Submitted URL: https://file120.gofile.io/download/8f982317-2514-4ed3-92d1-215b224cfe5f/Adobe%20Creative%20Cloud%20Collection%202023%20v07...
Effective URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Submission: On October 05 via manual from TR — Scanned from SG

Summary

This website contacted 60 IPs in 6 countries across 59 domains to perform 193 HTTP transactions. The main IP is 51.178.66.33, located in Paris, France and belongs to OVH, FR. The main domain is gofile.io. The Cisco Umbrella rank of the primary domain is 123231.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.112.123.225 203698 (MOJI moji)
21 51.178.66.33 16276 (OVH)
2 149.202.85.166 16276 (OVH)
1 78.46.33.196 24940 (HETZNER-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
7 34.160.152.31 15169 (GOOGLE)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2404:6800:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:217... 16509 (AMAZON-02)
1 3 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 182.161.73.136 55569 (CRITEO-AS...)
1 17 2606:4700:10:... 13335 (CLOUDFLAR...)
3 5 3.33.220.150 16509 (AMAZON-02)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 74.125.68.148 15169 (GOOGLE)
14 27 2600:9000:200... 16509 (AMAZON-02)
1 4 2620:116:800e... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 13.224.250.125 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42::485 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.214.8.108 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
6 34.107.140.113 396982 (GOOGLE-CL...)
2 35.227.252.103 15169 (GOOGLE)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
12 13.228.229.19 16509 (AMAZON-02)
2 4 104.18.26.193 13335 (CLOUDFLAR...)
2 23.207.180.199 16625 (AKAMAI-AS)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 184.87.193.162 20940 (AKAMAI-ASN1)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.244.159.8 15169 (GOOGLE)
1 2600:9000:229... 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2 103.43.90.114 29990 (ASN-APPNEX)
1 1 67.199.150.86 62713 (AS-PUBMATIC)
2 3 69.173.158.64 26667 (RUBICONPR...)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
3 4 74.125.200.154 15169 (GOOGLE)
1 1 72.34.250.75 ()
1 2a04:4e42:600... 54113 (FASTLY)
1 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
2 52.84.228.19 16509 (AMAZON-02)
1 18.155.68.12 16509 (AMAZON-02)
1 16 18.155.68.15 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
5 185.237.14.202 ()
2 2 35.213.12.39 15169 (GOOGLE)
1 1 35.214.220.196 ()
3 4 52.223.2.229 16509 (AMAZON-02)
1 1 18.143.106.89 16509 (AMAZON-02)
2 2 2600:1f18:612... ()
1 1 23.36.48.24 ()
2 2 209.191.163.208 ()
1 1 184.87.193.88 ()
1 80.77.87.162 ()
1 1 23.106.127.38 ()
1 1 3.0.37.88 ()
7 7 74.118.186.107 ()
1 1 2001:df2:a300... ()
1 2404:6800:400... 15169 (GOOGLE)
1 1 52.77.43.2 ()
2 2404:6800:400... ()
1 2404:6800:400... ()
193 60
Apex Domain
Subdomains
Transfer
32 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
video.primis.tech
rtb.primis.tech
1 MB
24 gofile.io
file120.gofile.io — Cisco Umbrella Rank: 793318
gofile.io — Cisco Umbrella Rank: 123231
api.gofile.io — Cisco Umbrella Rank: 199064
plausible.gofile.io — Cisco Umbrella Rank: 227265
390 KB
20 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
p.ad.gt — Cisco Umbrella Rank: 2530
ids.ad.gt — Cisco Umbrella Rank: 1641
pixels.ad.gt — Cisco Umbrella Rank: 2329
18 KB
17 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1456
sync.intentiq.com — Cisco Umbrella Rank: 1105
sync1.intentiq.com
14 KB
13 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1193
match.sharethrough.com
2 KB
12 pub.network
a.pub.network — Cisco Umbrella Rank: 4768
d.pub.network — Cisco Umbrella Rank: 5010
c.pub.network — Cisco Umbrella Rank: 4734
382 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
164 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
32 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
bidder.criteo.com — Cisco Umbrella Rank: 895
2 KB
6 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4908
2 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
rtb.openx.net — Cisco Umbrella Rank: 912
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
u.openx.net — Cisco Umbrella Rank: 739
1 KB
5 1rx.io
sync.1rx.io
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
3 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
1 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com
10 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1081
api.btloader.com — Cisco Umbrella Rank: 1150
84 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
imasdk.googleapis.com
124 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
23 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1004 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
2 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image2.pubmatic.com — Cisco Umbrella Rank: 1116
262 B
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 29547
24 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1011 B
2 lijit.com
ap.lijit.com
1 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com
718 B
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
66 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 bidswitch.net
grid.bidswitch.net Failed
x.bidswitch.net — Cisco Umbrella Rank: 387
923 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1420 Failed
cs.media.net
2 KB
2 adnxs.com
ib.adnxs.com Failed
secure.adnxs.com — Cisco Umbrella Rank: 542
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
30 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
12 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1591
107 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 5968
3 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 yieldmo.com
ads.yieldmo.com
522 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 turn.com
ad.turn.com
434 B
1 smartadserver.com
ssbsync-global.smartadserver.com
332 B
1 admanmedia.com
cs.admanmedia.com
176 B
1 stickyadstv.com
ads.stickyadstv.com
625 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
219 B
1 loopme.me
csync.loopme.me
265 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 680
416 B
1 sonobi.com
sync.go.sonobi.com
697 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2381
296 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
896 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
10 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
483 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5944
465 B
1 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 35458
0 rlcdn.com Failed
api.rlcdn.com Failed
0 colossusssp.com Failed
sync.colossusssp.com Failed
193 59
Domain Requested by
26 live.primis.tech 14 redirects a.pub.network
live.primis.tech
18 gofile.io gofile.io
15 sync.intentiq.com 1 redirects live.primis.tech
12 btlr.sharethrough.com a.pub.network
9 ids.ad.gt 1 redirects
7 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
6 c.pub.network a.pub.network
6 s2s.t13.io a.pub.network
5 sync.1rx.io 5 redirects
5 video.primis.tech live.primis.tech
5 match.adsrvr.org 3 redirects a.pub.network
live.primis.tech
5 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
5 a.pub.network gofile.io
a.pub.network
4 eb2.3lift.com 3 redirects a.pub.network
4 cm.g.doubleclick.net 3 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.google-analytics.com p.ad.gt
www.google-analytics.com
3 pixel.tapad.com 3 redirects
3 api.btloader.com freestar-io.videoplayerhub.com
3 gum.criteo.com 1 redirects static.criteo.net
3 fronttoad.com a.pub.network
fronttoad.com
3 api.gofile.io gofile.io
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ap.lijit.com 2 redirects
2 mb9eo.publishers.tremorhub.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 x.bidswitch.net 2 redirects
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 pixel.quantserve.com
2 secure.adnxs.com 2 redirects
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 static.criteo.net a.pub.network
static.criteo.net
2 ads.pubmatic.com a.pub.network
live.primis.tech
2 htlb.casalemedia.com a.pub.network
2 bidder.criteo.com a.pub.network
2 rtb.openx.net a.pub.network
2 oajs.openx.net 1 redirects
2 ad-delivery.net
2 mug.criteo.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 plausible.gofile.io gofile.io
plausible.gofile.io
1 cms.quantserve.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 ads.yieldmo.com 1 redirects
1 rtb.primis.tech live.primis.tech
1 fonts.gstatic.com fonts.googleapis.com
1 ad.turn.com 1 redirects
1 match.sharethrough.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 csync.loopme.me 1 redirects
1 u.openx.net 1 redirects
1 fonts.googleapis.com live.primis.tech
1 sync1.intentiq.com
1 api.intentiq.com live.primis.tech
1 pixels.ad.gt p.ad.gt
1 www.google.com tpc.googlesyndication.com
1 trc.taboola.com
1 sync.go.sonobi.com 1 redirects
1 token.rubiconproject.com
1 image2.pubmatic.com 1 redirects
1 p.ad.gt a.ad.gt
1 rules.quantcount.com secure.quantserve.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 qsearch-a.akamaihd.net
1 750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.media.net a.pub.network
1 id5-sync.com cdn.id5-sync.com
live.primis.tech
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 ad.doubleclick.net
1 cdn.hadronid.net a.pub.network
1 static.adsafeprotected.com
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 d.pub.network a.pub.network
1 ad.a-ads.com gofile.io
1 file120.gofile.io 1 redirects
0 api.rlcdn.com Failed live.primis.tech
0 sync.colossusssp.com Failed
0 grid.bidswitch.net Failed a.pub.network
0 ib.adnxs.com Failed a.pub.network
193 94

This site contains links to these domains. Also see Links.

Domain
twitter.com
dev.gofile.io
file120.gofile.io
ads.freestar.com
Subject Issuer Validity Valid
*.gofile.io
R3
2023-09-22 -
2023-12-21
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2022-12-21 -
2024-01-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-26 -
2024-02-25
a year crt.sh
fronttoad.com
R3
2023-09-13 -
2023-12-12
3 months crt.sh
d.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
optimise.net
GTS CA 1D4
2023-09-21 -
2023-12-20
3 months crt.sh
confiant-integrations.net
GTS CA 1P5
2023-09-20 -
2023-12-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
hadronid.net
GTS CA 1P5
2023-08-07 -
2023-11-05
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01
2023-09-24 -
2024-10-22
a year crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-08-26 -
2023-11-24
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
s2s.t13.io
GTS CA 1D4
2023-09-14 -
2023-12-13
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-09-23 -
2024-10-20
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-08-31 -
2023-11-29
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02
2023-04-11 -
2024-05-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2
2023-07-27 -
2024-06-18
a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2
2023-04-20 -
2024-05-21
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
c.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh

This page contains 14 frames:

Primary Page: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Frame ID: D9FD2D56CD86013AA1FB60180B1460C1
Requests: 138 HTTP requests in this frame

Frame: https://ad.a-ads.com/2059298?size=300x250
Frame ID: 5E1E95A6B0AB5868207B0F3FC38D7A88
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: FCD69710326143CDEC9ED3151033969A
Requests: 36 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 008C5550EB8C2C182C4C5D203850054E
Requests: 1 HTTP requests in this frame

Frame: https://750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9147B501D5E04E2A0092D40D7460008
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0821F8DB2360409400649E68A782734F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Frame ID: C9E1023A9C91BFC7E0D7E953B34D93EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D36639A23A7B440630217F1E61D09FC8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EE99140FF31F4A4719B3B29759A4AFF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: C0160944A1220C55FA99178300F3FC1E
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
Frame ID: FDB9D94922927C6CDF90A5332EF75F52
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: D36E082E24A83D5F32AEC3CA412201B8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 7948009F08C98358E4DAF10CFEF0A666
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 22E5F60819C910681E97F085FA17E1C5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gofile - Your all-in-one storage solution

Page URL History Show full URLs

  1. https://file120.gofile.io/download/8f982317-2514-4ed3-92d1-215b224cfe5f/Adobe%20Creative%20Cloud%20Col... HTTP 302
    https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

