproject.com Failed
130 39
Domain Requested by
18 gofile.io gofile.io
6 c.pub.network a.pub.network
6 g2.gumgum.com a.pub.network
6 btlr.sharethrough.com a.pub.network
6 id.hadron.ad.gt cdn.hadronid.net
a.pub.network
6 a.pub.network gofile.io
a.pub.network
5 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
gofile.io
4 gum.criteo.com a.pub.network
static.criteo.net
4 optimise.net a.pub.network
3 s2s.t13.io a.pub.network
3 static.criteo.net securepubads.g.doubleclick.net
a.pub.network
static.criteo.net
3 api.btloader.com freestar-io.videoplayerhub.com
3 fronttoad.com a.pub.network
fronttoad.com
3 api.gofile.io gofile.io
2 www.google.com tpc.googlesyndication.com
gofile.io
2 1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 oajs.openx.net 1 redirects
2 prebid.media.net a.pub.network
2 ib.adnxs.com a.pub.network
2 bidder.criteo.com a.pub.network
2 ad-delivery.net
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 plausible.gofile.io gofile.io
plausible.gofile.io
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 cdn.ampproject.org securepubads.g.doubleclick.net
1 ads.pubmatic.com a.pub.network
1 google-bidout-d.openx.net oa.openxcdn.net
1 pixel.quantserve.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 rules.quantcount.com secure.quantserve.com
1 id5-sync.com cdn.id5-sync.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 match.adsrvr.org a.pub.network
1 secure.quantserve.com a.pub.network
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 api.intentiq.com a.pub.network
1 ad.doubleclick.net
1 cdn.hadronid.net gofile.io
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 static.adsafeprotected.com
1 d.pub.network a.pub.network
1 ad.a-ads.com gofile.io
1 store3.gofile.io 1 redirects
1 file110.gofile.io 1 redirects
0 fonts.gstatic.com Failed fonts.googleapis.com
0 ssum-sec.casalemedia.com Failed a.pub.network
0 pixel.rubiconproject.com Failed
130 56

This site contains links to these domains. Also see Links.

Domain
twitter.com
dev.gofile.io
store3.gofile.io
ads.freestar.com
Subject Issuer Validity Valid
*.gofile.io
R3
2023-07-09 -
2023-10-07
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2022-12-21 -
2024-01-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-26 -
2024-02-25
a year crt.sh
fronttoad.com
R3
2023-06-30 -
2023-09-28
3 months crt.sh
d.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
optimise.net
GTS CA 1D4
2023-07-24 -
2023-10-22
3 months crt.sh
confiant-integrations.net
GTS CA 1P5
2023-07-23 -
2023-10-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
hadronid.net
GTS CA 1P5
2023-08-07 -
2023-11-05
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02
2023-04-11 -
2024-05-08
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-07-27 -
2023-10-25
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-08-26 -
2023-11-24
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-06 -
2023-09-30
a year crt.sh
s2s.t13.io
GTS CA 1D4
2023-07-16 -
2023-10-14
3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-08-02 -
2024-08-13
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
gumgum.com
Amazon RSA 2048 M02
2023-06-07 -
2024-07-06
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-07-05 -
2023-10-03
3 months crt.sh
*.id5-sync.com
R3
2023-08-22 -
2023-11-20
3 months crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
c.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh

This page contains 12 frames:

Primary Page: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Frame ID: B2A2819D4EDA52947B2B480F5D9A795F
Requests: 103 HTTP requests in this frame

Frame: https://ad.a-ads.com/2059298?size=300x250
Frame ID: 73C415EEBD4BE452E7466BF06B466FE4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gofile.io
Frame ID: 70839E5EAB483E920B9A4B84F80641D6
Requests: 1 HTTP requests in this frame

Frame: https://1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC055434CB7411178085130C370DA648
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A0080E9D09331D7AF390DA33BA6B926A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9262D67A6B8B2364D9477BC68A4D731
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01BCBE0D41D606485F12705224D86FFF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Frame ID: 21ED2BF48254108A5C8E07B478582012
Requests: 1 HTTP requests in this frame

Frame: https://1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0AD83F00B9CB847EDA9232D61D900095
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: CFCBBA0BBC2F9EF9956A8957EAB56A85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 3B09994BA076425C549814A5A4274119
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 2EBFA2052DBBF1800AF0718B106799D2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gofile - Free Unlimited File Sharing and Storage

Page URL History Show full URLs

  1. https://file110.gofile.io/download/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip HTTP 302
    https://store3.gofile.io/download/direct/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-p... HTTP 302
    https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

130
Requests

92 %
HTTPS

0 %
IPv6

39
Domains

56
Subdomains

47
IPs

5
Countries

1438 kB
Transfer

4596 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file110.gofile.io/download/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip HTTP 302
    https://store3.gofile.io/download/direct/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip HTTP 302
    https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 48
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&tsrnd=15_1693465720870&vrref=gofile.io&jsver=5.4&abtp=95&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&tsrnd=15_1693465720870&vrref=gofile.io&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=4YOGP2BJ1B&nc=false&trid=-1484597107
Request Chain 82
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp&cc=1

