Submitted URL: https://store2.gofile.io/download/9e9d6b27-2c71-4e15-98b3-1dc906e48861/hl.exe
Effective URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Submission Tags: falconsandbox
Submission: On October 03 via api from US — Scanned from FR

Summary

This website contacted 59 IPs in 6 countries across 42 domains to perform 199 HTTP transactions. The main IP is 151.80.29.83, located in Roubaix, France and belongs to OVH, FR. The main domain is gofile.io. The Cisco Umbrella rank of the primary domain is 96398.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 31.14.70.242 203698 (MOJI moji)
21 151.80.29.83 16276 (OVH)
2 149.202.85.166 16276 (OVH)
1 148.251.194.214 24940 (HETZNER-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:7... 15169 (GOOGLE)
11 34.160.152.31 396982 (GOOGLE-CL...)
3 2600:9000:20a... 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
4 34.160.128.112 396982 (GOOGLE-CL...)
3 2a02:2638:d::d 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.33.220.150 16509 (AMAZON-02)
17 2600:9000:225... 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 18.239.18.12 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 2600:9000:20a... 16509 (AMAZON-02)
1 52.31.175.73 16509 (AMAZON-02)
4 34.107.140.113 396982 (GOOGLE-CL...)
3 37.252.171.149 29990 (ASN-APPNEX)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
18 52.57.151.220 16509 (AMAZON-02)
3 104.18.26.193 13335 (CLOUDFLAR...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 35.227.252.103 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 52.222.136.109 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 2600:9000:21c... 16509 (AMAZON-02)
2 52.51.159.118 16509 (AMAZON-02)
2 23.216.77.36 20940 (AKAMAI-ASN1)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2600:1f13:800... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.248.149.248 16509 (AMAZON-02)
1 13.248.245.213 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
1 3.121.203.109 16509 (AMAZON-02)
199 59
Apex Domain
Subdomains
Transfer
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2560
video.primis.tech — Cisco Umbrella Rank: 7212
3 MB
24 gofile.io
store2.gofile.io — Cisco Umbrella Rank: 958824
gofile.io — Cisco Umbrella Rank: 96398
api.gofile.io — Cisco Umbrella Rank: 148919
plausible.gofile.io — Cisco Umbrella Rank: 177639
389 KB
18 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
3 KB
16 pub.network
a.pub.network — Cisco Umbrella Rank: 6732
d.pub.network — Cisco Umbrella Rank: 6903
c.pub.network — Cisco Umbrella Rank: 6750
382 KB
15 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 851
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025
dt.adsafeprotected.com — Cisco Umbrella Rank: 765
103 KB
10 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
5 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2190
rtb.openx.net — Cisco Umbrella Rank: 1029
google-bidout-d.openx.net — Cisco Umbrella Rank: 2191
freestar-d.openx.net — Cisco Umbrella Rank: 20699
981 B
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
1 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
ad.doubleclick.net — Cisco Umbrella Rank: 180
161 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
33 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
ads.pubmatic.com — Cisco Umbrella Rank: 837
212 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
2 KB
4 t13.io
s2s.t13.io — Cisco Umbrella Rank: 6519
1 KB
4 floors.dev
api.floors.dev — Cisco Umbrella Rank: 10287
1 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1773
api.btloader.com — Cisco Umbrella Rank: 1917
84 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
124 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
1 KB
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 35860
24 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
60 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2879
592 B
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
66 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1089 Failed
220 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
32 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
12 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
10 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1963
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2059
107 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 8461
1 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
146 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 713
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 11
1 gstatic.com
fonts.gstatic.com
16 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
1 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2392
8 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
417 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 8423
469 B
1 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 23932
199 42
Domain Requested by
18 btlr.sharethrough.com a.pub.network
18 gofile.io gofile.io
17 live.primis.tech a.pub.network
live.primis.tech
10 dt.adsafeprotected.com
10 c.pub.network a.pub.network
9 video.primis.tech live.primis.tech
9 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
6 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
5 a.pub.network gofile.io
a.pub.network
4 bidder.criteo.com a.pub.network
static.criteo.net
4 s2s.t13.io a.pub.network
4 api.floors.dev a.pub.network
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 rtb.openx.net a.pub.network
3 hbopenbid.pubmatic.com a.pub.network
3 htlb.casalemedia.com a.pub.network
3 ib.adnxs.com a.pub.network
3 gum.criteo.com a.pub.network
static.criteo.net
3 api.btloader.com freestar-io.videoplayerhub.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
blank
3 fronttoad.com a.pub.network
fronttoad.com
3 api.gofile.io gofile.io
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 static.criteo.net a.pub.network
static.criteo.net
2 qsearch-a.akamaihd.net
2 pixel.adsafeprotected.com live.primis.tech
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 ads.yieldmo.com a.pub.network
2 oajs.openx.net 1 redirects
2 ad-delivery.net
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 plausible.gofile.io gofile.io
plausible.gofile.io
1 x.bidswitch.net
1 freestar-d.openx.net a.pub.network
1 ads.pubmatic.com a.pub.network
1 js-sec.indexww.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 eb2.3lift.com a.pub.network
1 s0.2mdn.net imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com live.primis.tech
1 google-bidout-d.openx.net oa.openxcdn.net
1 f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a.ad.gt cdn.hadronid.net
1 pixel.quantserve.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 match.adsrvr.org a.pub.network
1 cdn.hadronid.net a.pub.network
1 ad.doubleclick.net
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 d.pub.network a.pub.network
1 ad.a-ads.com gofile.io
1 store2.gofile.io 1 redirects
199 65

This site contains links to these domains. Also see Links.

Domain
twitter.com
dev.gofile.io
store2.gofile.io
ads.freestar.com
Subject Issuer Validity Valid
*.gofile.io
R3
2023-09-22 -
2023-12-21
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2022-12-21 -
2024-01-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-26 -
2024-02-25
a year crt.sh
fronttoad.com
R3
2023-09-13 -
2023-12-12
3 months crt.sh
d.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
optimise.net
GTS CA 1D4
2023-09-21 -
2023-12-20
3 months crt.sh
confiant-integrations.net
GTS CA 1P5
2023-09-20 -
2023-12-19
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
api.floors.dev
GTS CA 1D4
2023-09-15 -
2023-12-14
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
hadronid.net
GTS CA 1P5
2023-08-07 -
2023-11-05
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.primis.tech
Amazon RSA 2048 M01
2023-09-24 -
2024-10-22
a year crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-08-26 -
2023-11-24
3 months crt.sh
s2s.t13.io
GTS CA 1D4
2023-09-14 -
2023-12-13
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
c.pub.network
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh

This page contains 18 frames:

Primary Page: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Frame ID: D9B107163D9FA812879DE3F82C5DFACB
Requests: 154 HTTP requests in this frame

Frame: https://ad.a-ads.com/2059298?size=300x250
Frame ID: 85825D8024A791368DB96E91A125AAB0
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 39FFB9B56BF694A96E3B4B3C685AB756
Requests: 17 HTTP requests in this frame

Frame: https://f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C53B7A4C9AEA9518D0E4E725EEEEE28
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 50BCCD42EBB89A8FE563248C8874691E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=27975&chanId=gofile.io&placementId=116425&pubOrder=FR&custom=desktop&custom2=windows&custom3=chrome
Frame ID: FD9B1B076B7069569E5C71E6D248D6A7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Frame ID: D32753B18E7DEEA6F35EDF96BDA28A1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD1AC92086FAA35F59D52539F06852AB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6578D6B2A68FD5A6D12B168E252A31D5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DECC15751AD64F18E2240238E2090F36
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 30EDD0B1A4B533FF1602DB3E63B3953B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F815B0BA2083696E43B127BBE1EE9054
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EC13786C062E9A6DE4699CF8A70EAC86
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C506AFE2D842E0862956D19799C9E8B7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 44F8D85EF9DCA9367B9F2F26272B4B6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: B9B924301492A17B7C572589F2101E31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 468030FA5DA933FC61CDCE3C0238C6D3
Requests: 1 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd
Frame ID: 04A893744CA2DE9DBABBEF50E8E88F87
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gofile - Free Unlimited File Sharing and Storage

Page URL History Show full URLs

  1. https://store2.gofile.io/download/9e9d6b27-2c71-4e15-98b3-1dc906e48861/hl.exe HTTP 302
    https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

199
Requests

97 %
HTTPS

48 %
IPv6

42
Domains

65
Subdomains

59
IPs

6
Countries

4796 kB
Transfer

9401 kB
Size

73
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://store2.gofile.io/download/9e9d6b27-2c71-4e15-98b3-1dc906e48861/hl.exe HTTP 302
    https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 69
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp&cc=1