193
Requests

80 %
HTTPS

40 %
IPv6

59
Domains

94
Subdomains

60
IPs

6
Countries

2812 kB
Transfer

7616 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://file120.gofile.io/download/8f982317-2514-4ed3-92d1-215b224cfe5f/Adobe%20Creative%20Cloud%20Collection%202023%20v07.07.2023.zip HTTP 302
    https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 39
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=NiHnGHxOc1hjZm9OeG1qcGNPeTBFUzFQT0Z0MUJrQWdVa2Z1NmJNMWZaek1lZEZpcXhhMDh4M2s0KzFIWUVubGI5RFF6MWZMTnBBVVNRM0gvMjE1VXM0eGNmbFExRFlxMDhJSnRWeXBCYTdkZGhFS2w0ODF3NTg5RzhUdHYxRUdPa1JORGp2c3dHQ1RGajl1OEtpeVlZdjNmd2wyaVAwczJRUkJUbDlNbUZnUDBaQ1B2czBISWZla2VTSlJQNUJ4ZEpGcFI4cGlYM1BiMjRIQ1FMYm8wQk9IYVNCeUQ0REV0UmZmZk4vU3pzQm15Uy9BPXw&cppv=2
Request Chain 64
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp&cc=1
Request Chain 117
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001696536530-6T6NT261-6XG4%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=2185375866101279786&gdpr=0
Request Chain 118
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001696536530-6T6NT261-6XG4&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=583af889-58e8-4006-8360-30b2a7f6be01&id=AU1D-0100-001696536530-6T6NT261-6XG4
Request Chain 119
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001696536530-6T6NT261-6XG4 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=D7F99F16-28C3-4BB5-B805-B713CC237F63&id=AU1D-0100-001696536530-6T6NT261-6XG4
Request Chain 121
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001696536530-6T6NT261-6XG4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001696536530-6T6NT261-6XG4%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001696536530-6T6NT261-6XG4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001696536530-6T6NT261-6XG4%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001696536530-6T6NT261-6XG4%252526tapad_id%25253D340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=583af889-58e8-4006-8360-30b2a7f6be01&ttd_puid=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001696536530-6T6NT261-6XG4%2526tapad_id%253D340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&tapad_id=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001696536530-6T6NT261-6XG4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001696536530-6T6NT261-6XG4&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&google_gid=CAESENFenwfdoaDKW7Dq9knWSqs&google_cver=1&google_ula=450542624,0
Request Chain 123
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001696536530-6T6NT261-6XG4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY5NjUzNjUzMC02VDZOVDI2MS02WEc0
Request Chain 124
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=4dd452ec-2ef3-4c73-a5fa-20383878768c&gdpr=0
Request Chain 137
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsrnd=341_1696536530258&vrref=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsrnd=341_1696536530258&vrref=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&jsver=5.09&ckls=true&ci=X4cJ2qOf96&nc=false&trid=1848517706
Request Chain 144
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=dc683478-4e8f-4cc6-a880-f28d8202c5e8 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=70ef792d-d3ce-4971-a6fb-90c22f284aa4&google_hm=NzBlZjc5MmQtZDNjZS00OTcxLWE2ZmItOTBjMjJmMjg0YWE0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELaQHiSQ3uTnY_4fkLlOzjU&google_cver=1&ssp=sekindo&bsw_param=70ef792d-d3ce-4971-a6fb-90c22f284aa4 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=70ef792d-d3ce-4971-a6fb-90c22f284aa4 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=70ef792d-d3ce-4971-a6fb-90c22f284aa4
Request Chain 150
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=be7f4b2a-328e-45d7-9211-c03ef2f3b565&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=be7f4b2a-328e-45d7-9211-c03ef2f3b565
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZR8X0teuRgrNhD0ipkAKuAAA%264872 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZR8X0teuRgrNhD0ipkAKuAAA%264872
Request Chain 152
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3302578187677489789942 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3302578187677489789942
Request Chain 153
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNDM1OMP-F-I6RE&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNDM1OMP-F-I6RE
Request Chain 154
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A
Request Chain 155
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=eff0ea9d44bb4ab58202cd846007a3bd HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=eff0ea9d44bb4ab58202cd846007a3bd
Request Chain 156
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=651f17d16d744&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3395381303878598000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3395381303878598000V10
Request Chain 157
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Hb9YCLZH0_bvlMTmTSWmVQ38 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=Hb9YCLZH0_bvlMTmTSWmVQ38
Request Chain 158
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=80cfa0a6b184dc70f121e22131bda45&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=80cfa0a6b184dc70f121e22131bda45
Request Chain 160
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5428600111576897721 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5428600111576897721
Request Chain 161
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID HTTP 303
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=1523387845767905064 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=1523387845767905064
Request Chain 162
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=963d0d59-b396-4c78-9403-c3eb1aa2878f&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=963d0d59-b396-4c78-9403-c3eb1aa2878f
Request Chain 163
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1696536531363 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5262742273 HTTP 302
  • https://sync.1rx.io/usersync/turn/8238491717649052519?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-c24e6778-f4ca-421d-a17b-7258e0aad156-004 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
Request Chain 169
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 172
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3eIWuCI00HIVo7sj6BSy&gdpr=&gdpr_consent=&us_privacy=
Request Chain 184
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNDM1OMP-F-I6RE
Request Chain 185
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4364210904 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/583af889-58e8-4006-8360-30b2a7f6be01 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3DRX-c24e6778-f4ca-421d-a17b-7258e0aad156-004 HTTP 302
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
Request Chain 189
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir= HTTP 302
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=kcudvZbJyOmKz5XrlcmB78TLnr6Kx5juxJtSBale

193 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request f2098405-24a4-4296-97a9-7f8a54e90ba8
gofile.io/d/
Redirect Chain
  • https://file120.gofile.io/download/8f982317-2514-4ed3-92d1-215b224cfe5f/Adobe%20Creative%20Cloud%20Collection%202023%20v07.07.2023.zip
  • https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
14 KB
4 KB
Document
General
Full URL
https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
1f53386c3d89d01bbc7c10391c76bea1cc4cb1e1a66d70c421a332798f3492ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-length
3936
content-type
text/html; charset=UTF-8
date
Thu, 05 Oct 2023 20:08:46 GMT
etag
W/"3767-18afac342a2"
expect-ct
max-age=0
last-modified
Wed, 04 Oct 2023 12:56:55 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
*
content-length
156
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 20:08:45 GMT
location
https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
bootstrap.min.css
gofile.io/dist/css/
191 KB
30 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"2fbaa-1857d39bf79"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.css
gofile.io/dist/css/
93 KB
14 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-icons.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"17579-1857d39bf79"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-nightfall.css
gofile.io/dist/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-nightfall.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"c869-1857d39bf79"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.css
gofile.io/dist/css/
33 KB
6 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/plyr.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:43 GMT
etag
W/"85ae-18592ecb07b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
allcss.css
gofile.io/dist/css/
2 KB
864 B
Stylesheet
General
Full URL
https://gofile.io/dist/css/allcss.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
765
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 09 Feb 2023 16:33:56 GMT
etag
W/"72c-1863706c6c0"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
logo-small-70.png
gofile.io/dist/img/
2 KB
2 KB
Image
General
Full URL
https://gofile.io/dist/img/logo-small-70.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
2392
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"93f-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap.bundle.min.js
gofile.io/dist/js/
79 KB
24 KB
Script
General
Full URL
https://gofile.io/dist/js/bootstrap.bundle.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"13a49-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
sha256.min.js
gofile.io/dist/js/
9 KB
4 KB
Script
General
Full URL
https://gofile.io/dist/js/sha256.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3701
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"2339-1857d39bf81"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
qrcode.min.js
gofile.io/dist/js/
19 KB
7 KB
Script
General
Full URL
https://gofile.io/dist/js/qrcode.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"4dda-1857d39bf81"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
dayjs.min.js
gofile.io/dist/js/
7 KB
3 KB
Script
General
Full URL
https://gofile.io/dist/js/dayjs.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3029
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"1a0e-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
customParseFormat.js
gofile.io/dist/js/
4 KB
2 KB
Script
General
Full URL
https://gofile.io/dist/js/customParseFormat.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1803
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"ea2-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
marked.min.js
gofile.io/dist/js/
43 KB
16 KB
Script
General
Full URL
https://gofile.io/dist/js/marked.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"aca2-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.js
gofile.io/dist/js/
108 KB
34 KB
Script
General
Full URL
https://gofile.io/dist/js/plyr.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:43 GMT
etag
W/"1b1b2-18592ecb07f"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
chart.umd.min.js
gofile.io/dist/js/
194 KB
71 KB
Script
General
Full URL
https://gofile.io/dist/js/chart.umd.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 08 Mar 2023 18:58:23 GMT
etag
W/"3094c-186c296b964"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
alljs.js
gofile.io/dist/js/
182 KB
37 KB
Script
General
Full URL
https://gofile.io/dist/js/alljs.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/f2098405-24a4-4296-97a9-7f8a54e90ba8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
0dcfde93dfe9fdbfa65891077bfd1fa2fb1b8d984582e345adc68c821fbf203f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Oct 2023 16:28:15 GMT
etag
W/"2d6e6-18afb84bf90"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.woff2
gofile.io/dist/css/fonts/
118 KB
119 KB
Font
General
Full URL
https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: gofile.io
URL: https://gofile.io/dist/css/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://gofile.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:14 GMT
etag
W/"1d9d0-1857d39bf7d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
createAccount
api.gofile.io/
67 B
810 B
Fetch
General
Full URL
https://api.gofile.io/createAccount
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
54b73b7ddac1a605e04bb01f84af4acc9458f896da7398d2d96a5489871f098a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 05 Oct 2023 20:08:48 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
67
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"43-r/GdAEBVfUMzXdn6WrDP4W9/L+o"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
getAccountDetails
api.gofile.io/
312 B
386 B
Fetch
General
Full URL
https://api.gofile.io/getAccountDetails?token=RCyDG8CKG6RFg9mKkCNSOl8veRtA97M4
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
ebd7f9dd6d7d5385943a36e7beeafb55ddb83ae3aba9b62e0ae0f4727a3f605a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 05 Oct 2023 20:08:48 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
312
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"138-Qg+iTX+hK90yNUnfnNKSliltVuo"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
truncated
/
659 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce6a18f9fcd41364dff8f0f04a88764a6748263f65240eb719bbab462966cec6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
files.html
gofile.io/contents/
17 KB
3 KB
Fetch
General
Full URL
https://gofile.io/contents/files.html
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
68cf2e409973b2e33b7358ad8401a13ddcf2b9cf6a3e179578b814e3d12ab970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3126
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 03 Oct 2023 23:01:52 GMT
etag
W/"439b-18af7c6bff9"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plausible.js
plausible.gofile.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.gofile.io/js/plausible.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
x-content-type-options
nosniff
server
Cowboy
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
1321
2059298
ad.a-ads.com/ Frame 5E1E
0
0
Document
General
Full URL
https://ad.a-ads.com/2059298?size=300x250
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.33.46.78.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 05 Oct 2023 20:08:49 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
pubfig.min.js
a.pub.network/gofile-io/
109 KB
39 KB
Script
General
Full URL
https://a.pub.network/gofile-io/pubfig.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7cd62f79397bc6943bc811e1c220e2c3cf433d3553f873c30994cc9e18a77f1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4318
x-guploader-uploadid
ADPycduYLAz0OFqW7HIR531cm2nCI445cX46Vps5BVjbqqGwGsbThnH1-mLvrU62de2Tnq1iRplgy0I00XJlL3flBCGFpg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 05 Oct 2023 17:59:51 GMT
server
cloudflare
etag
W/"74ddef4d57ec70bcaf36d98fa0d1c13e"
vary
Accept-Encoding
x-goog-generation
1696528791286536
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=+73iqg==, md5=dN3vTVfscLyvNtmPoNHBPg==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
111510
cf-ray
81184c79e942919f-SIN
expires
Thu, 05 Oct 2023 20:38:48 GMT
getContent
api.gofile.io/
840 B
938 B
Fetch
General
Full URL
https://api.gofile.io/getContent?contentId=f2098405-24a4-4296-97a9-7f8a54e90ba8&token=RCyDG8CKG6RFg9mKkCNSOl8veRtA97M4&websiteToken=7fd94ds12fds4
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.178.66.33 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ns31226493.ip-51-178-66.eu
Software
/
Resource Hash
1df6f03b9217e0dd4008c16926bc87bf361c24281c01afea961ea57aeabd81d6
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 05 Oct 2023 20:08:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"348-Na4UWe3WfX7U3mG+nVFwH9VjK9I"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
98256b2ed8ae3a727d89d869910297e3.min.js
fronttoad.com/chunks/029ae2/
68 KB
24 KB
Script
General
Full URL
https://fronttoad.com/chunks/029ae2/98256b2ed8ae3a727d89d869910297e3.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
54371ae9cf2843e2e973a7f84ee12b65dfa0ba95f747ec583bebc6a4782ef6e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 05 Oct 2023 20:08:49 GMT
x-datacenter
gce-asia-east1
etag
"e0256ae4cee17f9f0339be9523b173286d4741ab987630a3803cdda76c01bb02"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-377m
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
configs
d.pub.network/v2/sites/gofile-io/
34 KB
6 KB
Fetch
General
Full URL
https://d.pub.network/v2/sites/gofile-io/configs?env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d2c313b89820e62f778005670ccba1a595c1070ad87c3ad6af4e066008d3f45d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubfig.engine.js
a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/
464 KB
138 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07f9a9beebbea97fdae7bdb7ec05cd19c6a8dbf8cdb0b2ba168781e219d3a9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4321
x-guploader-uploadid
ADPycdvVeW20AgnAh3B2kFSTkG5oznC3hgSeWZI2WuqJYQKkY7i4OWrDgI-YlY1XsLDE7lgACQWWIF1oKonVpjNJ6QIesw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 04 Oct 2023 16:14:17 GMT
server
cloudflare
etag
W/"6895b7a6943a3d2d488c84c0b4d7538f"
vary
Accept-Encoding
x-goog-generation
1696436057300295
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=1bWNEw==, md5=aJW3ppQ6PS1IjITAtNdTjw==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
474710
cf-ray
81184c7a99b3919f-SIN
expires
Thu, 05 Oct 2023 21:08:49 GMT
/
optimise.net/ Frame
0
0
Preflight
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 05 Oct 2023 20:08:49 GMT
expires
0
fs-client-rtt
3
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/
2 KB
3 KB
Fetch
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
73a9778211e0011679a2aff7e8073bfe9883ba6fabb1e8c59f95a60087df0905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 05 Oct 2023 20:07:41 GMT
fs-client-rtt
3
age
68
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2203
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/
109 KB
22 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3384c8b4c2114b32379563eacd2cdcaf7f65781c1b87cc0e3a26499364ab0973

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 20:30:14 GMT
server
cloudflare
x-amz-request-id
VMN66HB43A0WSZZJ
age
878
etag
W/"6f3eeab6c4768f00542486814e107a8a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
81184c7b3cad89ac-SIN
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6z/wTukXfD6PXmgYOwwlDEO3oINPwtf2cG4+bQbLO4JUd90GXr19oSq8NNESlfodgzWuQ+goKiQ=
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aaad91e44ce58b7170dc94e8afcfaad804b89f64073b20680d2937e946b0aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29543
x-xss-protection
0
server
cafe
etag
201 / 19635 / m202310020101 / config-hash: 4782658329373718188
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 20:08:49 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
308 KB
84 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49bf645555a7836bb0c9d24df378f24fe6fcd62329204326a4f95ecc963042ba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 19:18:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2926
etag
W/"3578dcd75aecaf81a17a4b4ca5e81a07"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKAj2NyZwyw80l2Bz1EtclFBq1%2B44p9HMXnwLj4VA%2BR3zt%2Fx7akDbniZQmAZRKatJpnKP40hLonLk1%2BTLJuJq6is%2FHrnhDr3agqtD6xgr2gfR8oCluzE9U%2BTqCOYKrLMPB%2BoGV6R0%2FeyFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
81184c7b9bf9a07d-SIN