130 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
gofile.io/d/
Redirect Chain
  • https://file110.gofile.io/download/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip
  • https://store3.gofile.io/download/direct/583e1539-0828-4a9d-9e44-168524b06aa5/WifeTrainerFiles-0.7p-pc.zip
  • https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
14 KB
4 KB
Document
General
Full URL
https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
ec665206cae3074fdfcf0600da47f064cfb47e6e050ebf0ac92982d2c8daa05c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-length
3955
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 07:08:38 GMT
etag
W/"37b9-18a2438c4bb"
expect-ct
max-age=0
last-modified
Wed, 23 Aug 2023 21:06:54 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
*
content-length
156
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:38 GMT
location
https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
bootstrap.min.css
gofile.io/dist/css/
191 KB
30 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"2fbaa-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.css
gofile.io/dist/css/
93 KB
15 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-icons.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"17579-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-nightfall.css
gofile.io/dist/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-nightfall.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"c869-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.css
gofile.io/dist/css/
33 KB
6 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/plyr.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:31 GMT
etag
W/"85ae-18592ec8138"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
allcss.css
gofile.io/dist/css/
2 KB
846 B
Stylesheet
General
Full URL
https://gofile.io/dist/css/allcss.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
765
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 09 Feb 2023 16:33:45 GMT
etag
W/"72c-18637069bac"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
logo-small-70.png
gofile.io/dist/img/
2 KB
2 KB
Image
General
Full URL
https://gofile.io/dist/img/logo-small-70.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
2392
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"93f-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap.bundle.min.js
gofile.io/dist/js/
79 KB
24 KB
Script
General
Full URL
https://gofile.io/dist/js/bootstrap.bundle.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"13a49-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
sha256.min.js
gofile.io/dist/js/
9 KB
4 KB
Script
General
Full URL
https://gofile.io/dist/js/sha256.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3701
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"2339-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
qrcode.min.js
gofile.io/dist/js/
19 KB
7 KB
Script
General
Full URL
https://gofile.io/dist/js/qrcode.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"4dda-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
dayjs.min.js
gofile.io/dist/js/
7 KB
3 KB
Script
General
Full URL
https://gofile.io/dist/js/dayjs.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3029
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"1a0e-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
customParseFormat.js
gofile.io/dist/js/
4 KB
2 KB
Script
General
Full URL
https://gofile.io/dist/js/customParseFormat.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1803
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"ea2-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
marked.min.js
gofile.io/dist/js/
43 KB
16 KB
Script
General
Full URL
https://gofile.io/dist/js/marked.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"aca2-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.js
gofile.io/dist/js/
108 KB
34 KB
Script
General
Full URL
https://gofile.io/dist/js/plyr.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:31 GMT
etag
W/"1b1b2-18592ec8138"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
chart.umd.min.js
gofile.io/dist/js/
194 KB
71 KB
Script
General
Full URL
https://gofile.io/dist/js/chart.umd.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 08 Mar 2023 18:58:11 GMT
etag
W/"3094c-186c2968d85"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
alljs.js
gofile.io/dist/js/
182 KB
37 KB
Script
General
Full URL
https://gofile.io/dist/js/alljs.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
2cb5bcc0147b0422ee3adf60feaa352463e9d5bd247ef9a44dc926d60a31b7d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 27 Aug 2023 15:23:37 GMT
etag
W/"2d906-18a3797e8fd"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.woff2
gofile.io/dist/css/fonts/
118 KB
119 KB
Font
General
Full URL
https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: gofile.io
URL: https://gofile.io/dist/css/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://gofile.io
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"1d9d0-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
createAccount
api.gofile.io/
67 B
810 B
Fetch
General
Full URL
https://api.gofile.io/createAccount
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
2a188da8dca02bb74607d391da5cc85118d1fe52d0dfa99a11db431e52a92053
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 31 Aug 2023 07:08:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
67
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"43-HZDfNPnQO5NvBPt2xsBfeK6bjdQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
getAccountDetails
api.gofile.io/
312 B
408 B
Fetch
General
Full URL
https://api.gofile.io/getAccountDetails?token=bdwgylTcTJeuihB30wDO6rIAlcD445Iw
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
c3ce10b5c07c7baae235df53375b05d3f048d3c7dd7474c8a92deeb7ccb037a8
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 31 Aug 2023 07:08:40 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
312
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"138-cCuklMrF4f0pYHNAqL9/6fbi+8U"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
truncated
/
638 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebce99d9b9ebdaf39df211740d7ffda04c17292f40658f142ccd8e6980624fe7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
files.html
gofile.io/contents/
17 KB
3 KB
Fetch
General
Full URL
https://gofile.io/contents/files.html
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
ff8d74d2328df5590c675df09ecd425eacb78956c23c57c44a8b4a769b86c89a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3190
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 23 Jul 2023 11:43:07 GMT
etag
W/"4403-189828f7719"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plausible.js
plausible.gofile.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.gofile.io/js/plausible.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:39 GMT
x-content-type-options
nosniff
server
Cowboy
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
1321
2059298
ad.a-ads.com/ Frame 73C4
0
0
Document
General
Full URL
https://ad.a-ads.com/2059298?size=300x250
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 31 Aug 2023 07:08:40 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
pubfig.min.js
a.pub.network/gofile-io/
105 KB
38 KB
Script
General
Full URL
https://a.pub.network/gofile-io/pubfig.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a67fc0e0a3878b5993e74ad70a327e696cbe5cc6e51ad94c1428975dd85a77b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45092
x-guploader-uploadid
ADPycdu55-kUfVkybT43MUPiPJoqbj-fYam0seE2RDtjgubwVyYaHjC0lU1oBIIHnKZrrGsF6b31r_eVSFToAdCGc0I5g049-4ln
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 28 Aug 2023 18:22:43 GMT
server
cloudflare
etag
W/"fac0df975ae5d3320e0565f18fe89384"
vary
Accept-Encoding
x-goog-generation
1693246963375937
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=j2w07A==, md5=+sDfl1rl0zIOBWXxj+iThA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
107089
cf-ray
7ff3718fa8f036a5-YYZ
expires
Thu, 31 Aug 2023 07:38:40 GMT
getContent
api.gofile.io/
780 B
855 B
Fetch
General
Full URL
https://api.gofile.io/getContent?contentId=d59576a1-b36c-46a4-a75e-ce0f8a89e9c5&token=bdwgylTcTJeuihB30wDO6rIAlcD445Iw&websiteToken=7fd94ds12fds4
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
3f390ce9d52a73886aafb3b7dd38069b4b860fe9f8d66199a9b8bf35cf827126
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 31 Aug 2023 07:08:40 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
780
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"30c-rrQyy8rOALj5crXyzs/t7SV+ZlY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
8bad8b313e05fd4241b5f7e392
fronttoad.com/files/5ab30793f449/
67 KB
24 KB
Script
General
Full URL
https://fronttoad.com/files/5ab30793f449/8bad8b313e05fd4241b5f7e392
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
72ade5a28936153a64ecd0e1d6a5bc1e0b317befdddbefc331ca0e1cc4ce0c9e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 31 Aug 2023 07:08:40 GMT
x-datacenter
gce-us-east1
etag
"e029f69d3087c645f5762d4ef2a5824f1bf74f548245706bb5c7f9b694662f00"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-mr6f
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
975004442
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
configs
d.pub.network/v2/sites/gofile-io/
33 KB
5 KB
Fetch
General
Full URL
https://d.pub.network/v2/sites/gofile-io/configs?env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bcc4b2cc58bbb47125396aa1e76feb6cec4284ffc40418d608c9e68a08cd630a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubfig.engine.js
a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/
461 KB
137 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90575d5c19e002a7c3ea1fdc7c5b9a07061240792561f19da24cf2d97e41619

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45098
x-guploader-uploadid
ADPycduN7OaWVNArFwfaRn6od2isTNF871UszvULt2GKHQ1Pcw6rZGQ6_jKDvBHTKkV9GI3K0jfba8XDOY-uRXi4hvbcS8wViKxY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 28 Aug 2023 17:55:19 GMT
server
cloudflare
etag
W/"655a626c4bd3a735665cabe7b7f81661"
vary
Accept-Encoding
x-goog-hash
crc32c=YyR+sA==, md5=ZVpibEvTpzVmXKvnt/gWYQ==
x-goog-generation
1693245319749669
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
472019
cf-ray
7ff37190c99736a5-YYZ
expires
Thu, 31 Aug 2023 08:08:40 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
483 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=vkjngq&adnum=275624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 07:41:00 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
17882860
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
iQPA1OcS_N2hoV2pp-VDAWTnQV_307cjpN-CAdgiOlSkHZE87YMKqw==
/
optimise.net/ Frame
0
0
Preflight
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 31 Aug 2023 07:08:40 GMT
expires
0
fs-client-rtt
8
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/
1 KB
2 KB
Fetch
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b7ea688f98beef45e93234f9c93a9ac34d85cf3b8a52b78f6371b9217f5eec15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 31 Aug 2023 07:08:05 GMT
fs-client-rtt
8
age
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1530
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/
113 KB
23 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa4a15df9001199cc78fc25bb146612686072f132911fe3b48eb72f0b6a2707

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Aug 2023 04:42:26 GMT
server
cloudflare
x-amz-request-id
W6ST1B8N8CPKSKKS
age
464
etag
W/"71f4e94ac3aa3e85df01dcd9025e2ee6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7ff37191c9bea229-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BVrFtnvwMxutap59F/XCmZL4YVD7TpOG1pKSV0V11zI6NuEur5Zv3xYzmFLsBpox7tZFiinvptMeKiIg39TRfdn5rnOf1Jp6
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
358ca1f336ac19aee4f834c4dcddf6e445d74989c4467857df809121a90ca8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28841
x-xss-protection
0
server
cafe
etag
571 / 19600 / m202308240101 / config-hash: 8988950760368396923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 07:08:40 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
303 KB
82 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
104.26.7.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26934b4ebf73771a26f9940df57e005af88cce2f7ecdc254b8ce81d8061f2404