199 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 899fc42f-b7e5-4fe2-9dcb-12af478082bb
gofile.io/d/
Redirect Chain
  • https://store2.gofile.io/download/9e9d6b27-2c71-4e15-98b3-1dc906e48861/hl.exe
  • https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
14 KB
4 KB
Document
General
Full URL
https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
ec665206cae3074fdfcf0600da47f064cfb47e6e050ebf0ac92982d2c8daa05c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-length
3955
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:00:08 GMT
etag
W/"37b9-18a2438c4bb"
expect-ct
max-age=0
last-modified
Wed, 23 Aug 2023 21:06:54 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
*
content-length
156
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:00:08 GMT
location
https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
bootstrap.min.css
gofile.io/dist/css/
191 KB
30 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"2fbaa-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.css
gofile.io/dist/css/
93 KB
14 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-icons.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"17579-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-nightfall.css
gofile.io/dist/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/bootstrap-nightfall.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"c869-1857d3988cb"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.css
gofile.io/dist/css/
33 KB
6 KB
Stylesheet
General
Full URL
https://gofile.io/dist/css/plyr.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:31 GMT
etag
W/"85ae-18592ec8138"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
allcss.css
gofile.io/dist/css/
2 KB
864 B
Stylesheet
General
Full URL
https://gofile.io/dist/css/allcss.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
765
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 09 Feb 2023 16:33:45 GMT
etag
W/"72c-18637069bac"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
logo-small-70.png
gofile.io/dist/img/
2 KB
2 KB
Image
General
Full URL
https://gofile.io/dist/img/logo-small-70.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
2392
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"93f-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap.bundle.min.js
gofile.io/dist/js/
79 KB
24 KB
Script
General
Full URL
https://gofile.io/dist/js/bootstrap.bundle.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"13a49-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
sha256.min.js
gofile.io/dist/js/
9 KB
4 KB
Script
General
Full URL
https://gofile.io/dist/js/sha256.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3701
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"2339-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
qrcode.min.js
gofile.io/dist/js/
19 KB
7 KB
Script
General
Full URL
https://gofile.io/dist/js/qrcode.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"4dda-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
dayjs.min.js
gofile.io/dist/js/
7 KB
3 KB
Script
General
Full URL
https://gofile.io/dist/js/dayjs.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3029
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"1a0e-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
customParseFormat.js
gofile.io/dist/js/
4 KB
2 KB
Script
General
Full URL
https://gofile.io/dist/js/customParseFormat.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1803
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"ea2-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
marked.min.js
gofile.io/dist/js/
43 KB
16 KB
Script
General
Full URL
https://gofile.io/dist/js/marked.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"aca2-1857d3988d3"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.js
gofile.io/dist/js/
108 KB
34 KB
Script
General
Full URL
https://gofile.io/dist/js/plyr.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:31 GMT
etag
W/"1b1b2-18592ec8138"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
chart.umd.min.js
gofile.io/dist/js/
194 KB
71 KB
Script
General
Full URL
https://gofile.io/dist/js/chart.umd.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 08 Mar 2023 18:58:11 GMT
etag
W/"3094c-186c2968d85"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
alljs.js
gofile.io/dist/js/
182 KB
37 KB
Script
General
Full URL
https://gofile.io/dist/js/alljs.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/899fc42f-b7e5-4fe2-9dcb-12af478082bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
04addf3352da7768f8de5f2eeac7c452e8f2e95ac6ecc8c6fcbb0dd160a4fcf2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Mon, 02 Oct 2023 22:23:27 GMT
etag
W/"2d6d3-18af27d3a21"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.woff2
gofile.io/dist/css/fonts/
118 KB
119 KB
Font
General
Full URL
https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: gofile.io
URL: https://gofile.io/dist/css/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://gofile.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:00 GMT
etag
W/"1d9d0-1857d3988cf"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
createAccount
api.gofile.io/
67 B
809 B
Fetch
General
Full URL
https://api.gofile.io/createAccount
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
d741699edb36753ffea99ffc8d66cec5612596c77748156942713cb6a0ada6af
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Tue, 03 Oct 2023 19:00:08 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
67
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"43-vqdPUg0/lec3Vo7QexWyDqZwFOo"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
getAccountDetails
api.gofile.io/
312 B
386 B
Fetch
General
Full URL
https://api.gofile.io/getAccountDetails?token=afp0liVZbiOCfXWXU8GoTIYb3b8YoyKq
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
39c27218199463e253face5d72badeb9eea9518494cb03c5ac77216a28564df2
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Tue, 03 Oct 2023 19:00:08 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
312
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"138-xIjsvepBeWSQ2YwS/GXTkWk3+NY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
truncated
/
658 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aacd9c268a167c3e3da31d889d36e2156558403b4e976a845217eb64b041332f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
files.html
gofile.io/contents/
17 KB
3 KB
Fetch
General
Full URL
https://gofile.io/contents/files.html
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
ff8d74d2328df5590c675df09ecd425eacb78956c23c57c44a8b4a769b86c89a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3190
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 23 Jul 2023 11:43:07 GMT
etag
W/"4403-189828f7719"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plausible.js
plausible.gofile.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.gofile.io/js/plausible.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:07 GMT
x-content-type-options
nosniff
server
Cowboy
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
1321
2059298
ad.a-ads.com/ Frame 8582
0
0
Document
General
Full URL
https://ad.a-ads.com/2059298?size=300x250
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 03 Oct 2023 19:00:08 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
pubfig.min.js
a.pub.network/gofile-io/
109 KB
39 KB
Script
General
Full URL
https://a.pub.network/gofile-io/pubfig.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8182ab9d24507e862f64d82439c34cde58986468e48a2ec254ec6840fc1c0be3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
cf-cache-status
HIT
age
80610
x-guploader-uploadid
ADPycdvh4YwmPP1lg8IhybmtUaYAWpG2UI_l7nEPK84HvmyHXEXLTxW08smJe5vPXQ6ko9jCKq-WegQCvOsR-BwJfgUGG0lmoXZK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 02 Oct 2023 16:13:46 GMT
server
cloudflare
etag
W/"5e7e80d50243b26289d531d116d3133c"
vary
Accept-Encoding
x-goog-hash
crc32c=jFOYyg==, md5=Xn6A1QJDsmKJ1THRFtMTPA==
x-goog-generation
1696263226827145
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
111500
cf-ray
81076d22e8c52a76-CDG
expires
Tue, 03 Oct 2023 19:30:08 GMT
getContent
api.gofile.io/
734 B
808 B
Fetch
General
Full URL
https://api.gofile.io/getContent?contentId=899fc42f-b7e5-4fe2-9dcb-12af478082bb&token=afp0liVZbiOCfXWXU8GoTIYb3b8YoyKq&websiteToken=7fd94ds12fds4
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
52d188a459594cd48016acdc9f44d99788378bd821211c39863f6e1a6a6c6266
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Tue, 03 Oct 2023 19:00:08 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
734
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"2de-6xMNgrHfFBkBjoootpcAZ3trH+0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
event
plausible.gofile.io/api/
2 B
192 B
XHR
General
Full URL
https://plausible.gofile.io/api/event
Requested by
Host: plausible.gofile.io
URL: https://plausible.gofile.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
server
Cowboy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
F4quE5sgjQxEi1wCfIKH
7d7765cc8f78fb1e4bafc2268f59e69c.js
fronttoad.com/dist/413b04/
68 KB
24 KB
Script
General
Full URL
https://fronttoad.com/dist/413b04/7d7765cc8f78fb1e4bafc2268f59e69c.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
234331d5b2d0b6ea834baac45940f32b5d7c0ea5f09a7d28de3c1f8fbdd843c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 03 Oct 2023 19:00:08 GMT
x-datacenter
gce-europe-west1
etag
"c1f87a4818a4af1d64611a30ccf8c0050cfc9a44dfa262156f528a5ca76873fa"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-wjrf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/
34 KB
6 KB
Fetch
General
Full URL
https://d.pub.network/v2/init?siteId=5818&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ff337d3fc99d6d499d416375030bdd263995369bd01dc530fca55a565d0367ff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubfig.engine.js
a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/
464 KB
138 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5222d425167e2abb010d7eb072b6b1c252cea92cdb92cd9688b4ee1b7a5cfccd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:08 GMT
content-encoding
gzip
cf-cache-status
HIT
age
80611
x-guploader-uploadid
ADPycduxF1Zqe3fkPMjuba8vTFynNdAwjhHoMyQ-PC6VMNTx0Z1Kjv08BnmMV9if6tZObrVgFbJUF5is3CbwN6jbYIPyEA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 28 Sep 2023 21:36:10 GMT
server
cloudflare
etag
W/"b5ae48261f174b2b2ec14154208dcb06"
vary
Accept-Encoding
x-goog-hash
crc32c=kuRqnw==, md5=ta5IJh8XSysuwUFUII3LBg==
x-goog-generation
1695936970134670
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
474719
cf-ray
81076d240afa2a76-CDG
expires
Tue, 03 Oct 2023 20:00:08 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
485 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_9066178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 04:12:26 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
6446864
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
R7fFFk-HI0WwLFMBTdY0bgPOYdr0PvqMXEnXmBn3PvDfKscdGJlByg==
/
optimise.net/ Frame
0
0
Preflight
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 03 Oct 2023 19:00:09 GMT
expires
0
fs-client-rtt
21
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/
1 KB
1 KB
Fetch
General
Full URL
https://optimise.net/?k=0&d=gofile.io&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f6431b5c85ee06c223ba8cb3bb5b135be9f73312e0b877e02f8f272295d3940b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Tue, 03 Oct 2023 19:00:03 GMT
fs-client-rtt
22
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/
106 KB
21 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862fbf874d5d31a78c018fda664c276de05bf0c452baef5f87e32294afa33455

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 17:33:37 GMT
server
cloudflare
x-amz-request-id
TM8Z2PEB22RS96S2
age
648
etag
W/"0d0d958454f7488ecaf02b56f9eead0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
81076d256abd0288-CDG
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X1/s5Z3yuhuVRQmmI1oeiOF5bthzQuJYyJJTvCA2Junvf3NiVyC+EA6mLTB0vfcT9plUK8a97t4=
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6561a77abf4680951096cb398a5b4d41f81e12ffae191d08a5b7d0ca991b27a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29276
x-xss-protection
0
server
cafe
etag
226 / 19633 / m202309280101 / config-hash: 18346230598739657090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Oct 2023 19:00:09 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
306 KB
83 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc0eac28568aef65321a154c19c264fe51fafabbbba9ae322b534f7c4e0bc3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 18:27:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1867
etag
W/"ee81a6453f622c2fdb9a1c7db63beed4"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL2eHnrjvdHZjfgeGvW5aekpMgayAMNVq6tu815pomlHgcfwjURdjOu9HvDXjQlAu6fYzk22JJ3fbV5iGkDigekTEMVkHfSoGxTZlHcl6IhT%2FHuXfX%2Bd1A5P0bWxa9p0AS%2BdEccEn6MpRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
81076d262f0e2a0d-CDG

Redirect headers

date
Tue, 03 Oct 2023 19:00:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRTtdFElOAkDYmprnf%2FCmnIgMMOZT%2BP6u8rN%2BJck7NqARBvN6jxNSb6acvy9mhWhwC2Hrza9SxbR%2BBnanV8beu9EhVtlPX2bfuJPqcPzBRtyJn79%2BKZEK9V5n%2FsShhaDlX2iI%2BPzKMqe8nmsCDM7rQHQ%2BB6vE67zmJTJw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
81076d255e36d6b2-CDG
expires
Tue, 03 Oct 2023 20:00:09 GMT
prebid-analytics-7.48.4.js
a.pub.network/core/
596 KB
193 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
80612
x-guploader-uploadid
ADPycds12VhBfyNrTdgkMsFuEurgTAJVyIQ52FMoSVQIKuIlmrfFgsZx-LZCXQ7wxBL0qSDT1f6g-S8rGO2rxoEHvyBt5XaG3UgJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31455388
x-goog-stored-content-length
610321
cf-ray
81076d24fcd32a76-CDG
expires
Tue, 01 Oct 2024 20:36:37 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310031103/
269 KB
86 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310031103/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 15:32:29 GMT
server
cloudflare
x-amz-request-id
XHTP35PWFRMNMRR0
age
5929
etag
W/"1817aabf6d3ce56cce955976a0e0702e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
81076d25cb7d0288-CDG
alt-svc
h3=":443"; ma=86400
x-amz-id-2
r1oL/dFfS3S302zgD4aBVNpAMr6BGqk1ai8otepQhNGdBWocjmPC+z3cFat4LrnTLUCSWbZl6pQ=
6dca94d647f2892a7b76a73110bcf6cf31d7ecde84700f826e2ebd
fronttoad.com/submit/
288 B
315 B
Fetch
General
Full URL
https://fronttoad.com/submit/6dca94d647f2892a7b76a73110bcf6cf31d7ecde84700f826e2ebd
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/dist/413b04/7d7765cc8f78fb1e4bafc2268f59e69c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c416e42d6643a9b55a23bb3a20db03aa5aafadd2fc9f3b12c43359dc6bf82772
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 03 Oct 2023 19:00:09 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-europe-west1-spot-wjrf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 03 Oct 2023 19:00:08 GMT
ab349a8dfb86f777ff3967f73148145f65f682443ffde3ac
fronttoad.com/e38a09/
3 B
27 B
Fetch
General
Full URL
https://fronttoad.com/e38a09/ab349a8dfb86f777ff3967f73148145f65f682443ffde3ac
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/dist/413b04/7d7765cc8f78fb1e4bafc2268f59e69c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 03 Oct 2023 19:00:09 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-europe-west1-spot-wjrf
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/
413 KB
131 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
445
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 02 Oct 2024 18:52:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
823 B
431 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1034623c97bec92060a8b907014a03358bb2c4e0f3407797929c6efc1a2b2181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
0
expires
Tue, 03 Oct 2023 19:00:09 GMT
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 19:00:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
938 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
348846
x-guploader-uploadid
ADPycduPNhTNuWUUQmtHvRfsGB_KYz2dv4EMprMYPNwgBcBMes9sjT5CPFdCL7NeDZKUU0CXBm_xrs0fdFt_VtDYWzmzaIvZs_41
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ5Eirl0FWnOYccnX%2BIWyny%2Fiqh7TLCIj3X8jpEzGSW%2FA2KK0hRO3y6eu6tk1uRUdqLdvurmVeNNah81Z01KYX5yhEMBgxdUUwJD8KYx75zetK%2F8O%2FTjDoXD6vyMkRr5N9ylJgMLmCG26qGEkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81076d277e48d36b-CDG
expires
Fri, 29 Sep 2023 18:08:59 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 09:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 09:32:51 GMT
px.gif
ad-delivery.net/
43 B
341 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6561512858861664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
348846
x-guploader-uploadid
ADPycduPNhTNuWUUQmtHvRfsGB_KYz2dv4EMprMYPNwgBcBMes9sjT5CPFdCL7NeDZKUU0CXBm_xrs0fdFt_VtDYWzmzaIvZs_41
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2TJI5IQzC6FOKs8L3IobV%2F2X9CXBUEgUNRorTlUm18ZovnpcBFvShWVs4HiyymnwkItmbQTVNYl6BxYODFDCUaFu8NO0mHSHfZOirBvdyIharp%2B84YqKGGB%2FV9MqMAm46yEWfhrcZSz%2BjdSNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
81076d277e4bd36b-CDG
expires
Fri, 29 Sep 2023 18:08:59 GMT
floors
api.floors.dev/sgw/v1/ Frame
0
0
Preflight
General
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
uncacheable
content-length
0
date
Tue, 03 Oct 2023 19:00:09 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/
930 B
952 B
Fetch
General
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
adf624f6c513c6be7f8f635e59ad5c0b9d5010df12dae0bfa9eddb74b2cadb8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
cache-status
uncacheable
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=VVKy8GR3BD&w=5912996595892224&o=5714937848528896&cv=2.1.18-2-g8762a10&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&sid=hCESstPd&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Oct 2023 19:00:09 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 03 Oct 2023 19:00:09 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191210
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hadron.js
cdn.hadronid.net/
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
4999
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81076d2b69800261-CDG
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
json
gum.criteo.com/sid/
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
194125
expires
0
pbhid
id.hadron.ad.gt/api/v1/
141 B
306 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a39d864d92f3a887cb55c4b924412cc62ae1384e3cdafc25a95ed5f0e12870