Redirect headers

date
Thu, 05 Oct 2023 20:08:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCVI%2FtVJnnI3pCXrjaiMHrMhxpgXBYPf29u%2BvT0HQS8N6U8xcXRpwh1W7JNcjOXOXIB%2FZj7Ch%2B7gP2IpuJVbsYf6j2tCnoWFn4xU3Zal90ERYruQya1Au2ugm7eiMq95GDloz%2B2K%2FnUtKYcvxLhU9yI7GkUVnQLKlhrYTA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
81184c7b4f573e65-SIN
expires
Thu, 05 Oct 2023 21:08:49 GMT
prebid-analytics-7.48.4.js
a.pub.network/core/
596 KB
193 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4321
x-guploader-uploadid
ADPycdsYS9dHmSpQOAbpVHVFighWVJR9H0Hm4jEU3--KjLZvMNAlIiEtJYrqgcvHkAYcjayVDebNAltuezlsN4BMQofZGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31531679
x-goog-stored-content-length
610321
cf-ray
81184c7b3a18919f-SIN
expires
Fri, 04 Oct 2024 18:56:48 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
483 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ujmaw_728x90_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2175:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
date
Tue, 19 Sep 2023 01:30:23 GMT
via
1.1 51f76c8cc795edfca51e07563f87887c.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
1823007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
EkiJTOaRYfwXyiMYNM2EC-mGFIqrmmFMjKky2Viquwfpv8Q7JVJinA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 06:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
50753
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135332
x-xss-protection
0
server
cafe
etag
13275702515393991500
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 04 Oct 2024 06:02:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
823 B
949 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1034623c97bec92060a8b907014a03358bb2c4e0f3407797929c6efc1a2b2181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
0
expires
Thu, 05 Oct 2023 20:08:49 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310031103/
269 KB
86 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310031103/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 15:32:29 GMT
server
cloudflare
x-amz-request-id
9C1453P0SMRPJYTY
age
182873
etag
W/"1817aabf6d3ce56cce955976a0e0702e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
81184c7b8cdd89ac-SIN
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Fql+kAfofhUfoLZHtZgMnGboI8z8mikWe6RJ6yVnUl68z6tLlUQQ6Yboj87ckMdPeJ8yjNSqvhc=
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Oct 2023 20:08:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
276713
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
6831
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81184c7c0bd1a137-SIN
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=NiHnGHxOc1hjZm9OeG1qcGNPeTBFUzFQT0Z0MUJrQWdVa2Z1NmJNMWZaek1lZEZpcXhhMDh4M2s0KzFIWUVubGI5RFF6MWZMTnBBVVNRM0gvMjE1VXM0eGNmbFExRFlxMDhJSnRWeXBCYTdkZGhFS2w0ODF3NTg5RzhUdH...
365 B
667 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=NiHnGHxOc1hjZm9OeG1qcGNPeTBFUzFQT0Z0MUJrQWdVa2Z1NmJNMWZaek1lZEZpcXhhMDh4M2s0KzFIWUVubGI5RFF6MWZMTnBBVVNRM0gvMjE1VXM0eGNmbFExRFlxMDhJSnRWeXBCYTdkZGhFS2w0ODF3NTg5RzhUdHYxRUdPa1JORGp2c3dHQ1RGajl1OEtpeVlZdjNmd2wyaVAwczJRUkJUbDlNbUZnUDBaQ1B2czBISWZla2VTSlJQNUJ4ZEpGcFI4cGlYM1BiMjRIQ1FMYm8wQk9IYVNCeUQ0REV0UmZmZk4vU3pzQm15Uy9BPXw&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
605bd7e29fd79a3f4f736837b6ed566adc3aa81ff3342af07515060ca3e1b641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
433157
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://gofile.io
location
https://mug.criteo.com/sid?cpp=NiHnGHxOc1hjZm9OeG1qcGNPeTBFUzFQT0Z0MUJrQWdVa2Z1NmJNMWZaek1lZEZpcXhhMDh4M2s0KzFIWUVubGI5RFF6MWZMTnBBVVNRM0gvMjE1VXM0eGNmbFExRFlxMDhJSnRWeXBCYTdkZGhFS2w0ODF3NTg5RzhUdHYxRUdPa1JORGp2c3dHQ1RGajl1OEtpeVlZdjNmd2wyaVAwczJRUkJUbDlNbUZnUDBaQ1B2czBISWZla2VTSlJQNUJ4ZEpGcFI4cGlYM1BiMjRIQ1FMYm8wQk9IYVNCeUQ0REV0UmZmZk4vU3pzQm15Uy9BPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
246151
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/
141 B
314 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb1c7b9a001cd9c937f0ae3f06b06438823a0db9485c45b2491f6fe42d293ed

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
81184c7c8de340aa-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/
109 B
558 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2262dbfa1d45cb6e69d296b3025227b91fe8c40683d3087350ed2ed716fb0f32

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 04 Nov 2023 20:08:49 GMT
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
343 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2322279
x-guploader-uploadid
ADPycdscIBOi2XJIVbbby-KM8raP-80WQ7D5ejL9uMpEl2CKJl6SOhBcPHfSwM3R1zEUGp5yZfdiYmHiFD0C0eK1MsgNRw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cSeicvh3HCvSwUMNVQ%2F7cP4aaaetMy48I6iuXnWfcazV5KNCi3fF%2BdOiM6b%2BQa5zgAmbTJtb5t5QNoUnWiFw1dvgR%2FiW049MJKBkIo13PfZNd%2BZaA%2BA1t%2FTGwqZOPkAO%2F6d5ULwVA8CsCALdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81184c7cbdc689ac-SIN
expires
Fri, 08 Sep 2023 23:54:36 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 06:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Oct 2023 06:06:50 GMT
px.gif
ad-delivery.net/
43 B
930 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.14772977996539471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2322279
x-guploader-uploadid
ADPycdscIBOi2XJIVbbby-KM8raP-80WQ7D5ejL9uMpEl2CKJl6SOhBcPHfSwM3R1zEUGp5yZfdiYmHiFD0C0eK1MsgNRw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Fag5Omkig5fDVTKMv6u5PoskwP0fybPiR9bOHttq5Lv0kv6%2FNnwDMDozfTArnKIf%2FhJfntdfJ%2BQ7R8aHpnHA4cNwJk7VDl4KaYUngC8jpZrMfChBHXn01KU%2BQrlkEftB4JVchSHi1XTcdqOHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81184c7cbdc789ac-SIN
expires
Fri, 08 Sep 2023 23:54:36 GMT
liveView.php
live.primis.tech/live/
47 KB
18 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
47360aff5f5295bd9e0513690d131760bb26d081029dc288ba62394fa68d009c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
MMKnm_CABzlss5bwN3pFIe7wWvlEhWNZC-tSmIBpDJDehkK1V3YFvw==
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 12 Oct 2023 20:08:50 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
fslogo-green.svg
a.pub.network/core/imgs/
1 KB
1019 B
Image
General
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
718
x-guploader-uploadid
ADPycdvNz_dOktJfCbSIeKpYRKx8ovyaPZ-fDp282hoVfPH-0JqB_98WNQSs8zzZ0-V37kM8-ZdOoTPX2gurth5NxtXB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
81184c7cdb63919f-SIN
expires
Thu, 05 Oct 2023 21:08:49 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 20:00:07 GMT
content-encoding
gzip
age
1037322
x-guploader-uploadid
ADPycduLdx-e6l7s3bwXaWkAuIyPtTjnN0-8jp71PSjF-b6hKOM78AS3D6aNss1uP7fVZUpaO6qujZ66H3iyfB27u4uNSA4eLhYh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 22 Sep 2024 20:00:07 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:10:12 GMT
content-encoding
gzip
via
1.1 08a12acbdd73ab65ad077921a50970da.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
3518
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
n5rQ2KlB6DjPHQmq7Pv589TLvNU8rTSbeq1Rm9TNh57tXGI77xwsvQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
da53fcc5952fada1db3eb66777c19600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
896 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 20:08:50 GMT
x-content-type-options
nosniff
content-encoding
br
age
31499
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-maa10231-MAA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/
137 KB
30 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:57:30 GMT
server
cloudflare
x-amz-request-id
RZCSAQK3YRF76VGS
age
1139
etag
W/"cc596ad33b7bfdd4553b44192a81e29f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81184c7d0d4d9fbf-SIN
x-amz-id-2
37PJazb9kEjFAq03TMlHDdHiICjqzRwqT6O4cX1jFWRN+SuQgWxs8SQYNuVPISDIQkveSaWVpweqmA19y6vMSg==
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=NiHnGHxOc1hjZm9OeG1qcGNPeTBFUzFQT0Z0MUJrQWdVa2Z1NmJNMWZaek1lZEZpcXhhMDh4M2s0KzFIWUVubGI5RFF6MWZMTnBBVVNRM0gvMjE1VXM0eGNmbFExRFlxMDhJSnRWeXBCYTdkZGhFS2w0ODF3NTg5RzhUdHYxRUdPa1JORGp2c3dHQ1RGajl1OEtpeVlZdjNmd2wyaVAwczJRUkJUbDlNbUZnUDBaQ1B2czBISWZla2VTSlJQNUJ4ZEpGcFI4cGlYM1BiMjRIQ1FMYm8wQk9IYVNCeUQ0REV0UmZmZk4vU3pzQm15Uy9BPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Oct 2023 20:08:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
339406
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hadron.json
id.hadron.ad.gt/v1/
94 B
262 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/ZiHCDR
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295f0379542f17b4b198c46b774090a97f425d034767c62c75b9c730666488b1

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
81184c7e5ef840aa-SIN
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/ZiHCDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
81184c7d2e4940aa-SIN
content-length
0
content-type
application/json
date
Thu, 05 Oct 2023 20:08:49 GMT
debug
OPTIONS block
server
cloudflare
map
bcp.crwdcntrl.net/6/
235 B
689 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.214.8.108 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-214-8-108.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b5f44bb877d6c6a1f7528fa2fd094cde68cb484427a611b96e6eb401d86c185b

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gofile.io
cache-control
no-cache
x-server
10.42.28.178
access-control-allow-credentials
true
content-length
235
expires
0
increment
id5-sync.com/api/esp/
0
225 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
81184c7d6e6540aa-SIN
content-length
0
content-type
application/json
date
Thu, 05 Oct 2023 20:08:49 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
81184c7d6e6840aa-SIN
content-length
0
content-type
application/json
date
Thu, 05 Oct 2023 20:08:49 GMT
debug
rtd-nx-sv
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/
27 B
86 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
81184c7e9f0940aa-SIN
rtd
id.hadron.ad.gt/api/v1/
27 B
106 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
81184c80e85140aa-SIN
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp&cc=1
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d01bb642be27b9bf0f6e5d729fb797dc9e2720b8849d7c07bdc3eee52577654d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-zhCxJyCWJeVLAY6liX5hfW1HyLg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gofile.io
location
/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
liveView.php
live.primis.tech/live/ Frame FCD6
5 KB
2 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aeda6ffbc1b4cc39da97b1a735b8b9655814219890925ca09e300ccfd840c196

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
WwEGFznhP44gByJeejVLezGG7-tbf-pxouscetijohRghh3ZHWLIZQ==
cookie_sync
s2s.t13.io/
2 KB
765 B
XHR
General
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2e1af6a5579c0f794722b40a3c4bd09b208db711d6291d27a1c9e8c7932b0cc3

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
expires
0
auction
s2s.t13.io/openrtb2/
0
0

prebidjs
rtb.openx.net/openrtbb/
53 B
244 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b7ba1dabb908c06c25d38655a76b11cf745388ea54a1de027696c84c40144682

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=64378803644&lsavail=1&bundle=nqI_Ul9JVEZZJTJGTDlHQ1QlMkJRVDRjRHQ4ekJlUnF6YU1ZcmtGWm9wOUZ2OXNUTU1WVDNLMWJYc2YxOEt5dlUlMkYxbFhOT0I1T0cyJTJGYmNLUTdlRlIxWU9jQm82NUNjRExMV1BsWnc3TDJJMlRNa2RXR2dJYVFZMUJld0RGS05VY2VYJTJCRjVIYWQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:48 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/
0
0

prebid
prebid.media.net/rtb/
0
0

hbjson
grid.bidswitch.net/
0
0

pbjs
htlb.casalemedia.com/openrtb/
37 B
550 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
365b2307fb2aa2ed24a6504f157cf7ff5d6f55e0f4170c895d692a24d4c919a3