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Aug 2023 06:13:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3210
etag
W/"2eb27e19b626e06bd4b2ca7c2259ccf4"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxAsNrmJ4reIB%2BfnOrIqbgSKa8f%2FIEI7XYA8MzEpLev4qe4VjXcBHzI9O7K0a01ePO0KO0qY8I55AQIelOaYzG6anSdInq5M0YYWWmq9X0RuoQmpea8klv1lU7lKQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7ff371927f8d36d3-YYZ

Redirect headers

date
Thu, 31 Aug 2023 07:08:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShFblVUfztowe1D%2BHvIa2pf0gI5x5JJFczHnYpybjvPuXbp%2BBt31g2tpZ59FWAyRbBGPIydYoX%2FXcGOtSl911VAtC%2FaCYcF5OwyHT0G%2FJeq%2F1Hno1YiNrFbpHZ5I77UL6vSzWOdVUC%2FHFSovuLpCHg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7ff37191ef78a235-YYZ
expires
Thu, 31 Aug 2023 08:08:40 GMT
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ref=&_it=freestar&partner_id=474
Requested by
Host: gofile.io
URL: https://gofile.io/d/d59576a1-b36c-46a4-a75e-ce0f8a89e9c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
4202
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ff37191dc85398a-YYZ
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
prebid-analytics-7.48.4.js
a.pub.network/core/
596 KB
193 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45099
x-guploader-uploadid
ADPycdt5eJyTSTudo7Mbjkk46i1K-lmfLBQs9_Bb1JxeYpcSNQmAGV_e4vnjjWaosP_v2V-lef4ESstr0Ebaa7XcPL_gDkerVks3
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31490542
x-goog-stored-content-length
610321
cf-ray
7ff371919a0936a5-YYZ
expires
Thu, 29 Aug 2024 18:31:02 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/
251 KB
77 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
E8HV45T4RNWMRE6W
age
3679252
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7ff3719239f3a229-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9QR0K6kI9RkhXZLj65hLqF7Y0fFdH6v2HKAiEd65hEmF+9MKChHtI2So+aG9ClYHIlnUSN92/wyiRYJozEQ9qA9xDl/dIeo6dhZihaz5yLM=
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/R9ofNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7ff37192a83ca247-YYZ
content-length
0
content-type
application/json
date
Thu, 31 Aug 2023 07:08:40 GMT
debug
OPTIONS block
expires
Fri, 30 Aug 2024 07:08:40 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/
103 B
290 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/R9ofNk
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ref=&_it=freestar&partner_id=474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb47204af5f2869efdc49e932ea44478d68dbfa89cd98b2b62585b5828e8dc1

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7ff37192e863a247-YYZ
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/
404 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 13:21:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
64055
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 13:21:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
5 KB
841 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
99f937fca968ffe21c4eedff6a139e5dd11856a5e92b106e836c9bee7fa7c5a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
816
x-xss-protection
0
expires
Thu, 31 Aug 2023 07:08:40 GMT
event
plausible.gofile.io/api/
2 B
191 B
XHR
General
Full URL
https://plausible.gofile.io/api/event
Requested by
Host: plausible.gofile.io
URL: https://plausible.gofile.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
server
Cowboy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
F4BmGd1-uJ9kepAKDkdB
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
924 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669789
x-guploader-uploadid
ADPycduZLT4Egz3OccUY8BO9HQhQaPFB1QvWSXP2JV1sLWPG2UMlJ21pZzB414VM8V9U1p0QRqWsN_H-40vvify-oj-t3Akd6WML
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppbipS96pJ9tWmaEM2qtH%2B2Vp%2BVgR227OpXyWf1JizSvgEPZpIjIGYkFcky06JJ52C4TNSRjGRCPt5oof%2Bx%2FT%2BfkIhLCzyfWY62CDzyZt0pD31%2BvbvT6UIVozEEkUtIt0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ff371936ca13a0a-YYZ
expires
Wed, 23 Aug 2023 13:14:44 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 11:05:41 GMT
px.gif
ad-delivery.net/
43 B
331 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8481920634729874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
669789
x-guploader-uploadid
ADPycduZLT4Egz3OccUY8BO9HQhQaPFB1QvWSXP2JV1sLWPG2UMlJ21pZzB414VM8V9U1p0QRqWsN_H-40vvify-oj-t3Akd6WML
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hYWmMJoDt4sHTn5xvW8HP%2BcH0Nl4Mut%2BXk3jHHkyGT1z%2FWNHRJ%2FwBCaZCC%2Fp5cF%2BEYYKqiXpEk6LHIu6nyW611mWO4sjmY12eGco36esX8Mnntik%2FwXszZB9gHxiJdlhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ff371936ca23a0a-YYZ
expires
Wed, 23 Aug 2023 13:14:44 GMT
IIQUniversalID.js
a.pub.network/core/intentIQ/20230622/
55 KB
13 KB
Script
General
Full URL
https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45098
x-guploader-uploadid
ADPycdskwXkiCaHvF2JtYIMbLxk1eXDqnXj_RU5j-NqakRPIvnypTD0Ro1T3AE4vNIcZxrju_EfMPccupYsyWem8D0_9Fg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Jun 2023 23:15:14 GMT
server
cloudflare
etag
W/"c45a15a8a50c2a275e14695cf631d08d"
vary
Accept-Encoding
x-goog-hash
crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation
1687475714790007
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
56442
cf-ray
7ff371933b7836a5-YYZ
expires
Thu, 31 Aug 2023 08:08:40 GMT
91547f3f85df805bdfc804d47edf435ed61c380
fronttoad.com/create/7b747838f9e0a25/
280 B
307 B
Fetch
General
Full URL
https://fronttoad.com/create/7b747838f9e0a25/91547f3f85df805bdfc804d47edf435ed61c380
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/files/5ab30793f449/8bad8b313e05fd4241b5f7e392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
75a8fbab28d660825b0d58d0ce0057504d766724c1537b78586ce905d3ca5c5b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 google
x-buildnumber
975004442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-us-east1-mr6f
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 31 Aug 2023 07:08:39 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
92 B
922 B
XHR
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=911_1693465720869&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=gofile.io&japbjs=true&japs=false
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-94.cmh68.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
325ad6583be91477c31f4f95f5331e2e0a9cbefd92b259c5d37452a0b4731d31