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
81076d2b7830b746-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/
63 B
417 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
72153bea0160875f6deb1bdaf729c82b61b5ff8f5cc29d96d1b9815a1946856d

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 02 Nov 2023 19:00:10 GMT
analytics.min.js
a.pub.network/core/analytics/1.2.4/
13 KB
5 KB
Script
General
Full URL
https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a3c8bd3a50d0dbf140bfd75d6dc782d02ac51c28dc207849b0c89777035fa1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
80613
x-guploader-uploadid
ADPycdvol-4-G7C1crP1vc8Kl-au4kf57GHn-v0KucXJ1hvVC-W-EuD8CNgxFzXiI6M4rZKnkVuuPDV0NiV5GEBnYwiiAQgAyg__
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 28 Sep 2023 21:36:51 GMT
server
cloudflare
etag
W/"2677525e4834accca8a0ee00e6142f69"
vary
Accept-Encoding
x-goog-hash
crc32c=2tWcaw==, md5=JndSXkg0rMyooO4A5hQvaQ==
x-goog-generation
1695937011557777
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13168
cf-ray
81076d2b39122a76-CDG
expires
Tue, 03 Oct 2023 20:00:10 GMT
liveView.php
live.primis.tech/live/
47 KB
18 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e1c2cb072d2ece71e25868b32ccf673361860a0637c146a893d6118a343a25b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
e81tUQt4VKKnLawAx0WZK4EvPwof0T93X60jPApwxfUXIvgENvL_5w==
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 10 Oct 2023 19:00:10 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
fslogo-green.svg
a.pub.network/core/imgs/
1 KB
1 KB
Image
General
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1384
x-guploader-uploadid
ADPycdtjC8a-lrKsb6-ZVTZJGt2a8Kwhy_bup2eYuLbS9l9T94RBLgNdWd7td9izkhtEAlwuF34Q9xlxS33s6D_4Isw-jINJtr3-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
81076d2b99b62a76-CDG
expires
Tue, 03 Oct 2023 20:00:10 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 19:15:40 GMT
content-encoding
gzip
age
690270
x-guploader-uploadid
ADPycduo0FdNUhYu8SktXKGlAuqDj45nKqylzv5GOmD2TKoVob9g1bPCaPP-UQvIvcOW5xa19s5hDPbxDt22n2VoXoDdKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 24 Sep 2024 19:15:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-12.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:50:11 GMT
content-encoding
gzip
via
1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
600
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
E5xzx6vX7OGj3QEuRIjx-0DZGW_04ogFIkF8ca5yNEnOoFl7Ho2gJw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
7cff80ebaaffa66ed5b3cbe45f1477f2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35526
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpklygWRy%2Buwo5dYmUZUV1Y3W%2FuSojtdJgtp%2B%2Bi2QDMWxYja26%2F7GlVCRj4ztgXboMuHiUGkQcgl%2BvsNDUXFSLokYFxiuMMHZBOdbRvb7HprpJmp97b1a00wuKSHjrEKSzQQLyHK40TjdMJQDws%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81076d2bfd78d2c1-CDG
esp.js
cdn.id5-sync.com/api/1.0/
143 KB
32 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WMB9QKN2KPFMJ5WQ
age
512
x-amz-server-side-encryption
AES256
x-amz-id-2
F+SIg67TeS4l3e/FhsB3vCWGoZxYl5t7idKX7ah+dLGKiKmaf6fNJ4kZPQuoZKhrIJeKxTlFGsw=
last-modified
Wed, 27 Sep 2023 09:24:45 GMT
server
cloudflare
etag
W/"dad32e558756cf2e52e60155a9d39f6a"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81076d2c0cbb0251-CDG
expires
Tue, 03 Oct 2023 20:00:10 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/XL0sUJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
81076d2bb865b746-AMS
content-length
0
content-type
application/json
date
Tue, 03 Oct 2023 19:00:10 GMT
debug
OPTIONS block
expires
Wed, 02 Oct 2024 19:00:10 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/
94 B
262 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=gofile.io&url=https://gofile.io/d/XL0sUJ
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295f0379542f17b4b198c46b774090a97f425d034767c62c75b9c730666488b1

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
81076d2c793bb746-AMS
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
81076d2c18d7b746-AMS
content-length
0
content-type
application/json
date
Tue, 03 Oct 2023 19:00:10 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
81076d2c18dcb746-AMS
content-length
0
content-type
application/json
date
Tue, 03 Oct 2023 19:00:10 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/
27 B
82 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
81076d2cc999b746-AMS
rtd
id.hadron.ad.gt/api/v1/
27 B
85 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
81076d2cc997b746-AMS
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp&cc=1
85 B
203 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
902ecdb30208ed1da412e1514afd1b7059f2d4c1228d758618d990ff6b7ae454

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-ZrkPwavXVsulzS0qIkOI1xrBNPk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 03 Oct 2023 19:00:10 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gofile.io
location
/esp?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:42:50 GMT
content-encoding
gzip
via
1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
1041
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6w7vyD-XCqQED8uU4FNVrk3JxnhbnI_c376Z2uPoxyzkMLXo_Wuf7g==
map
bcp.crwdcntrl.net/6/
60 B
330 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ad7b19b2d35a7f05bc64b08e6711486630f32bf715ed3380b11420e2723e22ae

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gofile.io
cache-control
no-cache
x-server
10.45.19.162
access-control-allow-credentials
true
content-length
60
expires
0
cookie_sync
s2s.t13.io/
49 B
275 B
XHR
General
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 google
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
expires
0
auction
s2s.t13.io/openrtb2/
362 B
371 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a6a85a2f4710ebf5d52b83d3bfcd72928876a6185f4217880d550bcf7b2f880b

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.129.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
expires
0
prebid
ads.yieldmo.com/exchange/
0
0

prebid
ib.adnxs.com/ut/v3/
139 B
699 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9c2b3332d76c0c418e67fa402b50524715a1d72d72b08162e8bf6d146b1c034e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
an-x-request-uuid
689d7631-ea80-4b42-9bc9-d5195acd4cce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.33.144.177; 178.33.144.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=96222202136&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/
37 B
542 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9503d62dbc6bbad21608a55f6ab489689c75c9290908e8276a742224f303f20d

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FO2vcFyVJNK8PmT6MhCxehSRlS0o9ItqRx3N1UPql3gtwb2c%2Fm7QZgkwZti7gq6%2B5WJVvtFggYaprc7s3uc4H%2FAnmPWjWpE52maHeMU3BKRoTPbduc09vf%2B9Jg6flz0JfUzpHnX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81076d2cee4bd6aa-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/
0
108 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/
53 B
253 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d5fbcab6b4b103860b15f4aa2437b34aab2c0840896e172bcbc1c12db7897b97

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
increment
id5-sync.com/api/esp/
0
225 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
liveView.php
live.primis.tech/live/ Frame 39FF
6 KB
2 KB
Script
General
Full URL
https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cacdd0274e3294cb3ac00b3567e96b876689c224cbd29fa8d487d37103bfebde