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdQ7vXVNB3K0swRVF%2BonNTKs3%2F4XgF%2BBKBMxYaD5xYKcmIKTPOHdJU2UyWOH0j0B3tR%2FaS0v1TVPRYJfiDkY%2FXI54uvrDXnUkbNEW2wmEsy%2BybUVDEb%2FKcKNhwrNb%2FrgptwXSBj0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81184c7dfc3c3e20-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
deflate.min.js
live.primis.tech/main/js/ Frame FCD6
13 KB
8 KB
Script
General
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
2dnYLR__N_R650K2yLbv2uyqfznZiGw8-w46DPh0qaqvN5fH_OYkhg==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame FCD6
39 KB
20 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:48 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"64d0ac45-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
AONsg4jfS9xx9Ox_uWNlvhX3SqbGOTI8IjyX2LzaNFfoMfUOY_ZLxQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame FCD6
64 KB
21 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"64d0ac45-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
6Sd4Tadqq2NN0N3galAdNTOyDpVhetwLUYrQPB7jZ-cFgxDpXYk0yw==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame FCD6
258 KB
116 KB
Script
General
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
U_Lb-KaRDddYdVKo6hG8754hS3T1eIbsCYLXvBVoG7ad--yahP_Sxw==
expires
Fri, 04 Oct 2024 20:08:49 GMT
prebidVid.7.16.0_15.min.js
live.primis.tech/content/prebid/ Frame FCD6
524 KB
264 KB
Script
General
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 10:11:43 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"651be8df-82f55"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
8SKynpvRUyGUZNcrFYBkZT79PBp40sIVpAcEcOOb5-w5rqziajclPw==
expires
Fri, 04 Oct 2024 20:08:49 GMT
liveVideo.php
live.primis.tech/live/ Frame FCD6
674 KB
266 KB
Script
General
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696536529&pubUrl=https://gofile.io/d/ZiHCDR&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696536529&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c5ff5e3e3f2157cd240b9a842e5e43d167ffeea15d05dd9ea264c45a452015b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
CK0EHP24EDpeJgvYvL1H_PoKXDbXHtGXI9s7kwlfa9aKj6hF201Klw==
country
api.btloader.com/
16 B
132 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=hOZQfhdpL&w=5912996595892224&o=5714937848528896&cv=2.1.19-1-g9747148&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&sid=35UWZw8pE&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
5a7eb69255f71a8256c6abdb3a83fd7e46ca7cd228963a8
fronttoad.com/submit/54930e9/
284 B
311 B
Fetch
General
Full URL
https://fronttoad.com/submit/54930e9/5a7eb69255f71a8256c6abdb3a83fd7e46ca7cd228963a8
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/chunks/029ae2/98256b2ed8ae3a727d89d869910297e3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
f0a1d0a11ea13887cbc2fa43b9daefb0b16731fdf4a5b012e2dc323a49ee5b8d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-asia-east1-spot-377m
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 05 Oct 2023 20:08:48 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 008C
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=116145
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 05 Oct 2023 20:08:49 GMT
expires
Sat, 07 Oct 2023 04:24:34 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
auction
s2s.t13.io/openrtb2/
1 KB
539 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
9ba2664a8a4b98b34e230d73f566d6b97afcd9fe92eba7b6a94cf0c9e631857b

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.129.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
480
expires
0
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.229.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-229-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/
53 B
129 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
a77eedb6eb438ddc560f52f96c9a9bca9f35da6ed872b9d9c265034151e5480b

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/
0
0

pbjs
htlb.casalemedia.com/openrtb/
37 B
309 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a67c896a8803c00331ea22397fc0c04865fd35226a74b04f4e5724e660af26

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtQdnbkrBNcYcFUu3Xn087YMog4dhE3SY6Mui%2BzgNJflKJc5xDgcbraUKyTTJVIhucoQXV9dwivP9Ns6V8q0h%2BP4NSk5SugUEqrW98Gzi6JUlV7F2QUczDmAi8DVW14yk%2BurJ6Xp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81184c7f0cfb3e20-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=42327443572&lsavail=1&bundle=nqI_Ul9JVEZZJTJGTDlHQ1QlMkJRVDRjRHQ4ekJlUnF6YU1ZcmtGWm9wOUZ2OXNUTU1WVDNLMWJYc2YxOEt5dlUlMkYxbFhOT0I1T0cyJTJGYmNLUTdlRlIxWU9jQm82NUNjRExMV1BsWnc3TDJJMlRNa2RXR2dJYVFZMUJld0RGS05VY2VYJTJCRjVIYWQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Thu, 05 Oct 2023 20:08:49 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ef70e74f71d2e92a0a13fe59363f3de9994d5567f7607bcf3ee92118ee347505

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Oct 2023 20:08:49 GMT
hbjson
grid.bidswitch.net/
0
0

b41e9168bd619fa42d3a599eaed966e26c7f171b795
fronttoad.com/4496af2d721/
3 B
27 B
Fetch
General
Full URL
https://fronttoad.com/4496af2d721/b41e9168bd619fa42d3a599eaed966e26c7f171b795
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/chunks/029ae2/98256b2ed8ae3a727d89d869910297e3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-asia-east1-spot-377m
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
ads
securepubads.g.doubleclick.net/gampad/
696 B
371 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=963623207478136&correlator=3360835302525041&eid=31077098&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=1&didk=1080524692&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696536529830&lmt=1696395415&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=353169363.1696536530&ga_sid=1696536530&ga_hid=811720749&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDllYzgxZDYwZWY1Mzk2MTYwOTFhZTI0Y2M0NTUxNmQ1MzkzODA1NGQ4Zjk4OTcxMDQxY2EwYmM3MDI4M2NmYzUYjpXUi7AxSAASGQoKcHViY2lkLm9yZxiMlNSLsDFIAFICCGQSFwoIcnRiaG91c2UYjJTUi7AxSABSAghkEhQKBW9wZW54GIuU1IuwMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YjJTUi7AxSABSAghk&dlt=1696536526525&idt=2732&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D1d4b5071-fa05-430a-9bfc-30b5087b4863%26floors_id%3Db84a3b%26floors_hour%3D20%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3Dtimeout&cust_params=fs_session_id%3D5e1263fd-1748-4c28-b5b5-d3284af6f076%26fs_pageview_id%3D355f278000d617cc7dad9667b12a7fed%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D3%26fs_clientservermask%3D12012233121303100211%26fs_testgroup%3Doptimised&adks=780808840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d471e2bc4e5a5548d0417a859e551d65bcb53f64c37800f8f2054e938db77ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
340
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f4b9474b6007c04abee7de8fde135ceb124539938e41141817486c93205c290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12090
x-xss-protection
0
container.html
750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E914
0
0
Document
General
Full URL
https://750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 20:08:50 GMT
expires
Fri, 04 Oct 2024 20:08:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
qsearch-a.akamaihd.net/
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=c1003a77-153c-4a56-b23a-855ec70ca06b&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=gofile.io&requrl=https://gofile.io/d/ZiHCDR&istop=true&event=client_timeout&value=1&rd=414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.162 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 20:08:50 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 05 Oct 2023 20:08:50 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Oct 2023 20:08:50 GMT
474
a.ad.gt/api/v1/u/matches/
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc5c9b4b3db774eecacd3f2762c3fff6693c76395aee86e5aa4ed297f11e8fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 20:06:41 GMT
server
cloudflare
age
129
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
81184c810ed66003-SIN
pd
google-bidout-d.openx.net/w/1.0/ Frame 0821
0
0
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
306
content-type
text/html
date
Thu, 05 Oct 2023 20:08:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:40:04 GMT
content-encoding
gzip
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1726
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
rItavy0HSEUE82EbTMU76qP4s_HpRogPev4VcaEU-vTJlTLg9IHivA==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 20:08:50 GMT
syncframe
gum.criteo.com/ Frame C9E1
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 20:08:49 GMT
server
Kestrel
server-processing-duration-in-ticks
277810
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Oct 2023 20:08:50 GMT
474
p.ad.gt/api/v1/p/
40 KB
12 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbe39ee1ed0d1eb09b19f18ec8edb663f3d45cc38c8d4d27fb5dd1f833b3090

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 20:06:00 GMT
server
cloudflare
age
170
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81184c818bb93d7a-SIN
halo_match
ids.ad.gt/api/v1/
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c818f6e4096-SIN
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001696536530-6T6NT261-6XG4%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=2185375866101279786&gdpr=0
43 B
118 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=2185375866101279786&gdpr=0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c85dac24096-SIN
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
an-x-request-uuid
236e0c35-d7ff-480c-81fa-d5e53b2ddb6c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001696536530-6T6NT261-6XG4&adnxs_id=2185375866101279786&gdpr=0
x-proxy-origin
103.254.153.225; 103.254.153.225; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001696536530-6T6NT261-6XG4&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=583af889-58e8-4006-8360-30b2a7f6be01&id=AU1D-0100-001696536530-6T6NT261-6XG4
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=583af889-58e8-4006-8360-30b2a7f6be01&id=AU1D-0100-001696536530-6T6NT261-6XG4
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c818f714096-SIN
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=583af889-58e8-4006-8360-30b2a7f6be01&id=AU1D-0100-001696536530-6T6NT261-6XG4
date
Thu, 05 Oct 2023 20:08:50 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001696536530-6T6NT261-6XG4
  • https://ids.ad.gt/api/v1/pbm_match?pbm=D7F99F16-28C3-4BB5-B805-B713CC237F63&id=AU1D-0100-001696536530-6T6NT261-6XG4
43 B
113 B
Image
General
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=D7F99F16-28C3-4BB5-B805-B713CC237F63&id=AU1D-0100-001696536530-6T6NT261-6XG4
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c818f734096-SIN
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=D7F99F16-28C3-4BB5-B805-B713CC237F63&id=AU1D-0100-001696536530-6T6NT261-6XG4
date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/
0
693 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001696536530-6T6NT261-6XG4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001696536530-6T6NT261-6XG4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001696536530...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001696536530-6T6NT261-6XG4&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001696...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=583af889-58e8-4006-8360-30b2a7f6be01&ttd_puid=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&tapad_id=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&tapad_id=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c82b8a54096-SIN
content-length
43
content-type
image/gif

Redirect headers

date
Thu, 05 Oct 2023 20:08:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&tapad_id=340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001696536530-6T6NT261-6XG4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001696536530-6T6NT261-6XG4&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&google_gid=CAESENFenwfdoaDKW7Dq9knWSqs&google_cver=1&google_ula=450542624,0
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&google_gid=CAESENFenwfdoaDKW7Dq9knWSqs&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c818f724096-SIN
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&google_gid=CAESENFenwfdoaDKW7Dq9knWSqs&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001696536530-6T6NT261-6XG4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY5NjUzNjUzMC02VDZOVDI2MS02WEc0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY5NjUzNjUzMC02VDZOVDI2MS02WEc0
Protocol
H3
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY5NjUzNjUzMC02VDZOVDI2MS02WEc0
date
Thu, 05 Oct 2023 20:08:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c818f704096-SIN
content-type
text/html; charset=utf-8
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=4dd452ec-2ef3-4c73-a5fa-20383878768c&gdpr=0
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=4dd452ec-2ef3-4c73-a5fa-20383878768c&gdpr=0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c863b014096-SIN
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 20:08:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-93
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001696536530-6T6NT261-6XG4&uid=4dd452ec-2ef3-4c73-a5fa-20383878768c&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cm
trc.taboola.com/sg/audigent/1/
43 B
416 B
Image
General
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001696536530-6T6NT261-6XG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
36
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
33185
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-maa10243-MAA
pragma
no-cache
server
nginx
x-timer
S1696536531.545373,VS0,VE36
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ip_match
ids.ad.gt/api/v1/
0
185 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001696536530-6T6NT261-6XG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c819f7e4096-SIN
content-type
text/html; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D366
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
5587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 18:35:43 GMT
expires
Fri, 04 Oct 2024 18:35:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EE9
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x5UWaToVdtrmxCb1Md-PCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-x5UWaToVdtrmxCb1Md-PCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 20:08:50 GMT
expires
Thu, 05 Oct 2023 20:08:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
analytics.min.js
a.pub.network/core/analytics/1.2.5/
13 KB
5 KB
Script
General
Full URL
https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/11f9a29b0732b93aedd323a9060658d0bb5dbc8f/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4323
x-guploader-uploadid
ADPycdsTnMaFyrgKIVwNDBoOR-a53pk1cJY0CAb3AZi4eNmgmUOr93nD78r8MjTlDWtpNcUFN7x8XuSffaDtYtNl-HbHhB1CnkCK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 04 Oct 2023 16:03:51 GMT
server
cloudflare
etag
W/"defe674f4bb712938099078798b0a1bc"
vary
Accept-Encoding
x-goog-generation
1696435431727744
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JGNbPw==, md5=3v5nT0u3EpOAmQeHmLChvA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13192
cf-ray
81184c817ea4919f-SIN
expires
Thu, 05 Oct 2023 21:08:50 GMT
pixel;r=1102824691;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimi...
pixel.quantserve.com/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1102824691;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimited%20file%20storage%2Ckeywords.secure%20file%20sharing%2Ckeywords.secure%20file%20storage%2Ckeywords.large%20file%20sharing%2Ckeywords.large%20file%20storage%2Ckeywords.video%20file%20sharing%2Ckeywords.image%20file%20sharing%2Ckeywords.audio%20file%20sharing%2Ckeywords.cdn%2Ckeywords.direct%20link%2Ckeywords.file%20hosting%2Ctitle.Gofile%20-%20Your%20all-in-one%20storage%20solution;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR;uht=2;fpan=1;fpa=P0-183659241-1696536530067;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=gofile.io;dst=0;et=1696536530175;tzo=-480;ogl=title.Gofile%20-%20Your%20all-in-one%20storage%20solution%2Cdescription.Gofile%20offers%20a%20range%20of%20solutions%20related%20to%20storage%252C%20distribution%252C%20and%20data%20ma%2Cimage.%2Fdist%2Fimg%2Flogo-small-og%252Epng%2Ctype.website;ses=9eb420d1-50e3-4c59-9e32-9800a3f86f4b;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 20:03:34 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 05 Oct 2023 22:03:34 GMT
collect
a.ad.gt/api/v1/
0
157 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
cf-ray
81184c81bf4c40b9-SIN
getpixels
pixels.ad.gt/api/v1/
0
108 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=f3b3e1835b32fedaef5f0ed2ff710a52&url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81184c8249624104-SIN
content-type
text/html; charset=utf-8
primisslate.css
live.primis.tech/content/video/css/
18 KB
7 KB
Stylesheet
General
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:42 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
etag
W/"647db3ee-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
b-chnpLrDvwo-5fVxHCiUr_DWj6OlQbQaLXeUoRChW0LpDJiuIWMTw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame FCD6
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-19.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:58:02 GMT
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront), 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:18 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-C1
age
648
x-amz-server-side-encryption
AES256
etag
W/"1e9fb8c04a3987274adf2a65103a9f65"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
WU52aIKIYaf_NlVWn2QKFjVA9A3czTPGsmLAnaKEkLoN_f_3HcLjvw==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame FCD6
92 B
922 B
XHR
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=771_1696536530256&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&ref=gofile.io
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-12.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
325ad6583be91477c31f4f95f5331e2e0a9cbefd92b259c5d37452a0b4731d31