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
via
1.1 c61c541bdffdab35e3f35d4013a8cfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://gofile.io
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
ql_LnrnqdSO8huKMj6MjXnoHD6LQJglt0VgGmdakKK7pHVTvhxVBHw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&tsr...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&ts...
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&tsrnd=15_1693465720870&vrref=gofile.io&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=4YOGP2BJ1B&nc=false&trid=-1484597107
Protocol
H2
Server
18.173.219.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-12.jfk52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
via
1.1 a7c9fe7eb79f698774d5b4dbc632cf68.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
WE1u2suSR0RWebttsf-8f4z4Wp55Dlnd0bsS_5F2G-UwiDpGp4PozA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 bbc57e4c259e16f712316786b8f9a84a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=969727&iiqidtype=2&iiqpcid=141d614b-a57e-4387-a7eb-d18a825827da&iiqpciddate=1693465720869&tsrnd=15_1693465720870&vrref=gofile.io&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=4YOGP2BJ1B&nc=false&trid=-1484597107
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
QmhzhHYTjuL-BlsD4z9xLhWGEoZyMwLvwSLaRyRrBRFmbQPabLaDIA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
30e8075f46bd1fe64fe2088726c0e27d655fef78f0e6d9f2bceefe
fronttoad.com/
3 B
27 B
Fetch
General
Full URL
https://fronttoad.com/30e8075f46bd1fe64fe2088726c0e27d655fef78f0e6d9f2bceefe
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/files/5ab30793f449/8bad8b313e05fd4241b5f7e392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.63.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.63.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 google
x-buildnumber
975004442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-us-east1-mr6f
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=FGFjYjNb&w=5912996595892224&o=5714937848528896&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&sid=0ugrKjK0z&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 31 Aug 2023 07:08:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ff371951975a247-YYZ
content-length
0
content-type
application/json
date
Thu, 31 Aug 2023 07:08:41 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7ff371951978a247-YYZ
content-length
0
content-type
application/json
date
Thu, 31 Aug 2023 07:08:41 GMT
debug
rtd-nx-ny
server
cloudflare
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Aug 2023 07:08:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
193774
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 07 Sep 2023 07:08:41 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
rtd
id.hadron.ad.gt/api/v1/
27 B
85 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
7ff37195599ca247-YYZ
rtd
id.hadron.ad.gt/api/v1/
27 B
83 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
7ff37195599da247-YYZ
json
gum.criteo.com/sid/
354 B
655 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f7331c014327680bb19a7ed866a78445db030a339394acc30301dfb7e75dcd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
633233
expires
0
rid
match.adsrvr.org/track/
109 B
539 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
4114486e3f4f386f9491896c8b4be5171a2edc94e19b19ad43b9c7d2e1d673da

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 30 Sep 2023 07:08:41 GMT
fslogo-green.svg
a.pub.network/core/imgs/
1 KB
1 KB
Image
General
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1885
x-guploader-uploadid
ADPycdus147rPEzBUiyOCmTZlTs-ies14HKccbUurTidIkJsjUqUiTlKXOg9dxRMS-eS4JPLXWsULk2JfIxP5OtzffymOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
7ff371952ce236a5-YYZ
expires
Thu, 31 Aug 2023 08:08:41 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 01:03:13 GMT
content-encoding
gzip
age
540328
x-guploader-uploadid
ADPycdvRBTOupmiEd6n1pvRq2DUpZZCl47KlMbWpyWHJ8cdG1PYDwktAAe5UaP7k3xq6tHyg-SFT7L1qU_i0kSPbZI3qxKaGki0G
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 01:03:13 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-22-102.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:55:10 GMT
content-encoding
gzip
via
1.1 94f960efa39aa7dd12cbd55282bf4f8e.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 15:52:21 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P3
age
54812
x-amz-server-side-encryption
AES256
etag
W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Mh_QdPzP2enW02U9QjWLwXmjt1yG5j6-dpTLGwS_VAtB1rbzQmN00g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
ee87e8fb1fbc2bc6e97b4d346824593e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
897 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 07:08:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
28095
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yul12829-YUL
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/
119 KB
26 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
CXZBWQEYD1H2C7SY
age
1619
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ff371958fc839f0-YYZ
x-amz-id-2
qq03mRpQRPTWpuxDBkjqnbQy5cKG9Zf9fYDXEqg6dRQHzQqp4eIqE0ja1vG5ComCurf5HDMAWIM=
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 07:08:41 GMT
ob.js
cdn-ima.33across.com/
40 KB
9 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
570850
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ff371957f2a714a-YUL
expires
Sun, 03 Sep 2023 07:08:41 GMT
cookie_sync
s2s.t13.io/
2 KB
835 B
XHR
General
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1a11844d240e77f0f7b9dd59ef63c3e7e04b6960f0dec18dddf98bb0911962f7

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617
expires
0
auction
s2s.t13.io/openrtb2/
1 KB
603 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
0787ba6e13f518f4ff85d0023e8ddfd92fbdd58e2871eb7c3d7150720df87803

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.122.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
515
expires
0
v1
btlr.sharethrough.com/universal/
574 B
514 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
51ee54f92c60c1398feee501db07d533822e6a4a5d8687dd6ce98d485bfb8d70

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
360
v1
btlr.sharethrough.com/universal/
412 B
575 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
718abd96511a32cfe6e058d38c6a20023ae71fd46f77d69a2b21f285ed4a5966

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:40 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
272
v1
btlr.sharethrough.com/universal/
417 B
486 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
63f211e723082cd7668b064f5be9f0a3d3a575a10fcb21b125314af059b2e3a5

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
309
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=60249074228&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 31 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/
145 B
958 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5c1eb7637d1d32c89ec917e3ef1c1690585fb0a41d1e5eec028cfb62247c38bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
an-x-request-uuid
fb9526d4-b1b7-4b2e-820d-f0becb2e09c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.88.190.203; 45.88.190.203; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721189&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&maxw=970&maxh=90&si=14287&pi=3&bf=970x90%2C728x90%2C468x60%2C1x1&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c327120db8d1c57df0828a4fb39b47be014c3bfda81d803fcc6715962ecb7e5a

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721190&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&maxw=970&maxh=90&si=14288&pi=3&bf=970x90%2C728x90%2C468x60%2C1x1&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b4b3a03e2fa654a96d45c1478d3c20f55c844d7a7d2ce42f9846b4d441690e80

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721190&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&t=ikg7mqd8&pi=2&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
935eb89f72652b05943f01f267ba418e173535289c0a7d37f6077d05670191e8

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6249356082f66670fddfb4ef4b93204c5ef7d2092ad1de1063e9fc354fa9a8fa

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 07:08:41 GMT
syncframe
gum.criteo.com/ Frame 7083
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gofile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:40 GMT
server
Kestrel
server-processing-duration-in-ticks
335068
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/
0
318 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 31 Aug 2023 07:08:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp&cc=1
85 B
202 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
116dbf036fe8dff98b711877b292fae32405d543c4446df4efb84387eb53ec00

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-WhAYy/jtGnqKkrc23DnaLk3Xt10"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 31 Aug 2023 07:08:41 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gofile.io
location
/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-89.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 06:42:11 GMT
content-encoding
gzip
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1591
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
k-wbmRNtRrihKyo2YIrBsSTAntFkATcqh8YJZdEeX_1YpjVZhLa7GQ==
map
bcp.crwdcntrl.net/6/
156 B
608 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.22.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-22-13.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
392b13c71be7d3a107fa2ea8beb7a2cd3235f17d733828209fc2a1f24270fe6e