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
ccEEDkAFQwp8NJiw3sl7CCucQOpARoNzGn3XWCMduQOgEWNKAi5JwQ==
pixel;r=977486694;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimit...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=977486694;labels=keywords.file%20sharing%2Ckeywords.file%20storage%2Ckeywords.free%20file%20sharing%2Ckeywords.free%20file%20storage%2Ckeywords.unlimited%20file%20sharing%2Ckeywords.unlimited%20file%20storage%2Ckeywords.secure%20file%20sharing%2Ckeywords.secure%20file%20storage%2Ckeywords.large%20file%20sharing%2Ckeywords.large%20file%20storage%2Ckeywords.video%20file%20sharing%2Ckeywords.image%20file%20sharing%2Ckeywords.audio%20file%20sharing%2Ckeywords.cdn%2Ckeywords.direct%20link%2Ckeywords.file%20hosting%2Ctitle.Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ;uht=2;fpan=1;fpa=P0-627373796-1696359610268;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=gofile.io;dst=1;et=1696359610378;tzo=-120;ogl=title.Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage%2Cdescription.Gofile%20is%20a%20free%252C%20secure%20file%20sharing%20and%20storage%20platform%252E%20With%20unlimited%20bandw%2Cimage.%2Fdist%2Fimg%2Flogo-small-og%252Epng%2Ctype.website;ses=1b435991-af77-4b58-9767-3661e36a224e;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
474
a.ad.gt/api/v1/u/matches/
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf2561d61b108ca978e1e07c722c5777f7a5a79dea73fec566fead46237bc0d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 03 Oct 2023 18:56:06 GMT
server
cloudflare
age
244
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
81076d2ddafdd2f5-CDG
deflate.min.js
live.primis.tech/main/js/ Frame 39FF
13 KB
8 KB
Script
General
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:08 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64db4a50-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
2PURjncV1DwZ_DxwbuNcQidTORpWwejcFrtWG1UXvWdUPx9YXTkbTA==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 39FF
39 KB
20 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
zZQ8dsmYUwSgNGfUae734jQz2oYDJnDPnlnP1msprqOl1FmiE7N3iQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 39FF
64 KB
20 KB
Script
General
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:05 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"64d0ac41-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
OBO3fDNGYOP4416zfT1lP-waysEgn4fyeckywbY85I4ArWCtDWhNJA==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 39FF
19 KB
8 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
npoNGJg-zLcuVhRfX0Fz9Fo3cOJZjoh_5Su4rxUQ9Duu-aEpdePTFA==
expires
Wed, 02 Oct 2024 19:00:09 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 39FF
9 KB
4 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
edrCmi3ZodHQJo3UIY2Dp6GbvbJYmI91DinYzrl3K_mS7I_C9-Sixw==
expires
Wed, 02 Oct 2024 19:00:10 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 39FF
8 KB
3 KB
Script
General
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
UI-sLTuvAAQ7KRmKiHJT3MaNtWOMTlr-gM1domXjnvyCeMk4Xh74fw==
expires
Wed, 02 Oct 2024 19:00:10 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 39FF
258 KB
116 KB
Script
General
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
N46E1H4Lv5xi4BUvFMKrJkk0Tn4ib0C1T7DC6DegP-0Wg5MAJNP5JA==
expires
Wed, 02 Oct 2024 19:00:10 GMT
prebidVid.7.16.0_14.min.js
live.primis.tech/content/prebid/ Frame 39FF
522 KB
261 KB
Script
General
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_14.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2b5044c4b2ce524b85da7e439060c83d923ec02d4982731b0624ecdb7052972a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:09 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Sun, 01 Oct 2023 11:22:14 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"65195666-82615"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
Ycaz0sL6tFFjZerTOqeQWb0-TGKOhZkwcShBOo2XWhVsRdB9xO_ZtQ==
expires
Wed, 02 Oct 2024 19:00:09 GMT
liveVideo.php
live.primis.tech/live/ Frame 39FF
622 KB
247 KB
Script
General
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=116425&cbuster=1696359610&pubUrl=https://gofile.io/d/XL0sUJ&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,1523,1&cbuster=1696359610&pubUrlAuto=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&videoType=sticky&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4493942dfc57d20a7fc1cbab75133c34a00155c0aa37e05df4c01d36407f9ab1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
QYImoNWgH1xaz7_wg8WFRVdsFyacBcYETb5h2eupH14GxH30vV_9ng==
auction
s2s.t13.io/openrtb2/
362 B
341 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b40d2091decb56fd34865db73525dad6da99c3ba157bcc836a3251cc0f6a11d1

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.129.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
273
expires
0
prebid
ib.adnxs.com/ut/v3/
139 B
698 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
408a252c72c1978b2a4362efca1193761c46d0b8d07f8992c7772e4cd0646750
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
an-x-request-uuid
c8b27378-47a7-4aab-bb43-41962cdced9a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.33.144.177; 178.33.144.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
138 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3ed45d41e6f6b3816f4927809abc3709c2811c7faf13511922470a0fd43aa0bc

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
52 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ads.yieldmo.com/exchange/
0
0

cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=90571473156&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/
37 B
306 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebe989ea2d8d96d7b43d6b34dd9b6d3a05acb5c2b67eaa3cf9a911911f1da1b

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Pb2LY%2FBhGNp6oxJsA6nL3fUEhFgmZHaVKMQuHg2Jq30xwNdoFISx35pPXGimmFXoP3L06MWD8WBBQ9njNw3kgd5lbGW0PrGZrqGzl4jSXAJR8nGABg2ioolvIBSmmjDcoImqO29"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81076d2dafb6d6aa-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
ads
securepubads.g.doubleclick.net/gampad/
696 B
376 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269527160457762&correlator=4189421321423893&eid=31077099%2C31077366%2C31078024&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=1&didk=1080524692&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696359610615&lmt=1692817614&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1582518939.1696359611&ga_sid=1696359611&ga_hid=1080315079&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpu6lt68xSABSAghkEhkKCnB1YmNpZC5vcmcY2O-lt68xSABSAghqEhcKCHJ0YmhvdXNlGNnvpbevMUgAUgIIahIUCgVvcGVueBil7qW3rzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGP7wpbevMUgAUgIIag..&dlt=1696359608307&idt=1220&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D84404a59-86e3-4ad4-bde1-6091dfeafe49%26floors_id%3D5cc9b1%26floors_hour%3D19%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3Dtimeout&cust_params=fs_session_id%3Dfbbfe207-2a1c-45f8-b6cd-cb6b966e0501%26fs_pageview_id%3De7f612e5ff5faf16a2990f90e6e37301%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D22%26fs_clientservermask%3D21032223132312300221%26fs_testgroup%3Doptimised&adks=780808840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4461a954ab995f7b05fc08330b2746159e0074256ff47e4ef054276286bfef53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dfb18508a99769c73b2ec9c0cbc2092a7b9d75e010da4ffa5d8086e78fc1a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12236
x-xss-protection
0
container.html
f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C53
0
0
Document
General
Full URL
https://f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:00:10 GMT
expires
Wed, 02 Oct 2024 19:00:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 50BC
0
0
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
378
content-type
text/html
date
Tue, 03 Oct 2023 19:00:10 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
primisslate.css
live.primis.tech/content/video/css/
18 KB
7 KB
Stylesheet
General
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 10:07:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
etag
W/"647db3ea-469b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
F8RhKM8NGSW--NyNs4a3st3szhM6-4LKNJMMQWMX6SKAyW0J8TvsQA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 39FF
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:27:18 GMT
content-encoding
gzip
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 9fce949f3749407c8e6a75087e168b46.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS50-C1
age
1973
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ZFhZdc1XSkyv7HZPIixuqRLJRn2fks7CN0IsIzoBz92rpIEkm9AMnw==
css
fonts.googleapis.com/
2 KB
994 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 18:02:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Oct 2023 19:00:10 GMT
liveView.php
live.primis.tech/live/ Frame 39FF
47 KB
8 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2NlUlRaZcZGViXmVzMzE3NwqyNTxlY2E3ODY3NwYlMmpyMxZ2nWQ2NTFuMDM1MwquYzE1NmAkMDQ3OTt5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STVNnyxmTDNnpFcHVaZYryZgTW1FM05dZGkOVGg5WTJFM09EWTNOnyy5TXcwqzRgoGgOnyV4WVRBrx5USTNZV0cbTyRwq01UQTBOrzf0T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UWXyPREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TzcRM05dVTBNQXA5LzJuME51UFqgnDBeUz5kqmFZRwZ1qWNKX1ycMHZJMVydY0yERFu0M2MkS1EzqzyxX2NioaRyoaRsnWQ9MmY5MDpkOSZ2nWRsY29hqGVhqF9xZXNwPVRbZSgNo3N0K0JSVVRBTCgLnWkfK2yhK0V2ZXJ5K1NuqlgNo3ZcZSZ2nWRsY29hqGVhqF90nXRfZT1UnGUeTW9mqCgCUyVUQUjeS2yfoCgcovgFqzVlrSgTYXpeTW92nWUzqzyxX2NioaRyoaRsZHVlYXRco249NwpmJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeS2FlZ29BZGFjqGVlVXBapzFxZSfyMxYeMSfyMxYeZGVzYXVfqCZjoGF5oGymqEyxPTU3Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZYTDBmVUbzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmAmMmVGMmImMwqEN0I3MmMkMmpmMwM2MmAmODMmMmA3RDqCNDMmNwMkN0Q3QwUmNUEmMwM5NxQ2MTU3Nmt2QmRDNxQ2Qmp2N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmUmMmI0Nwp5NUEmMwM5NDI1QTQ3NDY3NmY0NDp1Nwp5NTY1ODQlNxU2MmZENDY2QwVBNTM0MTp2NDx0NDQ1Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmNmM3MmQmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWEjjp1VKJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00OC44NTtlJzqyo0kiozp9Mv4mMmt3JaVmZXJJpEFxZHI9MwAjMSUmQTQkZDAyM0FxJTNBMmY0ZCUmQSUmQTMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNl4jLwU5MmthMTMlK1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1MwMyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1MWM2NGJuNWYkMGYzY2J1p3Rypw0kNwx2MmU5NwEjNmIlJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b09b4585f9689e0b37e726b4c80efeacdb37b73dcdea0a854a0d84680fbe201f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://gofile.io
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
7521
x-amz-cf-id
Il_IaPPiyrlePrK5MoQRC7Gkl0G3SFZWzMMXZbC4P80iv9L7PmM1Fg==
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
4 KB
853 B
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c548d3005886b2128151da13175f418c55449b6b680a5714329ba251b1bfcc00

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 03:49:54 GMT
via
1.1 eb9d64413a6e94ad0c833eaa78fca8fa.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
SFO5-P1, AMS54-C1
age
59489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 01 Oct 2023 23:46:48 GMT
server
nginx
etag
W/"848d8c5a2d2f51e8c218e359b849c040"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
x-amz-cf-id
OBwuYA26ET9e_SQNjsQ52djKHrxNrNVkzYDP7r0Cu8rwNMbTuIWkMQ==
expires
Wed, 04 Oct 2023 02:28:40 GMT
liveView.php
live.primis.tech/live/
0
421 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY5NwM1OTYkMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE2NDI1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPWqiZzyfZS5colZmqWJJZD1ao2ZcoGUhnW8zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwBLYXJao0FxYXB0ZXJVpGqlYWRyJTIjJTJGJTIjMSUlMCUlRvUlMGRyZzF1oHQznXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMjMxQmMDMmNUYmMwMlN0Q3QwpmMmEmNmMlMmYmMDM4MmMmMDqEN0I0MmM2MmE3RDqCNTM1QTMlMmx2RDYkNTp3ODZDNEM2RDZDNmY3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImNmMlN0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTMmMwQ2Nmx1QTMlMmx0MwVBNDp0Nwp3NwQ0NmU2Nmx1NwU4NDI2RTYmNxQ0NwZCNUE1MmQkNmY0OTQ0NDU2NmRDNmx0MwZCNUE1NmVBNwt2NDU3NmtmMDqEN0I0QmM3MmpmNDM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0E0MWQjJTNBZCUmQTM2NGQyM0EyM0EmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNl4jLwU5MmthMTMlJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTFwNwRvYTVzMTBzJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTYmNTx2MTA3MDxzqWyxPVNyn2yhZG9TUGkurWVlNwUkYmY0YzE3ZGM3MvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWEjjp1VKJzZfo2F0U3RuqHVmPXRlqWUzZWyxp3A9pHJyYzyxJaB4nWQ9ODU2NDM0OTtm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
Uyzz5lI_QG2CTqTsayeujO7lyWJkY4dsKTZykZzIZjOdfNL6992TAA==
vid651a03527aba5701047989.jpg
video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/
12 KB
12 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.jpg?cbuster=1696203618
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
51596641484ac197e33b6cf155119fa8e5e324e4fd28cb2b04d75a33cdec4605