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://gofile.io
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
zh8lyfmdx-zCsTm5Rd8K9g9Jj40kjZnIOCRVMopkMrvBJi3_P3TyKg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsr...
43 B
956 B
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsrnd=341_1696536530258&vrref=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&jsver=5.09&ckls=true&ci=X4cJ2qOf96&nc=false&trid=1848517706
Protocol
H2
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
XjCex-vzQyEKhjzgdcoPz_k4ajt_SZv0J2EVb8HpDsl-OSy1f4_Pdw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=292756&iiqidtype=2&iiqpcid=27857830-64bd-460a-b84f-02b99ede1ebd&iiqpciddate=1696536530256&tsrnd=341_1696536530258&vrref=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&jsver=5.09&ckls=true&ci=X4cJ2qOf96&nc=false&trid=1848517706
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
um9mC5jXHkLDocElYj-vy8zw5fnvZT3eH6iaJTiek-wmat_YRgxV2A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
962 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Oct 2023 20:54:02 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:24:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
2665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Oct 2023 20:24:25 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FCD6
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-19.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
date
Thu, 05 Oct 2023 16:26:49 GMT
x-amz-cf-pop
SIN2-C1
age
13322
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9IO-JAjXwo5GtpttIqTu_8WbEM0v2dd9DCFABq4Quoqjcqfov-l33A==
event
plausible.gofile.io/api/
2 B
191 B
XHR
General
Full URL
https://plausible.gofile.io/api/event
Requested by
Host: plausible.gofile.io
URL: https://plausible.gofile.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
server
Cowboy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
F4tO_II3p0jNhOAF0Sem
css
fonts.googleapis.com/
2 KB
994 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 19:02:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 20:08:50 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C016
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=116144
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 05 Oct 2023 20:08:50 GMT
expires
Sat, 07 Oct 2023 04:24:34 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FDB9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
0
0
Document
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Oct 2023 20:08:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
x-amz-cf-id
QIYL4XdFoBIBxo7Na0fXz3MM5qQS5qP5PpU3aDlRCTN6LUjkpFpXRg==
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 20:08:49 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc683478-4e8f-4cc6-a880-f28d8202c5e8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
x-amz-cf-id
aMG2Gl6BgrkbiAIVw6KAzCI7KYYq7H1kq1XKwsCNlm12leQioxSmzA==
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame FCD6
38 KB
7 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2NlUlRaZcZGViXmVzMzE3NwqyNTxlY2E3ODY3NwYlMmpyMxZ2nWQ2NTE2MDQ0MDuzNGRwNwt2NmMkNDI0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STVNnyxmTDNnpFcHVaZYryZgTW1FM05dZGkOVGg5WTJFM09EWTNOnyy5TXcwqzRgoGgOnyV4TzcBME5EQTRnnyJeWXcZNE5dY3cNVFF5TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UWTBOVE15TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TzcZME9UnmBNQXA5Lwp3VzE4pERCLTFQUWZQS0ufSx1dZWx1nTVxMxRxqaNkT1ukoF9QWyNhT0EzqzyxX2NioaRyoaRsnWQ9MmY4MTYlNvZ2nWRsY29hqGVhqF9xZXNwPTEjK0yhqGVhp2UeQ2FlK0NbYXNyplgDYXVanHQeo24eTGy2ZSgUVvZ2nWRsY29hqGVhqF90nXRfZT0kMCgJoaRyoaNyK0NupvgDnGFmZXMeQ2F1Z2u0K29hK0kcqzUeVFYzqzyxX2NioaRyoaRsZHVlYXRco249NTp0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTU3Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZnnUuDRFIzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmAmNTVGMmImMmqEN0I3MmMkMmpmMwM2MmAmODMmMmA3RDqCNDMmMwM0Mmp3RDqCNTM1QTMlMmx2RDYkNTp3ODZDNEM2RDZDNmY3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImNmMlN0Q3QwY2MmE3RDqCNEMmNmM3MmQmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWzyIQ0RSJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT0kLwI5MwxzZ2ViTG9hZm0kMDMhODU0NlZ1p2VlSXBBZGRlPTIjMDEyM0FxZwEyM0E4MDAyM0FuMDA0JTNBMSUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNl4jLwU5MmthMTQ5K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1MwMyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1MWYkN2QkNzQ3NDQzY2J1p3Rypw0kNwx2NTM2NTMjNwAm
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7e0c7f29770b6000efdcb5be6d6c7b42a06ece7c89dd6ac4aa42be824e54efbb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://gofile.io
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
6866
x-amz-cf-id
-Z99NYkH4HFMPYnNR1N6ml8T03nIx1hyz584yGrLul0l-0IlciNL-A==
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/
3 KB
4 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.14.202 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
fc69282ae63ed9cd1848c8ad66e75bede222821420e2f2cf53e93a2b35a0714f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 56d3604ac04bb426a5e942749eccab1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4
x-amz-server-side-encryption
AES256
content-length
3281
last-modified
Thu, 28 Sep 2023 23:31:07 GMT
server
Tengine
etag
"1d15279b80a3d0ed54624d901a8f4472"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
rGYI1sPKM8eqwFxIn1FerRPiqswQTVedMqFOBI19fsdpYKvFBRxJ7w==
expires
Sat, 07 Oct 2023 20:08:51 GMT
liveView.php
live.primis.tech/live/
0
420 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY5NwUmNwUlOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE2NDI1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPWqiZzyfZS5colZmqWJJZD1ao2ZcoGUhnW8zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMDM1NUYmMwMmN0Q3QwpmMmEmNmMlMmYmMDM4MmMmMDqEN0I0MmMlMmQmNmqEN0I1MmVBMmImOTZENwE1Nmp4NxM0QmZENxM3NwqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwM3MmI3RDqCNwYmMTqEN0I0QmM3MmpmNDM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0FxZwEyM0E4MDAyM0FuMDA0JTNBMSUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE3LwAhNTxmOC4kNDxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1MWYkN2QkNzQ3NDQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY5NwUmNwUmMDU4NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTFzMTqxMWMkNWFwJaB1YyVloD1bqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZnnUuDRFIzZzkiYXRTqGF0qXM9qHJ1ZSZynWRmpD1cnXEzpHucZD0kOTMkNDtkNDE3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
alX7OjwSzMeQ10cRjULQr431GZ0CsQqWuEvG7Fk84WNS8fV5V-J8qQ==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame FCD6
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.116425,adsize.400x272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:36b5:1576:d999:6e52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=70ef792d-d3ce-4971-a6fb-90c22f284aa4&google_hm=NzBlZjc5MmQtZDNjZS00OTcxLWE2ZmItOTBjMjJmMjg0YWE0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELaQHiSQ3uTnY_4fkLlOzjU&google_cver=1&ssp=sekindo&bsw_param=70ef792d-d3ce-4971-a6fb-90c22f284aa4
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=70ef792d-d3ce-4971-a6fb-90c22f284aa4
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=70ef792d-d3ce-4971-a6fb-90c22f284aa4
43 B
860 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=70ef792d-d3ce-4971-a6fb-90c22f284aa4
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Ec8_vVASDQ4SGc2cQSss3aAK_IPjPKsVrY07TyLeMg5EnYepPtgOYQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=70ef792d-d3ce-4971-a6fb-90c22f284aa4
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
EKXrttTsN54s_uwuSP3eX6zxF2qIudUiZiEKsdNdjmeAMsw3X1bVBg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=be7f4b2a-328e-45d7-9211-c03ef2f3b565&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=be7f4b2a-328e-45d7-9211-c03ef2f3b565
43 B
862 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=be7f4b2a-328e-45d7-9211-c03ef2f3b565
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
tTwiGv_lOyFlSUxqrWC_WvC0d71o6SgEGUmGFPPH3A2QXw-6XijXmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=be7f4b2a-328e-45d7-9211-c03ef2f3b565
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
Z9_vqD8V4vQKCVkQUae3F4XH1tZCEE6rhGPZtFMS47I2jpfwe-ZZVA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZR8X0teuRgrNhD0ipkAKuAAA%264872
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZR8X0teuRgrNhD0ipkAKuAAA%264872
43 B
846 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZR8X0teuRgrNhD0ipkAKuAAA%264872
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
EDlGAEdWzzAzsIsWi7JIb2zilIYCQVWBg01kDmup3PGmo0IQ1kOe-A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZR8X0teuRgrNhD0ipkAKuAAA%264872
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
mUgMNfX4DaqqmM0lqdJnYeHH-2w01GPwjcuuwvzpo7UOP3DquXYtuA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3302578187677489789942
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3302578187677489789942
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3302578187677489789942
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
8hHKa_V5e7N-5qbfpfi0AfFYKF6SDVFmru50nw2RIQ9IYNF_YvvuHg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3302578187677489789942
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
SgxGXEuMpZcVvIkFVhaBMpUONw0UIuEhRcof52J0PVORZm5bE7oW2A==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNDM1OMP-F-I6RE&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNDM1OMP-F-I6RE
43 B
859 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNDM1OMP-F-I6RE
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
75hyNN47tVp94hSawGnDq7D-NpWoa_tAq_YDgCge302hEITuDgWwvA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:49 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNDM1OMP-F-I6RE
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
3aDMdDSw_XlEFHpqeeM8UB1HbBICK8GdJeZs_aTegYbq02bp13E37w==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A
43 B
860 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
jYjz2IKDjztpQLG0uBqiRs98Cf_yEUw2HlkPNxRy3ehaZWshNXZetA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-jmYQ6PhE2uKO84K0uILP62cGrU3KfuX5~A
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
MLRWLnZUCM8GMaop0TAQlbFHYukE5mXxdigOodt_bpzxGq3TY97SSw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=eff0ea9d44bb4ab58202cd846007a3bd
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=eff0ea9d44bb4ab58202cd846007a3bd
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=eff0ea9d44bb4ab58202cd846007a3bd
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
-F0nmunVXFTSlB8OxgvOgffLtAg0GiYv8aGVeaEcApBaJHWhwA5pUQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=eff0ea9d44bb4ab58202cd846007a3bd
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
I2objRY-1KbA--0i15mVyno5McSJRq_eQpgoJp6NCjRSpuBCxmsgRA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=651f17d16d744&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3395381303878598000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3395381303878598000V10
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3395381303878598000V10
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
jFM1gmlm9TaNTQjIxg3uw7WwP2QRRs3-oI5fzwi8vdrOiWMTaIlJAg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3395381303878598000V10
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
Z0XUhWkYFgeJTz2XUbXqZ78WHCjNr2dTAvM9XhXro6jvtRGpzJvxEQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=Hb9YCLZH0_bvlMTmTSWmVQ38
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=Hb9YCLZH0_bvlMTmTSWmVQ38
43 B
862 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=Hb9YCLZH0_bvlMTmTSWmVQ38
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
eTn0jUKdhEGw2YB4-ogBB7gWpEYXwDqOrZB7pNFsUQVDHQSltM9K6g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=Hb9YCLZH0_bvlMTmTSWmVQ38
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
2znIcFXrugjSjbPZmPDYCd52dD7_d6bWa_d-VCliYh5DyI-Q-dTy9Q==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=80cfa0a6b184dc70f121e22131bda45&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=80cfa0a6b184dc70f121e22131bda45
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=80cfa0a6b184dc70f121e22131bda45
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IHtIAE3p4JwGjJDICBdCLIVe6sZ8Afp0Yg0iIABbfmuCH8CUrEnuhw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=80cfa0a6b184dc70f121e22131bda45
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
FPb5eCVW15_nFiiDnHkIoK-pQcq3L4KZuS3Cu1ySFqV8rQHpQqieiw==
3613a31b6329d1c17d5663d05b080db1.gif
cs.admanmedia.com/ Frame FCD6
0
176 B
Image
General
Full URL
https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 20:08:51 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5428600111576897721
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5428600111576897721
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5428600111576897721
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
P_ngV-Q3LjTeHur9mnHkUQYLSMpcx903lqS3FRsVIUIUaDFjI38c7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5428600111576897721
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
Iw_7p_ToKyYdsPkg-KU6nPDRpXxobQAAnOwuexO7WVmOpY6X41OAuA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=143&advUuid=1523387845767905064
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=1523387845767905064
0
0