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gofile.io
cache-control
no-cache
x-server
10.40.4.3
access-control-allow-credentials
true
content-length
156
expires
0
sync.php
pixel.rubiconproject.com/exchange/
0
0

pixel;r=79934869;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimite...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=79934869;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimited%20file%20storage%2Ckeywords.secure%20file%20sharing%2Ckeywords.secure%20file%20storage%2Ckeywords.large%20file%20sharing%2Ckeywords.large%20file%20storage%2Ckeywords.video%20file%20sharing%2Ckeywords.image%20file%20sharing%2Ckeywords.audio%20file%20sharing%2Ckeywords.cdn%2Ckeywords.direct%20link%2Ckeywords.file%20hosting%2Ctitle.Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk;uht=2;fpan=1;fpa=P0-78931611-1693465721268;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=gofile.io;dst=1;et=1693465721365;tzo=420;ogl=title.Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage%2Cdescription.Gofile%20is%20a%20free%252C%20secure%20file%20sharing%20and%20storage%20platform%252E%20With%20unlimited%20bandw%2Cimage.%2Fdist%2Fimg%2Flogo-small-og%252Epng%2Ctype.website;ses=2e80aef2-a60d-428a-8478-3f29ffb86909;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
auction
s2s.t13.io/openrtb2/
1 KB
587 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
46d5acb4e8668a37759347938287d3ce05ad450611884b935e6214f71dce3c4a

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.122.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
519
expires
0
cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=45038657804&lsavail=1&bundle=ZW9vIF9CJTJGRnA2RjE1WnFhZ2JvTWZoUXltaHJUUVBUVHZuTzhCJTJCT1Y4T2Z5cHpDciUyQmpDbzFneSUyQnJEYzdZdzVwR1B3Rjd4amxBJTJGNDZKOG82RDdMRXd2WktnM1lyNERUSnVscGd1TlNpSE1TWEpLZyUyQmxVZzJzQWtTV0lQTSUyRnhEY1dLaVk0QjNpZkhpa25mSFViJTJCYURHdCUyQjclMkJ1ZyUzRCUzRA
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 31 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721419&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&pv=be778cfd-5466-4afe-8280-a4728c6b2e6f&maxw=970&maxh=90&si=14287&pi=3&bf=970x90%2C728x90%2C468x60%2C1x1&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b8796e0f478fdb0f2a7f7bfeb96bc272361f983b8bd8579bc8c499e285bb8d48

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721419&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&pv=be778cfd-5466-4afe-8280-a4728c6b2e6f&maxw=970&maxh=90&si=14288&pi=3&bf=970x90%2C728x90%2C468x60%2C1x1&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
73ea563f778af471485793cec2e2fdb6134bde83f2e909c00298cccc48951d39

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693465721420&to=420&aun=gofileio_adhesion&hadronId=060adlfdlbghc7jabj996ic7gb6d6867fa8ek0ok0gqsi2wegw660ui2qg0k0402o&gpid=%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion&pv=be778cfd-5466-4afe-8280-a4728c6b2e6f&t=ikg7mqd8&pi=2&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.48.0%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.175.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-175-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
538c7eba992fa3da4ee641f7c232691a543ed55ba07ab3e838ad5dd1996eb35d

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
btlr.sharethrough.com/universal/
408 B
464 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
e17912d53c9afaca2651198383bad2127e06a7cd9cda211e08cca823fa672c1b

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
311
v1
btlr.sharethrough.com/universal/
496 B
502 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
d47b9ebecc532e59c52e1c4aaedf4c18c1246ffba569bb23563a955f683e26d3

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
348
v1
btlr.sharethrough.com/universal/
236 B
349 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-158-174.compute-1.amazonaws.com
Software
/
Resource Hash
aeae1634ec28d6a28b83d42ebde241425ff442639ba060ce7497242cf7af1334

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
195
prebid
ib.adnxs.com/ut/v3/
13 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e71d409b59051e4c8cb7beb4e02143a9e57f77bb2078244940f844b56a513e4b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
an-x-request-uuid
d3cdd885-f5fd-4172-bee1-3ff829544063
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.88.190.203; 45.88.190.203; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/
1 KB
763 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2da7aa747417c0658ab71a13094142553697c6dd12f0879ff8a4f486e9c634a

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 31 Aug 2023 07:08:41 GMT
/
optimise.net/ Frame
0
0
Preflight
General
Full URL
https://optimise.net/?k=1&d=gofile.io&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 31 Aug 2023 07:08:41 GMT
expires
0
fs-client-rtt
10
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/
1 KB
2 KB
Fetch
General
Full URL
https://optimise.net/?k=1&d=gofile.io&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
4fe3adae27fe4c0d6a89817233aad98608f9654702add21d0e2dae8934468be7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 31 Aug 2023 07:08:07 GMT
fs-client-rtt
22
age
34
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1529
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2227349852443595&correlator=1346360691949531&eid=31070233&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C468x60%7C728x90%7C970x90&ifi=1&didk=1080524692&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693465721485&lmt=1692850014&adxs=547&adys=1140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&vis=1&psz=506x-1&msz=468x-1&fws=512&ohw=0&ga_vid=293846888.1693465721&ga_sid=1693465721&ga_hid=1688129615&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRiv8rDTpDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiv8rDTpDFIAFICCGQSGQoKcHViY2lkLm9yZxjy8rDTpDFIAFICCGoSFwoIcnRiaG91c2UY1fOw06QxSABSAghqEhQKBW9wZW54GK_ysNOkMUgAUgIIZA..&dlt=1693465718971&idt=1847&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D402a7644-0306-492c-b902-745b03525017%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&cust_params=user-agent%3DChrome%26fs_session_id%3Dbcdedb60-dac6-43da-9f53-23ca22485ee2%26fs_pageview_id%3D1b2e76a80548808c54e4bae4cb9d3a21%26fs_iiq_enabled%3Dtrue%26fs_used_optimise%3Dtrue%26floors_user%3D0%26floors_rtt%3D8%26fs_clientservermask%3D22233333223333223111%26fs_testgroup%3Doptimised&adks=3199641529&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
dd7af5d49958e35fe272f0a703beb2fe0428bda600641b4218fe2bde47f6294e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9552
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
fa201e9f89eac71b944c484b60d85ceb474718b41e8b36f59dc7a92436723dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11809
x-xss-protection
0
container.html
1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC05
0
0
Document
General
Full URL
https://1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:41 GMT
expires
Fri, 30 Aug 2024 07:08:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.min.js
a.pub.network/core/analytics/1.1.1/
13 KB
6 KB
Script
General
Full URL
https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/e9e7b93c427555a36e127e2afd65a8008f3e0421/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
45100
x-guploader-uploadid
ADPycdtTwV1mwPw8UqRtLvGdnYmw7Vn0m18xyAmAxOkac2iz2HCVgotypnahB6DfLWpaR_T3RRPUfKFfwBwB3WQuCfE0w6xfmHs5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 21 Mar 2023 16:29:06 GMT
server
cloudflare
etag
W/"9faa51c72267d7040ea861c2a59c266f"
vary
Accept-Encoding
x-goog-hash
crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
x-goog-generation
1679416146332026
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13155
cf-ray
7ff37197de2c36a5-YYZ
expires
Thu, 31 Aug 2023 08:08:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 07:08:41 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame A008
0
0
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
380
content-type
text/html
date
Thu, 31 Aug 2023 07:08:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C926
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.193 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
26281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 23:50:40 GMT
expires
Thu, 29 Aug 2024 23:50:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 01BC
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q9js6EbjtgUgUbsMkvbSYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-q9js6EbjtgUgUbsMkvbSYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:41 GMT
expires
Thu, 31 Aug 2023 07:08:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.135.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 07:08:41 GMT
syncframe
gum.criteo.com/ Frame 21ED
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:41 GMT
server
Kestrel
server-processing-duration-in-ticks
979850
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 07:08:41 GMT
container.html
1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AD8
0
0
Document
General
Full URL
https://1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:08:41 GMT
expires
Fri, 30 Aug 2024 07:08:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Aug 2023 07:08:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0591d130fc87a736240abbd4c773cce199d4fece2b75b64b9e111178de56cd7b