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:37:08 GMT
via
1.1 c858fcd4941dcc58025e22f092b26c28.cloudfront.net (CloudFront), 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, AMS54-C1
age
52617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12077
last-modified
Sun, 01 Oct 2023 23:42:20 GMT
server
nginx
etag
"bd634701f5aa10d7c709dd11b3855398"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
djYZR7UamwJmHnwhgK-nLSKPVPqss1K5hBQ63JvnN9g04CRMPwD-VQ==
expires
Wed, 04 Oct 2023 04:23:13 GMT
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:00:10 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
jload
pixel.adsafeprotected.com/ Frame FD9B
47 KB
12 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931599&pubId=27975&chanId=gofile.io&placementId=116425&pubOrder=FR&custom=desktop&custom2=windows&custom3=chrome
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.159.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-159-118.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06fd4fd10691eb93ea8559a672389863613bde4edf6e7ef3f7949fc0eab646c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
liveView.php
live.primis.tech/live/ Frame 39FF
22 KB
6 KB
XHR
General
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2NlUlRaZcZGViXmVzMzE3NwqyNTxlY2E3ODY3NwYlMmpyMxZ2nWQ2NTFuMDM1MwquYzE1NmAkMDQ3OTt5Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6STVNnyxmTDNnpFcHVaZYryZgTW1FM05dZGkOVGg5WTJFM09EWTNOnyy5TXcwqzRgoGgOnyV4WVRBrx5USTNZV0cbTyRwq01UQTBOrzf0T1M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFMx9UWXyPREEjTURBp0NcQWqJQ0FcWyubq0ydo2qNVFx1TzcRM05dVTBNQXA5LzJuME51UFqgnDBeUz5kqmFZRwZ1qWNKX1ycMHZJMVydY0yERFu0M2MkS1EzqzyxX2NioaRyoaRsnWQ9MmY5MDpkOSZ2nWRsY29hqGVhqF9xZXNwPVRbZSgNo3N0K0JSVVRBTCgLnWkfK2yhK0V2ZXJ5K1NuqlgNo3ZcZSZ2nWRsY29hqGVhqF90nXRfZT1UnGUeTW9mqCgCUyVUQUjeS2yfoCgcovgFqzVlrSgTYXpeTW92nWUzqzyxX2NioaRyoaRsZHVlYXRco249NwpmJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPUFCVCfyMxYeS2FlZ29BZGFjqGVlVXBapzFxZSfyMxYeMSfyMxYeZGVzYXVfqCZjoGF5oGymqEyxPTU3Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRzqiZzyfZS5colUlRzQyMxZYTDBmVUbzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMDJEMmAmMmVGMmImMwqEN0I3MmMkMmpmMwM2MmAmODMmMmA3RDqCNDMmNwMkN0Q3QwUmNUEmMwM5NxQ2MTU3Nmt2QmRDNxQ2Qmp2N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmUmMmI0Nwp5NUEmMwM5NDI1QTQ3NDY3NmY0NDp1Nwp5NTY1ODQlNxU2MmZENDY2QwVBNTM0MTp2NDx0NDQ1Nwp0Qmp5NDI2QwVBNTp1QTY4NwQ1Nmp4MmA3RDqCNEMmNmM3MmQmODqERxVGRSZupHBOYW1yPSZcp0FjpD0jJzFjpEyxPSZxnWFcZD0zYXBjQaVhZGkySWQ9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWEjjp1VKJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00OC44NTtlJzqyo0kiozp9Mv4mMmt3JaVmZXJJpEFxZHI9MwAjMSUmQTQkZDAyM0FxJTNBMmY0ZCUmQSUmQTMzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEkNl4jLwU5MmthMTMlK1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWZlZWVmqGFlLzNioSUlQmE1MwMyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1MWM2NGJuNWYkMGYzY2J1p3Rypw0kNwx2MmU5NwEjNmtmJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5958eb7a304ee9f84e0196a6fc9058eb88c10eeccaf09142fd5b1e98b23b1ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://gofile.io
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
5739
x-amz-cf-id
3VDmlI4NateGUiKqby6YbmE8a5nLRsgDvgFKQdCTbADozEOSlITCmw==
log
qsearch-a.akamaihd.net/
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=4fb7fcaa-0e20-4337-a54a-0ffb93fecc32&cid=&crid=315461417&adunit_count=1&dn=gofile.io&requrl=https://gofile.io/d/XL0sUJ&istop=true&event=client_timeout&value=1&rd=459
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:00:10 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 03 Oct 2023 19:00:10 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:00:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 19:00:10 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 39FF
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-136-109.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 18:49:22 GMT
x-amz-cf-pop
AMS50-C1
age
61527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8HHrPeRKl5xi0zALJ7-yAxVh1Nir7V_lL7gne2826cs0JwhZHdA3gA==
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
415 KB
416 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
951711fd76ae30f467e9afcf747cc1ecad38d5ea9a52a55e3e6608c9d7ff52ce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:23 GMT
via
1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, AMS54-C1
age
139066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
425068
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"eecf24048caf740b39b79e65a41397c4"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
6pqYnxinD11m8Odp6C65DqJbFVhujFWW59BxqBT2kBVYcsQAOc2CqQ==
expires
Mon, 16 Oct 2023 04:22:23 GMT
4231dbc5-e116-48ed-b9ca-3217dd368700
https://gofile.io/
67 KB
0
Other
General
Full URL
blob:https://gofile.io/4231dbc5-e116-48ed-b9ca-3217dd368700
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
vid651a03527aba5701047989.jpg
video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/
12 KB
12 KB
Image
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.jpg?cbuster=1696203618
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
51596641484ac197e33b6cf155119fa8e5e324e4fd28cb2b04d75a33cdec4605

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gofile.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:37:08 GMT
via
1.1 c858fcd4941dcc58025e22f092b26c28.cloudfront.net (CloudFront), 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, AMS54-C1
age
52617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12077
last-modified
Sun, 01 Oct 2023 23:42:20 GMT
server
nginx
etag
"bd634701f5aa10d7c709dd11b3855398"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
-FwVVhSACJshZquqQjrP6YLCctUVUtQd5pf7lBbDhO43UbauT5zeyA==
expires
Wed, 04 Oct 2023 04:23:13 GMT
floors
api.floors.dev/sgw/v1/
180 B
202 B
Fetch
General
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/0b5e10c9e7c126169c3fcbbda27e3a33cbb8d82c/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
eb55fc10c046dcf4cc7eec174f6d41aefa197f30557a6fa5d99f513f94bc7091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
cache-status
uncacheable
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
floors
api.floors.dev/sgw/v1/ Frame
0
0
Preflight
General
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
uncacheable
content-length
0
date
Tue, 03 Oct 2023 19:00:11 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gofile.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
399198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 04:06:52 GMT
log
qsearch-a.akamaihd.net/
35 B
296 B
Image
General
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=fc617426-e19e-4fc9-9837-dfd02dee4dc1&cid=&crid=315461417&adunit_count=1&dn=gofile.io&requrl=https://gofile.io/d/XL0sUJ&istop=true&event=client_timeout&value=1&rd=459
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Oct 2023 19:00:10 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 03 Oct 2023 19:00:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 39FF
358 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125650
x-xss-protection
0
expires
Tue, 03 Oct 2023 19:00:11 GMT
syncframe
gum.criteo.com/ Frame D327
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gofile.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:00:10 GMT
server
Kestrel
server-processing-duration-in-ticks
235801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:00:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD1A
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
13466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 15:15:44 GMT
expires
Wed, 02 Oct 2024 15:15:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6578
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tvHnckYnkU5MswSmzHxdAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tvHnckYnkU5MswSmzHxdAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 19:00:11 GMT
expires
Tue, 03 Oct 2023 19:00:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.19.8.439.js
static.adsafeprotected.com/ Frame FD9B
207 KB
65 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=27975&chanId=gofile.io&placementId=116425&pubOrder=FR&custom=desktop&custom2=windows&custom3=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
4771034
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
h_GOgr8SFhOI2vKXg3KbKTlbMG0YI4kRYQgVFFQ-yxYsz8HhtvHH1A==
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
382 KB
383 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2906e28b5b6fd416752e4323a3629044426bc3fa4fa026cb24389decbc541bd1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:25 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, AMS54-C1
age
139066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
390852
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"49715b1ee837348ec140cb500cdb8bf5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
U1eKVasuiHHMonE0NWipReAxl5eePZ1EqrtSbad98MSjihZPjh0QPQ==
expires
Mon, 16 Oct 2023 04:22:25 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame DECC
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 a43889f6531338b6dd9d3a4339de949a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
3149583
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cfcQvPjl7UVMklTufSlG9uuoW8csUqRgUwwlJhiaiKiNTC1PDN8Erg==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931599&pubId=27975&chanId=gofile.io&placementId=116425&pubOrder=FR&custom=desktop&custom2=windows&custom3=chrome&adsafe_url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&adsafe_type=abdq&adsafe_jsinfo=,id:2e6c8d4d-5be9-01e5-06d4-37388c22aa21,c:q0QGLI,sl:inView,em:false,fr:true,thd:1,mn:jsserver-primary-797d947f74-kmspm,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:85,mot:0,app:0,maw:0,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:VIDEO.qs,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:123,oid:13afa40f-621f-11ee-b5bb-e2860af502df,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.159.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-159-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
server
nginx
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QGMh,pingTime:0,time:157,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:158,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B70~100%5D,as:%5B70~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QGOQ,pingTime:-2,time:316,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:236,beZ:237,mfA:321,cmA:322,inA:323,inZ:327,prA:327,prZ:347,si:359,poA:359,poZ:377,cmZ:377,mfZ:377,loA:471,loZ:477,ltA:552,ltZ:552,mdA:238,mdZ:299%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:316,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~100%5D,as:%5B236~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,slid:%5BVideo-iFrame-SekindoSPlayer651c64ba7dc72,Video-Div-SekindoSPlayer651c64ba7dc72,Player-Div-SekindoSPlayer651c64ba7dc72,primis_playerSekindoSPlayer651c64ba7dc72,primis_container_div,primisPlayerContainerDiv%5D,sinceFw:192,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame 30ED
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
503297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 39FF
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 19:00:11 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F815
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 18:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 03 Oct 2023 19:12:40 GMT
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
268 KB
269 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ee8dfad2671e28672cec3d9d09822865d3f7bac270427d814c1683ae7e0f5ec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:25 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, AMS54-C1
age
139066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
274292
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"89dee32f6ce9bae6c51080bebefe908d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
rLlpwd9HpkwwfnXAjzUcp-C2WmdECJGEicHR1EIN4Ul-HJG2ZFcn4w==
expires
Mon, 16 Oct 2023 04:22:25 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QGUh,pingTime:-10,time:653,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xMzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696359611624%7C%7C69f00bb609d3837efb58518a5d0c21e5%7C%7C5bead3a06085d6babcc8a1cb991283be%7C%7C7d8f67159c3f1aa427dd30cb30b2075b%7C%7C8893b341a18e7c6c5d733626a3c14ab9%7C%7Ce2555a550e0f0ef387e8ff52b4a87f9f%7C%7C87f9129c235f156b7724287bb9e51abf%7C%7Cd8cb6fb49685dd4b8e2891389c6ecd19%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:00:11 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
429 KB
430 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a927036ae4571dbfb0b04a148832e5dfece646e3b6bcc6894a202c0ec9c6161e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:26 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1, AMS54-C1
age
139065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
439168
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"7021d11485511021f992f75fcb3ced7f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
vWQguxS8N2n2kuZUc11t-KOGdXuYzASLIJavXc2rEGAYNgpewP7k6w==
expires
Mon, 16 Oct 2023 04:22:26 GMT
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
81076d35adceb746-AMS
content-length
0
content-type
application/json
date
Tue, 03 Oct 2023 19:00:11 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/
27 B
82 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
81076d366eb5b746-AMS
auction
s2s.t13.io/openrtb2/
362 B
292 B
XHR
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
8138a517f38926770874ea31ee902ff8834da6a67bda6aee8f75c435e79cfbc7