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=963d0d59-b396-4c78-9403-c3eb1aa2878f&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=963d0d59-b396-4c78-9403-c3eb1aa2878f
43 B
862 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=963d0d59-b396-4c78-9403-c3eb1aa2878f
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
KpmXNfKXPde0pIqXwraYAJRClyK5V6ItELc7WCPDuvfzgUut93-Q4Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=963d0d59-b396-4c78-9403-c3eb1aa2878f
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
wbsiDFgrxhPWfNGusCN9ekKz4FN_Om4wWaeYXdBC19mkjsU3wIo0_g==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FCD6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1696536531363
  • https://ad.turn.com/r/cs?pid=45&rndcb=5262742273
  • https://sync.1rx.io/usersync/turn/8238491717649052519?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-c2...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
43 B
861 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
Protocol
H3
Server
18.155.68.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-15.sin52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
RdLYbXdkAIn-whzMFt6p5RFtviEjP8kG6DY0m48wE5i3SMlV6S90_g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
eCsJjwS0_LDqytTOC7vkXcJrlsz-jgBODYU6FbqwiEdvGYCwqLa4Dg==
vid651604408f4dc686731424.jpg
video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/
28 KB
28 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.jpg?cbuster=1695941711
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.14.202 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
3b9d15ec8bed2ae077bd7b43fde043331beb080891a4a65ded0066f89968f64b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Sat, 07 Oct 2023 20:08:51 GMT
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 f7aef728fd226cb808d34cb93114336c.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 23:10:14 GMT
server
Tengine
x-amz-cf-pop
SFO5-P1
etag
"62667cc1038d55499ab7386710817b5d"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
content-length
28651
x-amz-cf-id
QxHruw3QJYSFHYaPVvRIz6t44UygcJJ1JOrh_oGQ9T4z5h-QDVqUQg==
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gofile.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:48:26 GMT
x-content-type-options
nosniff
age
1224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 19:48:26 GMT
liveView.php
live.primis.tech/live/ Frame FCD6
21 KB
6 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2NlUlRaZcZGViXmVzMzE3NwqyNTxlY2E3ODY3NwYlMmpyMxZ2nWQ2NTE2MDQ0MDuzNGRwNwt2NmMkNDI0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STVNnyxmTDNnpFcHVaZYryZgTW1FM05dZGkOVGg5WTJFM09EWTNOnyy5TXcwqzRgoGgOnyV4TzcBME5EQTRnnyJeWXcZNE5dY3cNVFF5TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UWTBOVE15TURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TzcZME9UnmBNQXA5Lwp3VzE4pERCLTFQUWZQS0ufSx1dZWx1nTVxMxRxqaNkT1ukoF9QWyNhT0EzqzyxX2NioaRyoaRsnWQ9MmY4MTYlNvZ2nWRsY29hqGVhqF9xZXNwPTEjK0yhqGVhp2UeQ2FlK0NbYXNyplgDYXVanHQeo24eTGy2ZSgUVvZ2nWRsY29hqGVhqF90nXRfZT0kMCgJoaRyoaNyK0NupvgDnGFmZXMeQ2F1Z2u0K29hK0kcqzUeVFYzqzyxX2NioaRyoaRsZHVlYXRco249NTp0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTU3Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZnnUuDRFIzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmAmNTVGMmImMmqEN0I3MmMkMmpmMwM2MmAmODMmMmA3RDqCNDMmMwM0Mmp3RDqCNTM1QTMlMmx2RDYkNTp3ODZDNEM2RDZDNmY3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImNmMlN0Q3QwY2MmE3RDqCNEMmNmM3MmQmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWzyIQ0RSJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT0kLwI5MwxzZ2ViTG9hZm0kMDMhODU0NlZ1p2VlSXBBZGRlPTIjMDEyM0FxZwEyM0E4MDAyM0FuMDA0JTNBMSUmQSUmQTQzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNl4jLwU5MmthMTQ5K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1MwMyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1MWYkN2QkNzQ3NDQzY2J1p3Rypw0kNwx2NTM2NTMjNwQm
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
027cccfda0c1e7c5c8750153c5d45d19e2ec74b78ad9e104aeffc0754adb4a1f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:50 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://gofile.io
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5689
x-amz-cf-id
oS5DltNnGYL282jEIISRUSsr751z2QtJ4X54OTX4GncOMPb3MdXudQ==
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5043cd6f4665d3d04578fd490e7d57f3cfd103c72213ee3287b61996a0755194

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:50 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 05 Oct 2023 20:08:50 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
sync
eb2.3lift.com/ Frame D36E
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26...
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1439
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 20:08:50 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 05 Oct 2023 20:08:50 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
liveInternalSsp.php
rtb.primis.tech/live/ Frame FCD6
25 B
484 B
XHR
General
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Afalse%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E0MDAyMxMyMwJbZWyanHQyMwIyM0ElMwUyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMzyjJTIlJTNBJTIlMwAjMSUmQWRzMSUmQTtjMCUmQWEjMDQyM0EkJTNBJTNBNCUlMvUlQlUlMzqyo0yxJTIlJTNBMwQ3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlU0pyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTE3LwAhNTxmOC4kNDxyMwBTYWZupzxyMxY1MmphMmYyMwIyMxMyMwJfYXQyMwIyM0EyMwIkLwI5MwxyMwIyMxMyMwJfo24yMwIyM0EyMwIkMDMhODU0NlUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWzyIQ0RSJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQTAyMxMyMwJupHBWZXJmnW9hJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJlZXIyMwIyM0EyMwJbqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZnnUuDRFIyMwIyMxMyMwJjYWqyJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWzyIQ0RSJTIlJTJDJTIlZ2RjpvUlMvUmQTAyMxMyMwJaZHBlQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzymV2VQYXNmR2RjpvUlMvUmQSUlMwEyMwIyMxMyMwJwY3BuJTIlJTNBMCUlQlUlMzNwpGFDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlZG9gYWyhJTIlJTNBJTIlZ29znWkyLzyiJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2NTFzMTqxMTZxNmQ0JTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTqCJTIlp291pzNyJTIlJTNBJTIlY3J3ZGNhqHJfLz5yqCUlMvUlQlUlMaVcZHMyMwIyM0EyNUIyN0IyMwJcZCUlMvUmQSUlMwyyYmtkZDYjZWY1Mmx2MTYjOTFuZTI0Y2M0NTUkNzQ1MmxmODA1NGQ4Zwx4OTpkMDQkY2EjYzM3MDI4M2NzYmUyMwIyMxMyMwJuqHyjZSUlMvUmQTEyN0QyNUQyN0QyMxMyN0IyMwJmo3VlY2UyMwIyM0EyMwJjqWJwnWQho3JaJTIlJTJDJTIlqWyxplUlMvUmQSU1QvU3QvUlMzyxJTIlJTNBJTIlYwZuODNxNTIgYWEjNC00YmQ0LTxjZTAgMmp2YTA1OTFxYTp2JTIlJTJDJTIlYXR5pGUyMwIyM0EkJTqEJTVEJTqEJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMTY0MwUyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTI3OTp1JTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJzpzVyp3Rupv5wo20yMwIyMxMyMwJmnWQyMwIyM0EyMwIkNTImJTIlJTJDJTIlnHAyMwIyM0EkJTqEJTJDJTqCJTIlYXNcJTIlJTNBJTIlpHJcoWymLaRyY2tyMwIyMxMyMwJmnWQyMwIyM0EyMwIlNmx3NSUlMvUlQlUlMzujJTIlJTNBMSU3RCU1RCU3RCUlQlUlMaJyZ2yiovUlMvUmQSUlMxyOJTIlJTJDJTIlY2FgpGFcZ25mJTIlJTNBJTqCJTIlODUlNmMyMwIyM0EyN0IyMwJ0pzFwn2VlJTIlJTNBJTIlY2FgpGFcZ25GpzVkQ2FjJTNEMCUlNTJGMCUlNzNuoXBunWqhSWQyM0Q4NTI3MlUlNaNjYWNyMxFxSWQyM0QkNmI2MDQ3NCUlMvUlQlUlMaBlZWJcZE5mp3BJozRyrCUlMvUmQTAyMxMyMwJmpGFwZTJBZEyxJTIlJTNBJTIlMTplNwA0NmQyMwIyMxMyMwJxZWFfJTIlJTNBJTqCJTIlnXNSqGJEZWFfJTIlJTNBMCUlQlUlMaJ0YxRyYWkJZCUlMvUmQSUlMvUlMvUlQlUlMaJ0YyNyYXRJZCUlMvUmQSUlMvUlMvU3RCUlQlUlMaJ0YyqTZWF0JTIlJTNBJTIlJTIlJTJDJTIlY2FgpGFcZ25JZCUlMvUmQTt1MwpmJTJDJTIlY2FgpGFcZ25TY29jZSUlMvUmQSUlMaB1YzkcYlUlMvUlQlUlMzyhqGVlozFfQaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJynWROYW1yJTIlJTNBJTIlnW5xZXuyrGNbYW5aZS5wo20yMwIyMxMyMwJuZFVmZXJJZCUlMvUmQTI5NDMjJTJDJTIlYzNuqCUlMvUmQSUlMvUlMvUlQlUlMzJup2VGoG9ipvUlMvUmQTAhNlUlQlUlMzV4qCUlMvUmQSU3QvUlMaBupaRhZXIyMwIyM0EyMwI5OSUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvUlQlUlMzVhZHBinW50LXVmLWVup3QyMwIyM0EyMwJjpzygnXMgqXMgZWFmqC5fYv5cozRyrHq3LzNioSUlRz9jZW5lqGIyM0ZmJTNEOTYjMwYjJTIlJTJDJTIlZW5xpG9coaQgqXMgq2VmqCUlMvUmQSUlMaBlnW1cpl11pl13ZXN0LzkvLzyhZGV4q3phY29gJTJGo3ByoaJ0YvUmRaMyM0Q5NwAlNwAyMwIyMxMyMwJyozRjo2yhqC1yqSUlMvUmQSUlMaBlnW1cpl1yqS5fYv5cozRyrHq3LzNioSUlRz9jZW5lqGIyM0ZmJTNEOTYjMwYjJTIlJTJDJTIlZW5xpG9coaQgYXBuYlUlMvUmQSUlMaBlnW1cpl1upGFwLzkvLzyhZGV4q3phY29gJTJGo3ByoaJ0YvUmRaMyM0Q5NwAlNwAyMwIyMxMyMwJmnXRySWQyMwIyM0EyMwI5NwAlNwAyMwIyN0QyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBMSUlQlUlMzJcZGZfo29lJTIlJTNBMC43JTJDJTIlnXNGo3JwZUyhp3RlZWFgJTIlJTNBZzFfp2UyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMzZlZWVmqGFlLzNioSUlMvUlQlUlMaNcZCUlMvUmQSUlMwE1MwMyMwIyMxMyMwJbpCUlMvUmQTEyN0QyMxMyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwI3OTp1JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMaZcZGViUGkwoXRUrXByJTIlJTNBMvU3RCU3RCUlQlUlMaBfYWNyoWVhqENuqCUlMvUmQSU1QvUlMxyBQwE5JTIlJTVEJTJDJTIlqzyxZW9QoGNgqFR5pGUyMwIyM0ElJTJDJTIlpGkurWJuY2ggZXRbo2QyMwIyM0EyNUI2JTVEJTJDJTIlZ3BcZCUlMvUmQSUlMvUlRyBSTSUlRwEkNwQlNSUlRzqiZzyfZV9colUlMvUlQlUlMz5uqzyaYXRipxkuozq1YWqyJTIlJTNBJTIlZW4yMwIyMxMyMwJjYWqyY2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMS03JTIlJTVEJTqE%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:9800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
content-encoding
gzip
via
1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gofile.io
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
MiA7CspHylK9NYCdZ7pDa3_G4yMqLyCVxxqpStpNqLzvqmSXtMwR3Q==
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=963623207478136&bg=!GBulG1TNAAbjlzx0w5c7ADQBe5WfODl0aMooyTbEaukC7maD5HJHBjeRE0YZaHzoYa0V8UP2ynuHvSzTWKh4Z8XyN4KkAgAAAFlSAAAABmgBBwoAUk4fhZ8tPFUhv_ofLCEATJzZoQ05e5RVsi3yrgTUoIPpcSumePsUeWZujNR2yJpkJ8BFyIcvi1MvoRsBUfvX4wXHnJVMYLad3JJDq3maS4shgn-ZAwtAXuVdJJHahaaIXUAA2IDa1DHjCs3H1I0hVj1R0-xfm_4m2byiF36-IuSsLFrniHk99QMy2Wfi_Q-v8hg5UJsTjvze3IXh1T0PWxEVub2iklMSUCzZD4Rb8iVyhn7UmIJ5R7mAgZH5DDTouaomiIaKj2GbeILKgNsCvzjUQujGEDD23CNm3t-qQkPiY8DCzhdsodhtBDKZE-d8UD9APKxNerRUOUDGSmQlUPIxbc0Y6agcdggTHTooLjBYuOw3cRpCOd8GibCD5lJt5gozJm9bzZ84NHJOoZf3jNdSZf8VZBbtzRgGIDHtoUMfk1JTD4X2ru914TRsPOuZ59amH33dDrqVVyC6vjFb_6znyiH2LLGV5PmQjI5BLt11MARmHh8r0wb1lltjSH13BNSLV_ARLSD6uMq7D9VbhPYGKgPjuCmEZdpXMJtN82h6ybcDUkpwHcv3xiBlWPn911T_raIeBrkFkFU3cHCdP-ofDNNiZ5bwcULW9e-caD0NDFvYnsdSjZ525fRI0vaCOrZsvE2GC0EFKSK9mOm-622jJDZaTdl09bjx085QEt2UynaK4umkDkXEL7PSnko5fo08S1MZHxUd4PhceTH0GPE58zfLN1064vEtekz_iuVhZKNxwZA1iuq58bYOrSZ0JzOYfeo872KI7EFiYoaKgyDtQPzR9wTATNypPvEkQioQ4yVvngbYGh6NelNu8cjGy6ONNQGTAH3RJC5T8qZHTaZnj-8Lg0Q7iJ8yGjOjD9QLp8e52iV7q1pviSGt9aCNQJ3KahU2ROYGAT9Hk5veCchRxzuIP-BsqXEHItzgBAXRs_USwjOZGYznti46EmcByF9RDvbseVkR3FtPYY35NKqAP-H4tB1qKgmscQbCO7k3ubInq2Io-ayOOdRboIRnTmHMDGBue76fCSwBqhHR5TMmVAzlkecw7AvyDTJkDetW2x_Bmy3dZodA-AJWH2pE3ApfPKboA8keD44A76XHTLJtoSDtn1HEAFLmfSA5_7V7G0wYhTh61GgDavLw5aIAZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f...
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3eIWuCI00HIVo7sj6BSy&gdpr=&gdpr_consent=&us_privacy=
86 B
115 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3eIWuCI00HIVo7sj6BSy&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:52 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3eIWuCI00HIVo7sj6BSy&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 05 Oct 2023 20:08:51 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5043cd6f4665d3d04578fd490e7d57f3cfd103c72213ee3287b61996a0755194