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:42 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CFCB
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.8.253 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-8-253.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141330
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 31 Aug 2023 07:08:42 GMT
expires
Fri, 01 Sep 2023 22:24:12 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
184.51.148.54, 4.7.166.98
x-check-cacheable
YES
x-serial
66383
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=2227349852443595&bg=!dnWldTrNAAYHwnCgJ8I7ADQBe5WfOH7gRj3Dd02bMhcnVcgQlr6d8hC7ajDlfjR5qJvlgam6nQ-7yKpYT6WoHr4Dlj_bAgAAAGNSAAAABWgBBwoAci0ORbENHZZWLRJSYXjIt4cOmdruqYOB_YR_NjBwyFrgbxybcyR4Pg2Ym-I2aKO4Pjbt6IwP1SqrzqSq9ggQBTJVKGy3zdodwgPJo48L047z1LDbNEZ0jWx23tXGngBkXC_KEnTp41q0HeBFvgRo0plcBJkC_7RJY3FnTi_8HtLOwXKi77QeGaxYc56nO2WQUCO6gNoo7HIER_NcYaqjDsfxub-VVwhji2VnlsU06ylOdaGbbPKvjQjwrwkPvTtOww0hynueR4bUsQwoJDXMtdTFg9r0rgnD26zWgYkDCbpcuwO7gy_UWwwvWajwYnzjuUJr6tqPUkfYRmSLMXCGLp2XjYfHRl1c_Je0Jv3rWHGP50ScbGb4xk9C2lmpr2yw0KDyEsXIBIHky_yecK5gaIbKmRAOCC-UYq1OIV7EGa47qgoff6DwYw6dOLpAlU2r0p3e-pnvESt8qV6SUqt2t8S44Di-cEp7-nYztKW5VrNOPMezlKmkEr_MSYA9oNx07tycLuDpurEoFjXAERpp5cxGGCbCxM3xUPi9Ndx3fytgRZvMW5Qko3vC9Agm646Bm7vcv72gCQBwxrPZGtRM3pbzYA5lCGxgq2bTY1dg2uMqxmawwEiI0WJqAfS7DSIpbCQ9y3Cl70uTUIID_EyyHGv9V1z7trh3VRKe-Gy_vp0mfjMkbx8Ja2czXj3iIVjOmJ2yaVRUUNNyQGgfwvu8eeDd8H80tj41jbdqjPTIiMSGSq4ckGCY1GPZQYVFVFhcd51CU8kz-VAppoAR2gfJcQwCyXxejXdplzcB2sfuDJ5Nrl5aUWyKav-WGMfYht4Hmu7C37BPMjdJgBhclgkKr5vb29mdt_7UA8a88-D3xGz1tbrSHAwH1BOaf8tvtUVTZ-wK9mEgYaEx9YuX3LvtXBy85jb0AqP-HzhaE7nVePy5y2JpCKuR0chw0H5-EjSBLnSvsd72a502whcmVjg6IbXnRPd72uoXvz4PvMQL8HS1tNXauoYjE6-2J9_zfwvX15TpwMDMILsKItyP7hoqmSmscbWf1G9rNV5WSMYJLwvPQQlq_TQPyOwGf2GBxvw10nJyLKr3V_kKGocACgnMSbu_8H9JlVLGhogfthoQTfS5Ut0LXboWoVZuMIk0eR8OPbvcud4of3TlAcny6YYxxT2ti58u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0591d130fc87a736240abbd4c773cce199d4fece2b75b64b9e111178de56cd7b

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:42 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Aug 2023 07:08:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/
57 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2227349852443595&correlator=1346360691949531&eid=31070233&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C468x60%7C728x90%7C970x90&ifi=2&didk=1080524692&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D68a59a741fe90727%3AT%3D1693465721%3ART%3D1693465721%3AS%3DALNI_MbjU5D68NQDC84G0MeC4P-Kj26y1g&gpic=UID%3D00000d8f0608d316%3AT%3D1693465721%3ART%3D1693465721%3AS%3DALNI_MZJYTeuQh98zSQ-XVpYXpQ_wnPFXA&abxe=1&dt=1693465722691&lmt=1692850014&adxs=417&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FR9ofNk&vis=1&psz=766x-1&msz=728x-1&fws=512&ohw=0&ga_vid=293846888.1693465721&ga_sid=1693465721&ga_hid=1688129615&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRjl9bDTpDFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGJj2sNOkMUgAEhkKCnB1YmNpZC5vcmcY8vKw06QxSABSAghqEhcKCHJ0YmhvdXNlGNXzsNOkMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lOVVk1YURGeU1qTlVhbGRrUm14eE1XTlhhbEZ0WnowOUluMD0YxPaw06QxSAA.&dlt=1693465718971&idt=1847&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D402a7644-0306-492c-b902-745b03525017%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0%26fspbg%3Dfreestar%26hb_auction_id%3D055cbe7f-e2c4-4382-b721-ac4e7cdd95b7%26freestar_path%3D%252Fd%252FR9ofNk%26freestar_domain%3Dgofile.io%26custom_bidder_size%3Dappnexus_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D75a269742cacf7%26hb_bidder%3Dappnexus&cust_params=user-agent%3DChrome%26fs_session_id%3Dbcdedb60-dac6-43da-9f53-23ca22485ee2%26fs_pageview_id%3D1b2e76a80548808c54e4bae4cb9d3a21%26fs_iiq_enabled%3Dtrue%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D22%26fs_clientservermask%3D22213333322333223111%26fs_testgroup%3Doptimised&adks=3199641529&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1855dce8732d164b4fbb6cd8435c855044b61df4fa7b2b7019a35e7c00e0a862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:08:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14854
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0591d130fc87a736240abbd4c773cce199d4fece2b75b64b9e111178de56cd7b

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:08:43 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 3B09
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f1.1e100.net
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 26 Aug 2023 06:53:06 GMT
age
432937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 25 Aug 2024 06:53:06 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3B09
0
0

amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3B09
0
0

amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3B09
0
0

amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 3B09
0
0

css
fonts.googleapis.com/ Frame 3B09
14 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 07:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 06:00:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 07:08:43 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3B09
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/R9ofNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.193 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:41:13 GMT
x-content-type-options
nosniff
server
cafe
age
84450
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 31 Aug 2023 07:41:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3B09
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/R9ofNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.193 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:41:14 GMT
x-content-type-options
nosniff
server
cafe
age
84449
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 31 Aug 2023 07:41:14 GMT
l
www.google.com/ads/measurement/ Frame 3B09
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnAgIFb9A5K64zYg3wJ12jOe5B_YqhoPR0M2TSRm27BnPSXkrnFBkIQrkGox1Ejooep3KK2JoDxd3DVIBpYv7lTYwEEw
Requested by
Host: gofile.io
URL: https://gofile.io/d/R9ofNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

truncated
/ Frame 3B09
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e6db6e91e20590eeaf490e85326c4c53113f6f4742797c478f5a52d51062b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Aug 2023 07:08:43 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame 2EBF
0
0