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.129.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
expires
0
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
152 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.151.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-151-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.48.0&cb=31125730510
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/
53 B
94 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4ae678bfb75029c50123e039cdeedde0f3ddd56d40f66cc5d8b7d7145be0d156

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 03 Oct 2023 19:00:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ads.yieldmo.com/exchange/
0
220 B
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22gofileio_adhesion%22%2C%22callback_id%22%3A%2299555808abb36e3%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22tid%22%3A%22557c1be7-f361-41b4-a078-7d874cda8484%22%2C%22auctionId%22%3A%221d39a8d8-18d0-4246-9235-c54fcd4a8a1d%22%7D%5D&page_url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&bust=1696359611854&dnt=false&description=Gofile%20is%20a%20free%2C%20secure%20file%20sharing%20and%20storage%20platform.%20With%20unlimited%20bandwidth%20and%20storage%2C%20you%20can%20easily%20store%20and%20share%20files%20of%20any%20type%20without%20any%20limits.%20Our%20advanced%20features%2C%20such%20as%20CDN%20support%20and%20password%20protection%2C%20make%20Gofile%20the%20ideal%20choice%20for%20individuals%20and%20businesses%20alike.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage&w=1600&h=1200&pubcid=5956087a-af16-4188-88d9-fafb01f96b1f&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225956087a-af16-4188-88d9-fafb01f96b1f%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.149.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-149-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/
38 B
515 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2931ff09d44adfb2d65854a9f85ea73141e84bdb71bc218670b46b8e9f95a2

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUEzYbcZhaHLmH%2B6cnUOFDzrpaWTWfBpSWez9kFcU24ebKyDOyGiqd74NEYUkGEp3DDncPs3Czz%2BV7nKPJthFBiQ6UqfZzPIoEIl2eKoYB6L5jmBGXkuie1uIuPEZ2Z1TvR5ozEa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81076d363ff60257-CDG
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
translator
hbopenbid.pubmatic.com/
0
52 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
140 B
699 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ba4f50bb2181c9c86d00cb1f0887621917c06ead8ab48b5ea0747ba57d63731c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:11 GMT
an-x-request-uuid
188612f8-e78a-45a7-9766-407e93a3fa60
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.33.144.177; 178.33.144.177; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
382 B
171 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269527160457762&correlator=4189421321423893&eid=31077099%2C31077366%2C31078024&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=2&didk=1080524692&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D7bcc6acb3f094ad0%3AT%3D1696359610%3ART%3D1696359610%3AS%3DALNI_MY6MOcjQc5g_qOASx_C2wY8v55eAw&gpic=UID%3D00000c8baf667356%3AT%3D1696359610%3ART%3D1696359610%3AS%3DALNI_MZVQUt6l2_hGitplxqaODFX4bvJEA&abxe=1&dt=1696359611971&lmt=1692817614&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1582518939.1696359611&ga_sid=1696359611&ga_hid=1080315079&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpu6lt68xSABSAghkEhkKCnB1YmNpZC5vcmcY2O-lt68xSABSAghqEhcKCHJ0YmhvdXNlGNnvpbevMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lkRE4yWTBSRWRWSlVTM0UwYWxSdGVWbFdhMjlwZHowOUluMD0YrfKlt68xSAASGwoMaWQ1LXN5bmMuY29tGP7wpbevMUgAUgIIag..&dlt=1696359608307&idt=1220&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D04041278-6e42-41af-9eb2-9498a154c708%26floors_id%3D5cc9b1%26floors_hour%3D19%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&cust_params=fs_session_id%3Dfbbfe207-2a1c-45f8-b6cd-cb6b966e0501%26fs_pageview_id%3De7f612e5ff5faf16a2990f90e6e37301%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D22%26fs_clientservermask%3D21032223132312300221%26fs_testgroup%3Doptimised&adks=780808840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
989015929246742b19743ba75eb57ab37d688d652a824abd5614007374684dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/
0
187 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://gofile.io
date
Tue, 03 Oct 2023 19:00:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/
382 B
169 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269527160457762&correlator=4189421321423893&eid=31077099%2C31077366%2C31078024&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=15184186%3A22435964612%2Cgofileio_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=3&didk=1080524692&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D7bcc6acb3f094ad0%3AT%3D1696359610%3ART%3D1696359610%3AS%3DALNI_MY6MOcjQc5g_qOASx_C2wY8v55eAw&gpic=UID%3D00000c8baf667356%3AT%3D1696359610%3ART%3D1696359610%3AS%3DALNI_MZVQUt6l2_hGitplxqaODFX4bvJEA&abxe=1&dt=1696359612033&lmt=1692817614&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1582518939.1696359611&ga_sid=1696359611&ga_hid=1080315079&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYpu6lt68xSABSAghkEhkKCnB1YmNpZC5vcmcY2O-lt68xSABSAghqEhcKCHJ0YmhvdXNlGNnvpbevMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lkRE4yWTBSRWRWSlVTM0UwYWxSdGVWbFdhMjlwZHowOUluMD0YrfKlt68xSAASGwoMaWQ1LXN5bmMuY29tGP7wpbevMUgAUgIIag..&dlt=1696359608307&idt=1220&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D04041278-6e42-41af-9eb2-9498a154c708%26floors_id%3Dd351e2%26floors_hour%3D19%26fs_placementName%3Dgofileio_adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0&cust_params=fs_session_id%3Dfbbfe207-2a1c-45f8-b6cd-cb6b966e0501%26fs_pageview_id%3De7f612e5ff5faf16a2990f90e6e37301%26user-agent%3DChrome%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D22%26fs_clientservermask%3D21032223132312300221%26fs_testgroup%3Doptimised&adks=780808840&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce2042db53f9bb5f5d0c610a0f6b555fdcc5102017fa1aba1560745970edfb72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gofile.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
403 KB
404 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7c1e2d47f1c1d55eedc2d4faa2e41a83705823acffb1c4a39415e3a55db377fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:27 GMT
via
1.1 e471f2247ab9c1a6073482836b02180a.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C4, AMS54-C1
age
139065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
412472
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"ee2ec75c7567af36fe243a6f5e2ee8c8"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
-N9_PVeOMWOE08lKBSKI2eSprRKgKzvLjQLpUZ5IgxLMCoyZW3nsQw==
expires
Mon, 16 Oct 2023 04:22:27 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QH2r,pingTime:1,time:1159,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1159,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1072~100%5D,as:%5B1072~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:261,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:12 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QH2s,pingTime:1,time:1160,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1160,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1072~100%5D,as:%5B1072~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:261,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:12 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QH2s,pingTime:1,time:1160,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1160,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1075~100%5D,as:%5B1075~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:261,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:12 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/
479 KB
480 KB
XHR
General
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/29267/video_5f2a767e592ca786766237/vid651a03527aba5701047989.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:9600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ee76af6aa2310ef046d746c72acec2c6e1f38bb190aec8b7f787fa5d5a3758cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 04:22:27 GMT
via
1.1 36558cb00b679b60f8b6b32e03075a28.cloudfront.net (CloudFront), 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-P1, AMS54-C1
age
139065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
490868
last-modified
Sun, 01 Oct 2023 23:46:50 GMT
server
nginx
etag
"6573202e5cf4583706a6fd437d8975e0"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
HlnbxoomXn9FfmQ2A6lkb4cJVoqWLLHCzNKPKsojhyuqX-pNcROYjA==
expires
Mon, 16 Oct 2023 04:22:27 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=1269527160457762&bg=!z8ylzIPNAAYEJRtnJCU7ADQBe5WfOGM3WalYQczJtcEryN7AlEZeBOrz4xYij4Tvw-eHLEzvGfv9Ox7l1U0pAaamSLS3AgAAAgVSAAAAGGgBBwoAlEw0Er4oNMJZN5LNE1mm1Sy2VvoKBgpr9otF1u-f2YncSnw2Nvl_ZkHDyQnI7e_wcU7dtsiZ4eviNJiYJmpdpyHLt3R7pdB95aiXmHanCACpgel_JXtqYk87PR8nJZFbDI9ZJvbBlYrLTXeDlVRNij62IUpkwhS8QOF1xr_E0AKe7cLDWVRUm492X2uNMzjcDiDiReCZAvjemKY8RoONW8zurRK2CLJEIlqa-jOxKoUbBzRRZk7hRcIi712kAri2o-0Yhy26eqtAO3kUP5VG7vu6HQzpcy_uZhQnYpr5MUnNhwxMitUkmUqgWV5azsYnUB6jEyh7-vXs0k0JtDOC_NF2yYmY1Hins-xUb5pn5P327OwDkMhBX_dc9TOuGf8EEYuPVyCP8xRcCyE6FM1-OQwfARuAD9neN59_Vs230iII1hgvwofBZ9_WEyBbYUZyKjIBXt-0hddcW8ftEXwyIiCfdHR4mUpXUd8PsRr6YwQUOZ52uuLfMwBYYJ-gekawC2YpHktRcpwJKS6CnxI52RGOvCnNyPc2EH-QPn8hilQcRW94IG0F0T8oSQW4Xpnm141W4zOIURmv9NuaBBVF3mr3chRLNP3p2tzoMzy_xs7YmikHVLock22aaabEmrmdX7ty5xDc5Z6RK2WvttkfLMJszn9AXmVG2u_U0qGca3ZAgox_G9MlXwMLr3mRr2eFgoOvvQiZh2pXd5rFkRdJXsfFneUJyiU4AwtA58GE9_g7TRplhk9w8ub8RYB1EPGMVA9LlYBezo4oR8kDOBYu56kFkM925rp2fqLpNmeU9itp9pdZpVBjGbbRhf7YdLWoi_VPezoWlyghmzTjS8yqJwf8y1JhEJwT75dhuzIOqPTVT1YGqcVwn48Hf_IVSTACG9ZVwA_-Q82yfepkwstiXRfwVT8s2u_Ul53ihO1Ccd3OSRX3hmS1k_vTyuWCXiaLWuhci72ffb1ll7iLANcmAn9eB9tsj0jAnzx6Wf6yyuyeYplHaHaMesdbhx6Qh-Q1y6oiRZd-M9ImGOe5RJV6HuQPUxxY_GcLFGhhTJeuslc28B3jo1VUIIkoDB2ZfE7de4367QpbIE-BL2Eb9CDhdqqiZK1dGeC-X7yN3SDwFHGoqmnD9WEvvQmm8UYIfVYVDJEvn0RYEvh5j4uh0KuV0QDe-9ZHr2-oYuDUMoRe4qutdotAJ3WpDWPKgXAsxcOV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:12 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:00:12 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
liveView.php
live.primis.tech/live/
0
420 B
Image
General
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY5NwM1OTYkMCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE2NDI1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPWqiZzyfZS5colZmqWJJZD1ao2ZcoGUhnW8zZGVvqWqJozZipz1uqGyiow1BQyQyMwAyMxYyMwBLYXJao0FxYXB0ZXJVpGqlYWRyJTIjJTJGJTIjMSUlMCUlRvUlMGRyZzF1oHQznXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTIjMDEyM0E0MWQjJTNBZCUmQTM2NGQyM0EyM0EmJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEkNl4jLwU5MmthMTMlJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTFwNwRvYTVzMTBzJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2OTYmNTx2MTI3ODQzqWyxPVNyn2yhZG9TUGkurWVlNwUkYmY0YzE3ZGM3MvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZao2ZcoGUhnW8yMxZxJTJGWEjjp1VKJzZfo2F0U3RuqHVmPXRlqWUzZWyxp3A9pHJyYzyxJaB4nWQ9MwAmMTEkMDE5MQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:12 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
ICBbqozNB8QbVCL0m2swup6ibTD34AWiU6s-nE2FOUyT_UaJqlI7fQ==
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QHiz,pingTime:2,time:2159,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2159,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2071~100%5D,as:%5B2071~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:188,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:13 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:00:13 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:13 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sync
eb2.3lift.com/ Frame EC13
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 03 Oct 2023 19:00:13 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame C506
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32693
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 03 Oct 2023 19:00:13 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
186, 152984
X-Served-By
cache-lga13626-LGA, cache-lcy-eglc8600026-LCY
X-Timer
S1696359614.853100,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 44F8
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
28
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81076d429a99d65a-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Oct 2023 19:00:13 GMT
expires
Tue, 03 Oct 2023 23:00:13 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame B9B9
0
0
Document
General
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.149.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-149-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