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ads
securepubads.g.doubleclick.net/gampad/
382 B
168 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=963623207478136&correlator=3360835302525041&eid=31077098&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=2&didk=1080524692&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D35da2f1661a34c94%3AT%3D1696536530%3ART%3D1696536530%3AS%3DALNI_MZmwk6oNjf26cfNQ6lrpP-TFe3-vw&gpic=UID%3D00000c58ba08082d%3AT%3D1696536530%3ART%3D1696536530%3AS%3DALNI_MYh8F0LwwhnGTiwyRcz3yY5dYm1vQ&abxe=1&dt=1696536531175&lmt=1696395415&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=353169363.1696536530&ga_sid=1696536530&ga_hid=811720749&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRixmtSLsDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAOWVjODFkNjBlZjUzOTYxNjA5MWFlMjRjYzQ1NTE2ZDUzOTM4MDU0ZDhmOTg5NzEwNDFjYTBiYzcwMjgzY2ZjNRiOldSLsDFIABIZCgpwdWJjaWQub3JnGLqa1IuwMUgAUgIIahIXCghydGJob3VzZRj6mNSLsDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pSzBkSWRHdGhkRTlUT0VzeVRUWjRSME50TWpGQlFUMDlJbjA9GISZ1IuwMUgA&dlt=1696536526525&idt=2732&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D1d4b5071-fa05-430a-9bfc-30b5087b4863%26floors_id%3Db84a3b%26floors_hour%3D20%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&cust_params=fs_session_id%3D5e1263fd-1748-4c28-b5b5-d3284af6f076%26fs_pageview_id%3D355f278000d617cc7dad9667b12a7fed%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D3%26fs_clientservermask%3D12012233121303100211%26fs_testgroup%3Doptimised&adks=780808840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc658f06a5b553b53e9e571b8f6c699b5567c541d703557c8a0f699cf066be78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/
406 KB
407 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.14.202 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
83a8b4434dcbb3aca2becebf6456694b34a9ce4daffb12dc8d824cdb4b28724f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
content-length
416232
last-modified
Fri, 29 Sep 2023 10:44:04 GMT
server
Tengine
etag
"137aa2094add24c727d0b583b19bcaf1"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
_a2Sa9gtV9HSl7n0hY9xtawxJwZviAOA493XrEi6HpgC7mvUsBA_VA==
expires
Sat, 07 Oct 2023 20:08:51 GMT
2f8a4288-12ae-42f6-b0da-a6c68871144d
https://gofile.io/
67 KB
0
Other
General
Full URL
blob:https://gofile.io/2f8a4288-12ae-42f6-b0da-a6c68871144d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FCD6
359 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30355F32337D7B7331373236303833307D7B433234377D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C373734387DFEFE&userIpAddr=2001%3Adf1%3A800%3Aa004%3A1%3A%3A4&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.149+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696536529&csuuid=651f17d16d744&debugInfo=17260830_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=0&gdprConsent=&contentFeedId=&geoLati=1.2929&geoLong=103.8547&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FZiHCDR&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Thu, 05 Oct 2023 20:08:51 GMT
vid651604408f4dc686731424.jpg
video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/
28 KB
28 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.jpg?cbuster=1695941711
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.14.202 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
3b9d15ec8bed2ae077bd7b43fde043331beb080891a4a65ded0066f89968f64b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Sat, 07 Oct 2023 20:08:51 GMT
date
Thu, 05 Oct 2023 20:08:51 GMT
via
1.1 f7aef728fd226cb808d34cb93114336c.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 23:10:14 GMT
server
Tengine
x-amz-cf-pop
SFO5-P1
etag
"62667cc1038d55499ab7386710817b5d"
x-amz-server-side-encryption
AES256
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
content-length
28651
x-amz-cf-id
QxHruw3QJYSFHYaPVvRIz6t44UygcJJ1JOrh_oGQ9T4z5h-QDVqUQg==
x-proxy-cache
HIT
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame 7948
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 19:45:49 GMT
expires
Fri, 04 Oct 2024 19:45:49 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FCD6
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 20:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 20:08:51 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 22E5
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 19:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 05 Oct 2023 20:10:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCD6
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.594.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604%2C44803785&id=ima_html5&c=3393593045429077&domain=gofile.io
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNDM1OMP-F-I6RE
86 B
115 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNDM1OMP-F-I6RE
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:52 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNDM1OMP-F-I6RE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4364210904
  • https://sync.1rx.io/usersync/tradedesk/583af889-58e8-4006-8360-30b2a7f6be01
  • https://sync.targeting.unrulymedia.com/csync/RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%...
  • https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
86 B
117 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:52 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=RX-c24e6778-f4ca-421d-a17b-7258e0aad156-004
date
Thu, 05 Oct 2023 20:08:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc24e6778f4ca421da17b7258e0aad156004
content-type
text/html
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/
384 KB
0
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651604408f4dc686731424.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.14.202 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 05 Oct 2023 20:08:52 GMT
via
1.1 88eccec4c36b443b42b3988f57d3bebe.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1
x-amz-server-side-encryption
AES256
content-length
463232
last-modified
Fri, 29 Sep 2023 10:44:04 GMT
server
Tengine
etag
"d5e08f237a0c4904043d9ad5e6671a47"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
wBD90eHnwlP4aWMKH18_cem7CAxHMDnNFnZU3OrhI3DlNro6Uf39cg==
expires
Sat, 07 Oct 2023 20:08:52 GMT
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 05 Oct 2023 20:08:52 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5043cd6f4665d3d04578fd490e7d57f3cfd103c72213ee3287b61996a0755194

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 20:08:52 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=&redir=
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=kcudvZbJyOmKz5XrlcmB78TLnr6Kx5juxJtSBale
86 B
115 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=kcudvZbJyOmKz5XrlcmB78TLnr6Kx5juxJtSBale
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:52 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 20:08:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://s2s.t13.io/setuid?bidder=quantcastfsx&gdpr=0&uid=kcudvZbJyOmKz5XrlcmB78TLnr6Kx5juxJtSBale
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pbs.gif
sync.colossusssp.com/
0
0

prebid
id5-sync.com/api/config/ Frame FCD6
0
0

envelope
api.rlcdn.com/api/identity/ Frame FCD6
0
0

rid
match.adsrvr.org/track/ Frame FCD6
108 B
730 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
6a18e8e02c00edb7ed11767f82c625467496f99f694cef50746258ba52e8d7a2

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Oct 2023 20:08:52 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 04 Nov 2023 20:08:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
grid.bidswitch.net
URL
https://grid.bidswitch.net/hbjson
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
grid.bidswitch.net
URL
https://grid.bidswitch.net/hbjson
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1697769766&3rdpcid=1523387845767905064
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 number| uidEvent object| bootstrap function| sha256 function| sha224 function| QRCode function| dayjs function| dayjs_plugin_customParseFormat function| marked function| Plyr function| Chart object| accountsObject string| accountActive string| apiServer string| contentsDir string| entryPage object| urlSplit number| sidebarCollapseLevel undefined| modal object| mainFolderObject object| pressedKeys number| random string| referrer object| uploadQueue object| contentsSelected object| lastContentSelected string| currencySelected number| premiumPriceSelected boolean| freestarScriptLoaded boolean| videoScriptLoaded boolean| googleScriptLoaded boolean| pubfutureScriptLoaded boolean| applixirScriptLoaded object| countriesArray function| fade function| sleep function| uuidv4 function| humanFileSize function| toHHMMSS function| validateEmail function| validateName function| validatePasswd function| validateTags function| sidebarCollapse function| setAccountActive function| selectAccountActive function| myFetch function| loadContent object| modalTemplate function| createModal function| createToast function| processURL function| checkAccountAndUpdateInfo function| createGuestAccount function| buildSidebarAccountList function| logout function| startup function| addFilesToUploadQueue function| processUploadQueue function| uploadFile function| createUploadDiv function| deleteContent function| popupBeforeCopyContent function| copyContent function| downloadBulkContents function| loadTableFromFolderResult function| addContentIdToTable function| playFile function| closeFile function| showInfos function| showSettings function| showShare function| adStatusCallback function| launchAppLixirAd function| afterPageFilesLoad function| afterPageProfileLoad function| afterPageApiLoad function| afterPagePremiumLoad function| afterPageContactLoad function| afterPageTestLoad boolean| adReady object| freestar object| blockies object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| admiral object| googletag object| regeneratorRuntime object| fsdata object| fsprebid function| load_script object| confiant function| 4dm1r11545242527 object| ggeac object| google_tag_data object| google_js_reporting_queue object| fsprebidChunk object| _pbjsGlobals object| mnet undefined| google_measure_js_timing function| _hadron object| __bt_tag_d object| __bt_intrnl object| __bt object| __bt_tag_am boolean| sekindoFlowingPlayerOn object| _qevents object| hadron boolean| __halo_loaded__ function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ox_esp object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent166 object| Criteo boolean| __bt_already_invoked number| google_unique_id object| gaGlobal object| au function| quantserve function| __qc object| ezt object| _qoptions object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| auvars function| docReady object| autag string| GoogleAnalyticsObject function| ga object| pbjs object| gaplugins object| gaData function| plausible object| google_image_requests