4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3B09
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture number| uidEvent object| bootstrap function| sha256 function| sha224 function| QRCode function| dayjs function| dayjs_plugin_customParseFormat function| marked function| Plyr function| Chart object| accountsObject string| accountActive string| apiServer string| contentsDir string| entryPage object| urlSplit number| sidebarCollapseLevel undefined| modal object| mainFolderObject object| pressedKeys number| random string| referrer object| uploadQueue object| contentsSelected object| lastContentSelected string| currencySelected number| premiumPriceSelected boolean| freestarScriptLoaded boolean| playwireScriptLoaded boolean| googleScriptLoaded boolean| pubfutureScriptLoaded boolean| applixirScriptLoaded object| countriesArray function| fade function| sleep function| uuidv4 function| humanFileSize function| toHHMMSS function| validateEmail function| validateName function| validatePasswd function| validateTags function| sidebarCollapse function| setAccountActive function| selectAccountActive function| myFetch function| loadContent object| modalTemplate function| createModal function| createToast function| processURL function| checkAccountAndUpdateInfo function| createGuestAccount function| buildSidebarAccountList function| logout function| startup function| addFilesToUploadQueue function| processUploadQueue function| uploadFile function| createUploadDiv function| deleteContent function| popupBeforeCopyContent function| copyContent function| downloadBulkContents function| loadTableFromFolderResult function| addContentIdToTable function| playFile function| closeFile function| showInfos function| showSettings function| showShare function| adStatusCallback function| launchAppLixirAd function| afterPageFilesLoad function| afterPageProfileLoad function| afterPageApiLoad function| afterPagePremiumLoad function| afterPageContactLoad function| afterPageTestLoad boolean| adReady object| freestar object| blockies object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| admiral object| googletag object| regeneratorRuntime object| fsdata object| fsprebid function| 4dm1r11545242527 function| load_script object| confiant function| _hadron object| fsprebidChunk object| _pbjsGlobals object| mnet object| hadron boolean| __halo_loaded__ object| ggeac object| google_tag_data object| google_js_reporting_queue function| plausible object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| google_measure_js_timing object| au function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array boolean| __bt_already_invoked object| _qevents object| Criteo object| pbjs object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 function| setImmediate function| clearImmediate object| ox_esp function| quantserve function| __qc object| ezt object| _qoptions function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| google_image_requests

55 Cookies

Domain/Path Name / Value
.gofile.io/ Name: accountToken
Value: bdwgylTcTJeuihB30wDO6rIAlcD445Iw
.pub.network/ Name: _fsuid
Value: d4e3bdf0-8989-4c7a-8055-ca2f6db4948c
.gofile.io/ Name: _awl
Value: 2.1693465720.5-8a8e48d07321fb890f7bdc72e766aa4d-6763652d75732d6561737431-0
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 4YOGP2BJ1B
gofile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gofile.io/ Name: cookie
Value: 641fb6b7-769b-4714-88c5-d2b3f013ccf5
.intentiq.com/ Name: intentIQCDate
Value: 1693465721131
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 760790731#1693465721130#0#1693465721130
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNzJfMCZUb1ViYUc1
.adsrvr.org/ Name: TDID
Value: 4459e2b1-d16e-481b-9e5a-af4ba783594d
.criteo.com/ Name: uid
Value: a6d554c4-dbc9-4d90-897d-94966af89439
.gofile.io/ Name: cto_bidid
Value: UU2RW183NGtrZDk2QUJXQjRlTDNhRFhVSDIwMWFLMzlwQ0w3dXhkQTZmRlA2TWRNWEE4bjMxMEN1RVVIejJXc3c3SjR2Zzg1WVFucURVUEJMOWQyNEpZSEdPQSUzRCUzRA
.sharethrough.com/ Name: stx_user_id
Value: 8cf6d192-b599-4c08-8484-3ba3cf8ea5cd
.adnxs.com/ Name: uuid2
Value: 4828848376991168757
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_2e47acad-c466-42e2-b232-4ff6106bac67
.quantserve.com/ Name: mc
Value: 64f03c79-625fc-02fd8-6adfd
.gofile.io/ Name: __qca
Value: P0-78931611-1693465721268
.openx.net/ Name: i
Value: e45f61d6-bdb7-4e35-9d16-5ab57168d09a|1693465721
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1f592a3322bfaec7a9436f1d2d489ea0
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYAiACKAIw-fjApwY4AkACSAIQ-fjApwYYAQ..
.gofile.io/ Name: _cc_id
Value: 1f592a3322bfaec7a9436f1d2d489ea0
.gofile.io/ Name: panoramaId_expiry
Value: 1693552121593
.openx.net/ Name: pd
Value: v2|1693465721|vMgavPkWgy
.doubleclick.net/ Name: IDE
Value: AHWqTUlo5VlGeQ5HJrve1II51ACVXwschQWpLtU5MMClvz2qORARUX99Wt9RBM1fdtE
.gofile.io/ Name: cto_bundle
Value: gUnEUF9CJTJGRnA2RjE1WnFhZ2JvTWZoUXltaGhVeVNoWkR1MkglMkZVdmNKdzdBelhhcmxEbHpVNkVCVzRURyUyQmZyTVZzVEdjbUhaQkx0UW1HaENaaktKVllCeUZHdDlnM0tEemxjUmNKZzh4MU4zZWVNa1lZRSUyRlRpSXdIQjV1SVQlMkJqeWMxc1k2Um5ub3VQTXBIaFFLQm0wVFhmMGdRJTNEJTNE
.gofile.io/ Name: __gads
Value: ID=68a59a741fe90727:T=1693465721:RT=1693465721:S=ALNI_MbjU5D68NQDC84G0MeC4P-Kj26y1g
.gofile.io/ Name: __gpi
Value: UID=00000d8f0608d316:T=1693465721:RT=1693465721:S=ALNI_MZJYTeuQh98zSQ-XVpYXpQ_wnPFXA
.yahoo.com/ Name: A3
Value: d=AQABBHo88GQCEOheCaECFSzr_-oyUfWDfEAFEgEBAQGN8WT6ZAAAAAAA_eMAAA&S=AQAAAuFFhdn9QmK6O4FqxZSrlBc
.doubleclick.net/ Name: APC
Value: AfxxVi5BFXKGrvZn_QRnZDTIDzoUwNQ-cZAOeJPWnTBRDAX1nw8zsQ
.amazon-adsystem.com/ Name: ad-id
Value: AyrCXZLkREN_rShp0KcA9Xw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMPS
Value: 3542
.casalemedia.com/ Name: CMID
Value: ZPA8ehUc73t6.05cQAYLgwAA
.casalemedia.com/ Name: CMPRO
Value: 3542
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D16CFA1A-382B-4D9F-82FD-393AF8B6F43F
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1694649600%3A263_201%7C1693526400%3A248%7C1694044800%3A265
.pubmatic.com/ Name: SyncRTB3
Value: 1694649600%3A104_220_21_54_250_71_13_166_3%7C1694044800%3A223
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicHVibWF0aWMiOnsidWlkIjoiRDE2Q0ZBMUEtMzgyQi00RDlGLTgyRkQtMzkzQUY4QjZGNDNGIiwiZXhwaXJlcyI6IjIwMjMtMDktMTRUMDc6MDg6NDIuNTA3NTk4NjIxWiJ9fX0=
.tapad.com/ Name: TapAd_TS
Value: 1693465722540
.tapad.com/ Name: TapAd_DID
Value: 851e77c4-bca0-4fc4-bf62-7623d1da9da3
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2dnj
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjGx7nE5P6UPBAFEhQKBXRhcGFkEgsIyoXaxeT-lDwQBRgBIAEoAjILCMr93PL6_pQ8EAU4AVoFdGFwYWRgAg..
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5839
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-4459e2b1-d16e-481b-9e5a-af4ba783594d&KRTB&22918-4459e2b1-d16e-481b-9e5a-af4ba783594d&KRTB&23031-4459e2b1-d16e-481b-9e5a-af4ba783594d
.pubmatic.com/ Name: PugT
Value: 1693465722
.bidr.io/ Name: bito
Value: AACAf07J4HkAACXn3yCYHg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: SPugT
Value: 1693465721