date
Tue, 03 Oct 2023 19:00:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4680
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122748
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 03 Oct 2023 19:00:13 GMT
expires
Thu, 05 Oct 2023 05:06:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
freestar-d.openx.net/w/1.0/ Frame 04A8
0
0
Document
General
Full URL
https://freestar-d.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
476
content-type
text/html
date
Tue, 03 Oct 2023 19:00:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
x.bidswitch.net/
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.203.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-203-109.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:00:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QHyJ,pingTime:3,time:3161,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3161,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3073~100%5D,as:%5B3073~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:172,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:14 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Oct 2023 19:00:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.4/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 03 Oct 2023 19:00:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QHOP,pingTime:4,time:4159,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4159,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4071~100%5D,as:%5B4071~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:179,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:15 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
liveMatching.php
live.primis.tech/live/ Frame 39FF
0
460 B
XHR
General
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31302D30335F32327D7B7331373236303833307D7B4336317D7B535A32396D6157786C4C6D6C767D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B7251554A5549433867533246795A3239425A474677644756795658426E636D466B5A534176494445674C79426B5A575A68645778307D7B4C373734387DFEFE&userIpAddr=2001%3A41d0%3Ad%3A364d%3A%3A3&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.132+Safari%2F537.36&debugInformation=ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&isWePassGdpr=0&schain=1.0%2C1%21freestar.com%2C1523%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1696359610&csuuid=651c64ba5f10f&debugInfo=17260830_ABT+%2F+KargoAdapterUpgrade+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17260830&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=48.8582&geoLong=2.3387&vpTemplate=7748&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=&appName=&appBundleId=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:15 GMT
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
sTRx3r85N3lpyorIWFPXKbWqFuAzS5PqkbP4MkjvV1GldSXz4C_ABw==
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=2e6c8d4d-5be9-01e5-06d4-37388c22aa21&tv=%7Bc:q0QI4X,pingTime:5,time:5159,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:400,h:225,t:122%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5159,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:1190.870.400.225,am:a,cc:1190.870.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5071~100%5D,as:%5B5071~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:171,fm:tREs3cE+1*.931599%7C11%7C12%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:123,sis:327%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c585:58fe:1922:38a7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Oct 2023 19:00:16 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22gofileio_adhesion%22%2C%22callback_id%22%3A%2210c234d052034bc%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22tid%22%3A%22592713d6-e06f-4d40-adeb-b64b35880e02%22%2C%22auctionId%22%3A%224fb7fcaa-0e20-4337-a54a-0ffb93fecc32%22%7D%5D&page_url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&bust=1696359610296&dnt=false&description=Gofile%20is%20a%20free%2C%20secure%20file%20sharing%20and%20storage%20platform.%20With%20unlimited%20bandwidth%20and%20storage%2C%20you%20can%20easily%20store%20and%20share%20files%20of%20any%20type%20without%20any%20limits.%20Our%20advanced%20features%2C%20such%20as%20CDN%20support%20and%20password%20protection%2C%20make%20Gofile%20the%20ideal%20choice%20for%20individuals%20and%20businesses%20alike.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage&w=1600&h=1200&pubcid=5956087a-af16-4188-88d9-fafb01f96b1f&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225956087a-af16-4188-88d9-fafb01f96b1f%22%2C%22atype%22%3A1%7D%5D%7D%5D
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.48.0&p=%5B%7B%22placement_id%22%3A%22gofileio_adhesion%22%2C%22callback_id%22%3A%22678501119e023f7%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%22%2C%22tid%22%3A%22bd3caf53-c696-40eb-8b46-33bdccd1a65c%22%2C%22auctionId%22%3A%22fc617426-e19e-4fc9-9837-dfd02dee4dc1%22%7D%5D&page_url=https%3A%2F%2Fgofile.io%2Fd%2FXL0sUJ&bust=1696359610485&dnt=false&description=Gofile%20is%20a%20free%2C%20secure%20file%20sharing%20and%20storage%20platform.%20With%20unlimited%20bandwidth%20and%20storage%2C%20you%20can%20easily%20store%20and%20share%20files%20of%20any%20type%20without%20any%20limits.%20Our%20advanced%20features%2C%20such%20as%20CDN%20support%20and%20password%20protection%2C%20make%20Gofile%20the%20ideal%20choice%20for%20individuals%20and%20businesses%20alike.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage&w=1600&h=1200&pubcid=5956087a-af16-4188-88d9-fafb01f96b1f&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225956087a-af16-4188-88d9-fafb01f96b1f%22%2C%22atype%22%3A1%7D%5D%7D%5D

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture number| uidEvent object| bootstrap function| sha256 function| sha224 function| QRCode function| dayjs function| dayjs_plugin_customParseFormat function| marked function| Plyr function| Chart object| accountsObject string| accountActive string| apiServer string| contentsDir string| entryPage object| urlSplit number| sidebarCollapseLevel undefined| modal object| mainFolderObject object| pressedKeys number| random string| referrer object| uploadQueue object| contentsSelected object| lastContentSelected string| currencySelected number| premiumPriceSelected boolean| freestarScriptLoaded boolean| videoScriptLoaded boolean| googleScriptLoaded boolean| pubfutureScriptLoaded boolean| applixirScriptLoaded object| countriesArray function| fade function| sleep function| uuidv4 function| humanFileSize function| toHHMMSS function| validateEmail function| validateName function| validatePasswd function| validateTags function| sidebarCollapse function| setAccountActive function| selectAccountActive function| myFetch function| loadContent object| modalTemplate function| createModal function| createToast function| processURL function| checkAccountAndUpdateInfo function| createGuestAccount function| buildSidebarAccountList function| logout function| startup function| addFilesToUploadQueue function| processUploadQueue function| uploadFile function| createUploadDiv function| deleteContent function| popupBeforeCopyContent function| copyContent function| downloadBulkContents function| loadTableFromFolderResult function| addContentIdToTable function| playFile function| closeFile function| showInfos function| showSettings function| showShare function| adStatusCallback function| launchAppLixirAd function| afterPageFilesLoad function| afterPageProfileLoad function| afterPageApiLoad function| afterPagePremiumLoad function| afterPageContactLoad function| afterPageTestLoad boolean| adReady object| freestar object| blockies object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag function| plausible function| admiral object| googletag object| regeneratorRuntime object| fsdata object| fsprebid function| 4dm1r11545242527 function| load_script object| confiant object| fsprebidChunk object| _pbjsGlobals object| mnet object| ggeac object| google_tag_data object| google_js_reporting_queue object| __bt_tag_d object| __bt_intrnl object| __bt object| __bt_tag_am undefined| google_measure_js_timing boolean| __bt_already_invoked function| _hadron boolean| sekindoFlowingPlayerOn object| _qevents object| hadron boolean| __halo_loaded__ object| ox_esp function| quantserve function| __qc object| ezt object| _qoptions function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| Criteo object| pbjs function| setImmediate function| clearImmediate object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent192 object| au number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 number| google_global_correlator object| closure_lm_933745 object| google_image_requests