75 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQjZ7Ui7AxCgoI4gEQjZ7Ui7AxCgoItAIQjZ7Ui7AxCgoI5gEQjZ7Ui7AxCgoIhwIQjZ7Ui7AxCgoItwIQjZ7Ui7AxCgkIOhCNntSLsDEKCgiMAhCNntSLsDEKCQhfEI2e1IuwMQoJCB8QjZ7Ui7Ax
.gofile.io/ Name: accountToken
Value: RCyDG8CKG6RFg9mKkCNSOl8veRtA97M4
.pub.network/ Name: _fsuid
Value: 43cb998d-525d-434b-8e10-3a713be82789
gofile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gofile.io/ Name: cookie
Value: aa6aba9a-343e-4b37-b587-09367c06269e
.adsrvr.org/ Name: TDID
Value: 583af889-58e8-4006-8360-30b2a7f6be01
.primis.tech/ Name: csuuid
Value: 651f17d16d744
.gofile.io/ Name: cto_bidid
Value: VWcW7l9JZlByTUpkb0tnYnVMcEgxT0NPb21LUmtKZCUyRkUwQjUzYU9oVTI2a2V3R3IyVFY1bEV4bmFPVkpodXhXTmdPTyUyRkVUZVpDV2FldW1pVyUyQmJTRVlzUGpsZyUzRCUzRA
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 597d9366a1fb1f8cdf613b91b137d328
.gofile.io/ Name: _cc_id
Value: 597d9366a1fb1f8cdf613b91b137d328
.gofile.io/ Name: panoramaId_expiry
Value: 1697141329500
.gofile.io/ Name: panoramaId
Value: 9ec81d60ef539616091ae24cc45516d53938054d8f98971041ca0bc70283cfc5
.gofile.io/ Name: panoramaIdType
Value: panoIndiv
.openx.net/ Name: i
Value: f861ed91-ab4e-4bc2-b633-ac460a6db500|1696536529
.gofile.io/ Name: _awl
Value: 2.1696536529.5-3dc5fc0db894bf5f6f9d2616795b490c-6763652d617369612d6561737431-0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D7F99F16-28C3-4BB5-B805-B713CC237F63
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1696550400%3A248%7C1697673600%3A245_226_201
.pubmatic.com/ Name: SyncRTB3
Value: 1697328000%3A63%7C1697673600%3A21_54_220_13_71_3_8_247%7C1697068800%3A223
.openx.net/ Name: pd
Value: v2|1696536530|jElYiuvOhI
.quantserve.com/ Name: d
Value: EOQBCwGOKvijAA
.quantserve.com/ Name: mc
Value: 651f17d2-19027-4c52e-945ce
.gofile.io/ Name: _au_1d
Value: AU1D-0100-001696536530-6T6NT261-6XG4
.criteo.com/ Name: uid
Value: 049be324-593d-42e1-89b1-3763b8c83d61
.gofile.io/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2OTY1MzY1MzAsInR0ZCI6MTY5NjUzNjUzMCwicHViIjoxNjk2NTM2NTMwLCJydWIiOjE2OTY1MzY1MzAsInRhcGFkIjoxNjk2NTM2NTMwLCJhZHgiOjE2OTY1MzY1MzAsImdvbyI6MTY5NjUzNjUzMCwic29uIjoxNjk2NTM2NTMwLCJ0YWJvb2xhIjoxNjk2NTM2NTMwfQ%3D%3D
.simpli.fi/ Name: suid
Value: 7E88B529CC6641EFA65198813F7A60FF
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-583af889-58e8-4006-8360-30b2a7f6be01&KRTB&22918-583af889-58e8-4006-8360-30b2a7f6be01&KRTB&22926-583af889-58e8-4006-8360-30b2a7f6be01&KRTB&23031-583af889-58e8-4006-8360-30b2a7f6be01
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-qsx-hq3OK9KxyHbQrs5i1P_MfYWxwHvV_5xMwd1L&KRTB&19420-qsx-hq3OK9KxyHbQrs5i1P_MfYWxwHvV_5xMwd1L&KRTB&22979-qsx-hq3OK9KxyHbQrs5i1P_MfYWxwHvV_5xMwd1L&KRTB&23403-qsx-hq3OK9KxyHbQrs5i1P_MfYWxwHvV_5xMwd1L
.gofile.io/ Name: cto_bundle
Value: 3rBx8V9JVEZZJTJGTDlHQ1QlMkJRVDRjRHQ4ekJlY3ByRDJvNVYlMkJMenUlMkZRUmZsMTREdUZtMmlSSHk3M3dPekloMFY3dlpmelg4bWNXNG4lMkZGOG5NJTJCaGVoZ0NaSWNoZ0NlQXZ4cmwxVlNlQ25xVCUyQldMeUdUcjJDdXZvbThyUElWaTYlMkZDNVpOMTA4TVkxU0FhZkptMVA5SllOM1VvS0VRJTNEJTNE
.rubiconproject.com/ Name: khaos
Value: LNDM1OMP-F-I6RE
.doubleclick.net/ Name: IDE
Value: AHWqTUktmfRnqgw7LvbhsQer2yl0OuiMjlQtnowzvSoi1KK-RSMjjhMRmdT0mWcA-3g
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKP2fKYR0T63gce98MGbRaM&KRTB&23025-CAESEKP2fKYR0T63gce98MGbRaM&KRTB&23386-CAESEKP2fKYR0T63gce98MGbRaM
.tapad.com/ Name: TapAd_TS
Value: 1696536530203
.tapad.com/ Name: TapAd_DID
Value: 340dbfa0-f3b7-4f32-bb66-6b6d0f0b4739
.ladsp.com/ Name: cr
Value: 1
.gofile.io/ Name: _ga
Value: GA1.2.353169363.1696536530
.gofile.io/ Name: _gid
Value: GA1.2.862745721.1696536530
.gofile.io/ Name: __qca
Value: P0-183659241-1696536530067
.ladsp.com/ Name: smn_uid
Value: xjzGUHnMf_7cA6j8YZm6CQ-yJiHiHSk
.ladsp.com/ Name: lum
Value: COqa1IuwMRIFCAMQ0AU
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6692
.bidswitch.net/ Name: tuuid
Value: 70ef792d-d3ce-4971-a6fb-90c22f284aa4
.bidswitch.net/ Name: c
Value: 1696536530
.bidswitch.net/ Name: tuuid_lu
Value: 1696536530
.ambientdsp.com/ Name: _aGeoIp
Value: SG-Singapore
.ambientdsp.com/ Name: _aUID
Value: 11ucuz5zc2q9
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-11ucuz5zc2q9
.ad.gt/ Name: au_id
Value: AU1D-0100-001696536530-6T6NT261-6XG4
.yahoo.com/ Name: A3
Value: d=AQABBNIXH2UCEPS2tpMIiHbu_LuMruz1DnsFEgEBAQFpIGUoZa9E8HgB_eMAAA&S=AQAAApfzvBbXR_vYo8BjOjEqH1E
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.gofile.io/ Name: __gads
Value: ID=35da2f1661a34c94:T=1696536530:RT=1696536530:S=ALNI_MZmwk6oNjf26cfNQ6lrpP-TFe3-vw
.gofile.io/ Name: __gpi
Value: UID=00000c58ba08082d:T=1696536530:RT=1696536530:S=ALNI_MYh8F0LwwhnGTiwyRcz3yY5dYm1vQ
.pubmatic.com/ Name: SPugT
Value: 1696536529
.aralego.com/ Name: sspid
Value: 5ad8dda6-5d14-3cc9-b286-1de2230b428c
.intentiq.com/ Name: intentIQCDate
Value: 1696536530444
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: X4cJ2qOf96
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-70ef792d-d3ce-4971-a6fb-90c22f284aa4
.pubmatic.com/ Name: PugT
Value: 1696536530
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2eb8:19du~2eb8"
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjk2NTM2NTMwfQ
.casalemedia.com/ Name: CMID
Value: ZR8X0teuRgrNhD0ipkAKuAAA
.casalemedia.com/ Name: CMPS
Value: 4872
.casalemedia.com/ Name: CMPRO
Value: 4872
.rubiconproject.com/ Name: audit
Value: 1|2J6WBetyZrLBgkg2vMjm82civNItqRUPGvaJZSxslBl80O40QVPQDW5atXoLsAp+xoxdmMmZfCXyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnajWdgPJA3/t0RyfGn/ofUWMe8GdHa2XAMsrW2+3JV90YPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.3lift.com/ Name: tluid
Value: 3470403049940674937482
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiQ4u3FnfqiPBAFEhYKB3N2eDl0NTASCwjcle3JnfqiPBAFGAEgASgCMgsIiozw9rP6ojwQBTgBWgdzdng5dDUwYAI.
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicHVibWF0aWMiOnsidWlkIjoiRDdGOTlGMTYtMjhDMy00QkI1LUI4MDUtQjcxM0NDMjM3RjYzIiwiZXhwaXJlcyI6IjIwMjMtMTAtMTlUMjA6MDg6NTAuMTI5MTAwMDU3WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjM0NzA0MDMwNDk5NDA2NzQ5Mzc0ODIiLCJleHBpcmVzIjoiMjAyMy0xMC0xOVQyMDowODo1MC43NDE4OTA4NTNaIn19fQ==
.bing.com/ Name: MUID
Value: 19ADE21DCFBA65163BE4F1BCCEBB64FD
.c.bing.com/ Name: MR
Value: 0
.adnxs.com/ Name: uuid2
Value: 2185375866101279786
.go.sonobi.com/ Name: __uis
Value: 4dd452ec-2ef3-4c73-a5fa-20383878768c

1 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

750a16c8a34ae2547f7ab213d71cb5a4.safeframe.googlesyndication.com
a.ad.gt
a.pub.network
ad-delivery.net
ad.a-ads.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
api.btloader.com
api.gofile.io
api.intentiq.com
api.rlcdn.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.pub.network
eb2.3lift.com
file120.gofile.io
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
fronttoad.com
gofile.io
google-bidout-d.openx.net
grid.bidswitch.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
live.primis.tech
match.adsrvr.org
match.sharethrough.com
mb9eo.publishers.tremorhub.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
optimise.net
p.ad.gt
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
plausible.gofile.io
prebid.media.net
qsearch-a.akamaihd.net
rtb.openx.net
rtb.primis.tech
rules.quantcount.com
s0.2mdn.net
s2s.t13.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync.1rx.io
sync.colossusssp.com
sync.go.sonobi.com
sync.intentiq.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
video.primis.tech
www.google-analytics.com
www.google.com
x.bidswitch.net
api.rlcdn.com
grid.bidswitch.net
ib.adnxs.com
id5-sync.com
prebid.media.net
s2s.t13.io
sync.colossusssp.com
sync.intentiq.com
103.43.90.114
104.18.26.193
13.214.8.108
13.224.250.125
13.228.229.19
130.211.23.194
149.202.85.166
162.19.138.117
18.143.106.89
18.155.68.12
18.155.68.15
182.161.73.136
184.87.193.162
184.87.193.88
185.237.14.202
2001:df2:a300:bbbb::135
209.191.163.208
23.106.127.38
23.207.180.199
23.36.48.24
2404:6800:4003:c00::5f
2404:6800:4003:c01::63
2404:6800:4003:c01::84
2404:6800:4003:c01::9c
2404:6800:4003:c02::95
2404:6800:4003:c04::5e
2404:6800:4003:c04::5f
2404:6800:4003:c04::84
2404:6800:4003:c11::9b
2404:6800:4003:c1a::71
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2600:1901:0:7ec2::1
2600:1f18:612b:4280:fe9f:52e1:2e5:3ec3
2600:9000:200a:9800:1a:5235:f980:93a1
2600:9000:2175:3400:8:48e:53c0:93a1
2600:9000:229f:a200:6:44e3:f8c0:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:4400::6812:2b5a
2606:4700::6812:15ce
2620:116:800e:21:36b5:1576:d999:6e52
2a04:4e42:600::300
2a04:4e42::485
3.0.37.88
3.33.220.150
34.102.146.192
34.107.140.113
34.111.113.62
34.111.152.239
34.120.135.53
34.120.63.153
34.160.152.31
34.96.70.87
35.213.12.39
35.214.220.196
35.227.252.103
35.244.159.8
45.112.123.225
51.178.66.33
52.223.2.229
52.77.43.2
52.84.228.19
67.199.150.86
69.173.158.64
72.34.250.75
74.118.186.107
74.125.200.154
74.125.68.148
78.46.33.196
80.77.87.162
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
027cccfda0c1e7c5c8750153c5d45d19e2ec74b78ad9e104aeffc0754adb4a1f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c07f9a9beebbea97fdae7bdb7ec05cd19c6a8dbf8cdb0b2ba168781e219d3a9
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0dcfde93dfe9fdbfa65891077bfd1fa2fb1b8d984582e345adc68c821fbf203f
0f4b9474b6007c04abee7de8fde135ceb124539938e41141817486c93205c290
1034623c97bec92060a8b907014a03358bb2c4e0f3407797929c6efc1a2b2181
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d471e2bc4e5a5548d0417a859e551d65bcb53f64c37800f8f2054e938db77ff
1df6f03b9217e0dd4008c16926bc87bf361c24281c01afea961ea57aeabd81d6
1f53386c3d89d01bbc7c10391c76bea1cc4cb1e1a66d70c421a332798f3492ca
1fbe39ee1ed0d1eb09b19f18ec8edb663f3d45cc38c8d4d27fb5dd1f833b3090
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2262dbfa1d45cb6e69d296b3025227b91fe8c40683d3087350ed2ed716fb0f32
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
295f0379542f17b4b198c46b774090a97f425d034767c62c75b9c730666488b1
29a67c896a8803c00331ea22397fc0c04865fd35226a74b04f4e5724e660af26
2aaad91e44ce58b7170dc94e8afcfaad804b89f64073b20680d2937e946b0aae
2e1af6a5579c0f794722b40a3c4bd09b208db711d6291d27a1c9e8c7932b0cc3
325ad6583be91477c31f4f95f5331e2e0a9cbefd92b259c5d37452a0b4731d31
3384c8b4c2114b32379563eacd2cdcaf7f65781c1b87cc0e3a26499364ab0973
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
365b2307fb2aa2ed24a6504f157cf7ff5d6f55e0f4170c895d692a24d4c919a3
3b9d15ec8bed2ae077bd7b43fde043331beb080891a4a65ded0066f89968f64b
3de7b02c8eb7669f21ac1831b7f1177c51689ffa3bc2175e40f91a90d4868af2
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47360aff5f5295bd9e0513690d131760bb26d081029dc288ba62394fa68d009c
49bf645555a7836bb0c9d24df378f24fe6fcd62329204326a4f95ecc963042ba
5043cd6f4665d3d04578fd490e7d57f3cfd103c72213ee3287b61996a0755194
54371ae9cf2843e2e973a7f84ee12b65dfa0ba95f747ec583bebc6a4782ef6e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54b73b7ddac1a605e04bb01f84af4acc9458f896da7398d2d96a5489871f098a
605bd7e29fd79a3f4f736837b6ed566adc3aa81ff3342af07515060ca3e1b641
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
68cf2e409973b2e33b7358ad8401a13ddcf2b9cf6a3e179578b814e3d12ab970
6a18e8e02c00edb7ed11767f82c625467496f99f694cef50746258ba52e8d7a2
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
73a9778211e0011679a2aff7e8073bfe9883ba6fabb1e8c59f95a60087df0905
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79bc00b1ba3e228fe806d7ddfc0bd9a9b9eb904701a35d6dc435932c0b17c1e3
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7e0c7f29770b6000efdcb5be6d6c7b42a06ece7c89dd6ac4aa42be824e54efbb
7eb1c7b9a001cd9c937f0ae3f06b06438823a0db9485c45b2491f6fe42d293ed
81d346cd690e79e7a6c9c5150088ba24600d44f1cf682e4d0974c6c45b3c97d5
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
83a8b4434dcbb3aca2becebf6456694b34a9ce4daffb12dc8d824cdb4b28724f
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9ba2664a8a4b98b34e230d73f566d6b97afcd9fe92eba7b6a94cf0c9e631857b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a77eedb6eb438ddc560f52f96c9a9bca9f35da6ed872b9d9c265034151e5480b
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
aeda6ffbc1b4cc39da97b1a735b8b9655814219890925ca09e300ccfd840c196
afc5c9b4b3db774eecacd3f2762c3fff6693c76395aee86e5aa4ed297f11e8fa
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b5f44bb877d6c6a1f7528fa2fd094cde68cb484427a611b96e6eb401d86c185b
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b7ba1dabb908c06c25d38655a76b11cf745388ea54a1de027696c84c40144682
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5ff5e3e3f2157cd240b9a842e5e43d167ffeea15d05dd9ea264c45a452015b0
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
cc658f06a5b553b53e9e571b8f6c699b5567c541d703557c8a0f699cf066be78
ce6a18f9fcd41364dff8f0f04a88764a6748263f65240eb719bbab462966cec6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01bb642be27b9bf0f6e5d729fb797dc9e2720b8849d7c07bdc3eee52577654d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
d2c313b89820e62f778005670ccba1a595c1070ad87c3ad6af4e066008d3f45d
d7cd62f79397bc6943bc811e1c220e2c3cf433d3553f873c30994cc9e18a77f1
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebd7f9dd6d7d5385943a36e7beeafb55ddb83ae3aba9b62e0ae0f4727a3f605a
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef70e74f71d2e92a0a13fe59363f3de9994d5567f7607bcf3ee92118ee347505
f0a1d0a11ea13887cbc2fa43b9daefb0b16731fdf4a5b012e2dc323a49ee5b8d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc69282ae63ed9cd1848c8ad66e75bede222821420e2f2cf53e93a2b35a0714f