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6dee953960f2c516beb52a7eadd40a.safeframe.googlesyndication.com
a.pub.network
ad-delivery.net
ad.a-ads.com
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
api.gofile.io
api.intentiq.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.pub.network
cdn-ima.33across.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
d.pub.network
file110.gofile.io
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
fronttoad.com
g2.gumgum.com
gofile.io
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
optimise.net
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
plausible.gofile.io
prebid.media.net
rules.quantcount.com
s2s.t13.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
store3.gofile.io
sync.intentiq.com
sync1.intentiq.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
cdn.ampproject.org
fonts.gstatic.com
pixel.rubiconproject.com
ssum-sec.casalemedia.com
104.18.20.206
104.22.52.173
104.22.53.86
104.26.3.70
104.26.7.139
104.26.9.50
104.77.8.253
13.226.34.33
13.226.34.89
130.211.23.194
141.95.33.111
142.251.40.193
142.251.41.2
149.202.85.166
151.101.129.229
151.80.29.83
172.217.13.102
172.217.13.130
172.217.13.138
172.217.13.161
172.217.13.196
172.64.144.166
172.64.152.89
172.67.23.234
18.173.219.12
192.184.68.149
213.239.205.245
3.160.22.102
3.160.22.113
3.160.5.94
3.232.158.174
31.14.70.244
34.102.146.192
34.107.140.113
34.107.148.139
34.111.152.239
34.120.135.53
34.160.152.31
34.160.63.134
34.233.175.87
34.96.70.87
34.98.64.218
35.71.131.137
51.222.249.232
51.38.43.18
52.203.22.13
68.67.161.208
74.119.119.129
74.119.119.131
74.119.119.139
0591d130fc87a736240abbd4c773cce199d4fece2b75b64b9e111178de56cd7b
0787ba6e13f518f4ff85d0023e8ddfd92fbdd58e2871eb7c3d7150720df87803
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
116dbf036fe8dff98b711877b292fae32405d543c4446df4efb84387eb53ec00
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1855dce8732d164b4fbb6cd8435c855044b61df4fa7b2b7019a35e7c00e0a862
1a11844d240e77f0f7b9dd59ef63c3e7e04b6960f0dec18dddf98bb0911962f7
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26934b4ebf73771a26f9940df57e005af88cce2f7ecdc254b8ce81d8061f2404
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
2a188da8dca02bb74607d391da5cc85118d1fe52d0dfa99a11db431e52a92053
2cb5bcc0147b0422ee3adf60feaa352463e9d5bd247ef9a44dc926d60a31b7d9
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
325ad6583be91477c31f4f95f5331e2e0a9cbefd92b259c5d37452a0b4731d31
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
358ca1f336ac19aee4f834c4dcddf6e445d74989c4467857df809121a90ca8ca
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
392b13c71be7d3a107fa2ea8beb7a2cd3235f17d733828209fc2a1f24270fe6e
3a67fc0e0a3878b5993e74ad70a327e696cbe5cc6e51ad94c1428975dd85a77b
3f390ce9d52a73886aafb3b7dd38069b4b860fe9f8d66199a9b8bf35cf827126
40e6db6e91e20590eeaf490e85326c4c53113f6f4742797c478f5a52d51062b9
4114486e3f4f386f9491896c8b4be5171a2edc94e19b19ad43b9c7d2e1d673da
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46d5acb4e8668a37759347938287d3ce05ad450611884b935e6214f71dce3c4a
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
4fe3adae27fe4c0d6a89817233aad98608f9654702add21d0e2dae8934468be7
51ee54f92c60c1398feee501db07d533822e6a4a5d8687dd6ce98d485bfb8d70
538c7eba992fa3da4ee641f7c232691a543ed55ba07ab3e838ad5dd1996eb35d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
5c1eb7637d1d32c89ec917e3ef1c1690585fb0a41d1e5eec028cfb62247c38bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6249356082f66670fddfb4ef4b93204c5ef7d2092ad1de1063e9fc354fa9a8fa
63f211e723082cd7668b064f5be9f0a3d3a575a10fcb21b125314af059b2e3a5
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
718abd96511a32cfe6e058d38c6a20023ae71fd46f77d69a2b21f285ed4a5966
72ade5a28936153a64ecd0e1d6a5bc1e0b317befdddbefc331ca0e1cc4ce0c9e
73ea563f778af471485793cec2e2fdb6134bde83f2e909c00298cccc48951d39
75a8fbab28d660825b0d58d0ce0057504d766724c1537b78586ce905d3ca5c5b
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
935eb89f72652b05943f01f267ba418e173535289c0a7d37f6077d05670191e8
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
99f937fca968ffe21c4eedff6a139e5dd11856a5e92b106e836c9bee7fa7c5a3
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9eb47204af5f2869efdc49e932ea44478d68dbfa89cd98b2b62585b5828e8dc1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
aeae1634ec28d6a28b83d42ebde241425ff442639ba060ce7497242cf7af1334
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b2da7aa747417c0658ab71a13094142553697c6dd12f0879ff8a4f486e9c634a
b4b3a03e2fa654a96d45c1478d3c20f55c844d7a7d2ce42f9846b4d441690e80
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b7ea688f98beef45e93234f9c93a9ac34d85cf3b8a52b78f6371b9217f5eec15
b8796e0f478fdb0f2a7f7bfeb96bc272361f983b8bd8579bc8c499e285bb8d48
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
bcc4b2cc58bbb47125396aa1e76feb6cec4284ffc40418d608c9e68a08cd630a
c327120db8d1c57df0828a4fb39b47be014c3bfda81d803fcc6715962ecb7e5a
c3ce10b5c07c7baae235df53375b05d3f048d3c7dd7474c8a92deeb7ccb037a8
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa4a15df9001199cc78fc25bb146612686072f132911fe3b48eb72f0b6a2707
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
d47b9ebecc532e59c52e1c4aaedf4c18c1246ffba569bb23563a955f683e26d3
d90575d5c19e002a7c3ea1fdc7c5b9a07061240792561f19da24cf2d97e41619
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
dd7af5d49958e35fe272f0a703beb2fe0428bda600641b4218fe2bde47f6294e
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e17912d53c9afaca2651198383bad2127e06a7cd9cda211e08cca823fa672c1b
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71d409b59051e4c8cb7beb4e02143a9e57f77bb2078244940f844b56a513e4b
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ebce99d9b9ebdaf39df211740d7ffda04c17292f40658f142ccd8e6980624fe7
ec665206cae3074fdfcf0600da47f064cfb47e6e050ebf0ac92982d2c8daa05c
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
f7331c014327680bb19a7ed866a78445db030a339394acc30301dfb7e75dcd6d
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fa201e9f89eac71b944c484b60d85ceb474718b41e8b36f59dc7a92436723dc3
ff8d74d2328df5590c675df09ecd425eacb78956c23c57c44a8b4a769b86c89a