73 Cookies

Domain/Path Name / Value
.gofile.io/ Name: accountToken
Value: afp0liVZbiOCfXWXU8GoTIYb3b8YoyKq
.pub.network/ Name: _fsuid
Value: 46a2a911-8f67-439f-96e0-a2d9a06f12a0
.gofile.io/ Name: _awl
Value: 2.1696359609.5-318af0d9ffce94a8bff1968c3fcfbcdd-6763652d6575726f70652d7765737431-0
gofile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gofile.io/ Name: cookie
Value: 5956087a-af16-4188-88d9-fafb01f96b1f
.quantserve.com/ Name: mc
Value: 651c64ba-60e98-7303b-6ee6f
.gofile.io/ Name: __qca
Value: P0-627373796-1696359610268
.openx.net/ Name: i
Value: b77bdc0c-3b91-4caa-b88d-39b26159288b|1696359610
.gofile.io/ Name: __gads
Value: ID=7bcc6acb3f094ad0:T=1696359610:RT=1696359610:S=ALNI_MY6MOcjQc5g_qOASx_C2wY8v55eAw
.gofile.io/ Name: __gpi
Value: UID=00000c8baf667356:T=1696359610:RT=1696359610:S=ALNI_MZVQUt6l2_hGitplxqaODFX4bvJEA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4062713986359790693
.criteo.com/ Name: uid
Value: 09f01278-2657-4f93-ab7b-a1541a48d323
.gofile.io/ Name: cto_bundle
Value: diS0d19lTVpaNGxqSE5CWEtpNUlrOWtCT0Z6dnNHNEhCdElaUTVMQVNoOHVrRFNCJTJCM2pIdmJpa3h1MklkcHJJYWtYZ202S1JGbGVxREFhSnElMkZlSEp6SW1EcGg4YTlTbFNLSEZJeUhQbEhES2FRd1hTQkhZdjNGM2gyZmQ0bmtvelRJSWZrNzdmS3FJSkFlUnBDc0tMTmw5OU5RJTNEJTNE
.doubleclick.net/ Name: IDE
Value: AHWqTUlBaqAhDu-fdFWe6sSXp2TbfExsoaRaCciJjZyZx8KsYayVHjrnUXGIYivL9K8
.openx.net/ Name: pd
Value: v2|1696359610.3|iyvQvNgun0.j8vSgqwksLiSmOgesfns
.creativecdn.com/ Name: u
Value: COPVJQusBUdBw0DBQ6rj
.creativecdn.com/ Name: ts
Value: 1696359613
.blismedia.com/ Name: b
Value: 651C64BDF7AC53319DBE7741BLIS
.casalemedia.com/ Name: CMID
Value: ZRxkvS6p7JO5M677kA8lowAA
.casalemedia.com/ Name: CMPS
Value: 3362
.casalemedia.com/ Name: CMPRO
Value: 3362
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc1sjQxMzcxMBXiM9R19iuojEjNdXHJ8tIFAGLFbrQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mjc1sjQxMzcxMBXiM9R19iuojEjNdXHJ8tIFAGLFbrQlAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C694C973-2E9C-48BC-9911-1D3190F2022C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156696:2
.pubmatic.com/ Name: DPSync3
Value: 1697500800%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1697500800%3A22_13_56_54_8_3_71_233_238_264_21_81_176_254_220_214_46_161_251_165_234_166_249_55%7C1696896000%3A2_223_15%7C1697155200%3A63%7C1697587200%3A35%7C1698883200%3A203
.bidswitch.net/ Name: tuuid
Value: 7b065c90-6534-4ce1-a62a-a7017f07900a
.bidswitch.net/ Name: c
Value: 1696359614
.bidswitch.net/ Name: tuuid_lu
Value: 1696359614
.yahoo.com/ Name: A3
Value: d=AQABBL1kHGUCEJJrFbr3eGfEA5ZN4Z_61rkFEgEBAQG2HWUmZQAAAAAA_eMAAA&S=AQAAAs4Lpeiv74iKb-tpwc-Z6HQ
.quantserve.com/ Name: d
Value: EP8BEQGMKvijCJiTAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlmbGppZmhiYGywC4lvbGluBgALWSs6IAAAAA
.bidr.io/ Name: bito
Value: AABRoE7KOMkAABieMLziSw
.bidr.io/ Name: bitoIsSecure
Value: ok
.adfarm1.adition.com/ Name: UserID1
Value: 7285809064387410071
.ctnsnet.com/ Name: cid_f9b9a889752749e6ab518626c2ffaabc
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 88fbf04d-3c83-4f5e-a5d5-db32378c4b28
.weborama.fr/ Name: AFFICHE_W
Value: XzkpMBoPRVdf18
.adx.opera.com/ Name: UID
Value: OPU3471ef34816745238982f2cb6ec0a176
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7285809064387410071&KRTB&23369-7285809064387410071
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4062713986359790693&KRTB&23263-4062713986359790693&KRTB&23481-4062713986359790693
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-BcInjQXDdI8ewSaLCs872QDHJYwewXOLBZH9JyV-&KRTB&19420-BcInjQXDdI8ewSaLCs872QDHJYwewXOLBZH9JyV-&KRTB&22979-BcInjQXDdI8ewSaLCs872QDHJYwewXOLBZH9JyV-&KRTB&23403-BcInjQXDdI8ewSaLCs872QDHJYwewXOLBZH9JyV-
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084927529467405
.turn.com/ Name: uid
Value: 3422714328059140754
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU3471ef34816745238982f2cb6ec0a176&KRTB&23485-OPU3471ef34816745238982f2cb6ec0a176&KRTB&23524-OPU3471ef34816745238982f2cb6ec0a176
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_20331346-8b76-4831-a407-f1053ba0cf84
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3422714328059140754&KRTB&23150-3422714328059140754&KRTB&23527-3422714328059140754
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7b065c90-6534-4ce1-a62a-a7017f07900a
.smartadserver.com/ Name: pid
Value: 7113528546439746608
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABRoE7KOMkAABieMLziSw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: fd2616f16d0cf095
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABRoE7KOMkAABieMLziSw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ab61e8f-e985-5343-671f-951f91c8eb22.sddgbYSf9l4ky27I%2FiDpjC7LeaKH7B032LGktSIRnds
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4ab61e8f-e985-5343-671f-951f91c8eb22.sddgbYSf9l4ky27I%2FiDpjC7LeaKH7B032LGktSIRnds
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASrYej-mFU0NnH5UfkcjrIrIhkLE.nK5cUhahPe65OdNgFG1fWY56C7B5Xno%2BSSv9gYDyYZ8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASrYej-mFU0NnH5UfkcjrIrIhkLE.nK5cUhahPe65OdNgFG1fWY56C7B5Xno%2BSSv9gYDyYZ8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAD5pIf7EnasBloA6PjLKicQ9klSyvr-7_8b_9gSkD2yEGcYBCC-yfGoBjABOgSt5FouQgS5WC7D.q4SPC6Lj39GLayxe0fUlUQuDSDGBqzWtOoSHx%2FBYfiw
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAD5pIf7EnasBloA6PjLKicQ9klSyvr-7_8b_9gSkD2yEGcYBCC-yfGoBjABOgSt5FouQgS5WC7D.q4SPC6Lj39GLayxe0fUlUQuDSDGBqzWtOoSHx%2FBYfiw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-SrYej-mFU0NnH5UfkcjrIrIhkLE&KRTB&23334-SrYej-mFU0NnH5UfkcjrIrIhkLE&KRTB&23417-SrYej-mFU0NnH5UfkcjrIrIhkLE&KRTB&23426-SrYej-mFU0NnH5UfkcjrIrIhkLE
.pubmatic.com/ Name: PugT
Value: 1696359613
.audrte.com/ Name: arcki2
Value: fagEQ4IaIPOT1uxrCFK5Li3FA!20220908!1696359614370!ip#178.33.144.177
.audrte.com/ Name: arcki2_pubmatic
Value: C694C973-2E9C-48BC-9911-1D3190F2022C!20220908!1696359614375
.tribalfusion.com/ Name: ANON_ID
Value: axntuJsKBRhFmDqU69u8RiDVWXZdZaAZbyJFOEepSSUUSIUQU3h710TBVT4nlbpVvZav1ks7m9l9o35bZcvmGt5kPsq99
.amazon-adsystem.com/ Name: ad-id
Value: A4i-mEpOy0WirtdUhfnnkjI
.audrte.com/ Name: arcki2_ddp2
Value: fagEQ4IaIPOT1uxrCFK5Li3FA!20220908!1696359614522
.simpli.fi/ Name: suid
Value: 8835AC64F4D64B11B138569440893032
.audrte.com/ Name: arcki2_adform
Value: 4062713986359790693!20220908!1696359614662
.pubmatic.com/ Name: SPugT
Value: 1696359614

2 Console Messages

Source Level URL
Text
network error URL: https://s2s.t13.io/cookie_sync
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.a-ads.com
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
api.btloader.com
api.floors.dev
api.gofile.io
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
d.pub.network
dt.adsafeprotected.com
eb2.3lift.com
f57f917fed53f3b00f58bede01cd229f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fronttoad.com
gofile.io
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
js-sec.indexww.com
live.primis.tech
match.adsrvr.org
oa.openxcdn.net
oajs.openx.net
optimise.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.quantserve.com
plausible.gofile.io
qsearch-a.akamaihd.net
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
s2s.t13.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
store2.gofile.io
tags.crwdcntrl.net
tpc.googlesyndication.com
video.primis.tech
www.google.com
x.bidswitch.net
ads.yieldmo.com
104.18.26.193
13.248.245.213
130.211.23.194
148.251.194.214
149.202.85.166
151.101.193.108
151.80.29.83
162.19.138.83
172.217.18.6
18.239.18.12
185.64.189.112
23.216.77.36
23.35.236.201
2600:1901:0:7ec2::1
2600:1f13:800:7781:c585:58fe:1922:38a7
2600:9000:20ab:2a00:6:44e3:f8c0:93a1
2600:9000:20ab:7000:8:48e:53c0:93a1
2600:9000:21c7:9600:1:6448:6d00:93a1
2600:9000:2251:9e00:1a:5235:f980:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:35ad
2606:4700:10::6816:545
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::ac43:4acf
2606:4700:4400::ac40:90a6
2606:4700::6810:5714
2606:4700::6812:14ce
2606:4700::6812:1912
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
3.121.203.109
3.248.149.248
3.33.220.150
31.14.70.242
34.102.146.192
34.107.140.113
34.111.152.239
34.120.107.143
34.160.128.112
34.160.152.31
34.96.70.87
35.227.252.103
35.244.159.8
37.252.171.149
52.222.136.109
52.31.175.73
52.51.159.118
52.57.151.220
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04a39d864d92f3a887cb55c4b924412cc62ae1384e3cdafc25a95ed5f0e12870
04addf3352da7768f8de5f2eeac7c452e8f2e95ac6ecc8c6fcbb0dd160a4fcf2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fd4fd10691eb93ea8559a672389863613bde4edf6e7ef3f7949fc0eab646c3
076f49c5c4285d33d4367cd4e943aafd74cb2a8faba78eebcdec26c95322bb5d
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
1034623c97bec92060a8b907014a03358bb2c4e0f3407797929c6efc1a2b2181
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1e1c2cb072d2ece71e25868b32ccf673361860a0637c146a893d6118a343a25b
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
234331d5b2d0b6ea834baac45940f32b5d7c0ea5f09a7d28de3c1f8fbdd843c3
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2906e28b5b6fd416752e4323a3629044426bc3fa4fa026cb24389decbc541bd1
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
295f0379542f17b4b198c46b774090a97f425d034767c62c75b9c730666488b1
2b5044c4b2ce524b85da7e439060c83d923ec02d4982731b0624ecdb7052972a
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
39c27218199463e253face5d72badeb9eea9518494cb03c5ac77216a28564df2
3ed45d41e6f6b3816f4927809abc3709c2811c7faf13511922470a0fd43aa0bc
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
408a252c72c1978b2a4362efca1193761c46d0b8d07f8992c7772e4cd0646750
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4461a954ab995f7b05fc08330b2746159e0074256ff47e4ef054276286bfef53
4493942dfc57d20a7fc1cbab75133c34a00155c0aa37e05df4c01d36407f9ab1
4ae678bfb75029c50123e039cdeedde0f3ddd56d40f66cc5d8b7d7145be0d156
4dfb18508a99769c73b2ec9c0cbc2092a7b9d75e010da4ffa5d8086e78fc1a36
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050
51596641484ac197e33b6cf155119fa8e5e324e4fd28cb2b04d75a33cdec4605
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
5222d425167e2abb010d7eb072b6b1c252cea92cdb92cd9688b4ee1b7a5cfccd
52d188a459594cd48016acdc9f44d99788378bd821211c39863f6e1a6a6c6266
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579d3cc7ec3e2085cc8dfb443d0ab8b650513ded6f680f2c2eead3fb712baa9c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5f2931ff09d44adfb2d65854a9f85ea73141e84bdb71bc218670b46b8e9f95a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6561a77abf4680951096cb398a5b4d41f81e12ffae191d08a5b7d0ca991b27a7
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6ee8dfad2671e28672cec3d9d09822865d3f7bac270427d814c1683ae7e0f5ec
6f32f4b1aebee55450f9eaea7572be5631167000c60b202e32fd7efe10534e2f
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
72153bea0160875f6deb1bdaf729c82b61b5ff8f5cc29d96d1b9815a1946856d
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c1e2d47f1c1d55eedc2d4faa2e41a83705823acffb1c4a39415e3a55db377fe
8138a517f38926770874ea31ee902ff8834da6a67bda6aee8f75c435e79cfbc7
8182ab9d24507e862f64d82439c34cde58986468e48a2ec254ec6840fc1c0be3
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
862fbf874d5d31a78c018fda664c276de05bf0c452baef5f87e32294afa33455
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
89a3c8bd3a50d0dbf140bfd75d6dc782d02ac51c28dc207849b0c89777035fa1
902ecdb30208ed1da412e1514afd1b7059f2d4c1228d758618d990ff6b7ae454
9503d62dbc6bbad21608a55f6ab489689c75c9290908e8276a742224f303f20d
951711fd76ae30f467e9afcf747cc1ecad38d5ea9a52a55e3e6608c9d7ff52ce
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
989015929246742b19743ba75eb57ab37d688d652a824abd5614007374684dc9
9c2b3332d76c0c418e67fa402b50524715a1d72d72b08162e8bf6d146b1c034e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a85a2f4710ebf5d52b83d3bfcd72928876a6185f4217880d550bcf7b2f880b
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
a927036ae4571dbfb0b04a148832e5dfece646e3b6bcc6894a202c0ec9c6161e
aacd9c268a167c3e3da31d889d36e2156558403b4e976a845217eb64b041332f
ad7b19b2d35a7f05bc64b08e6711486630f32bf715ed3380b11420e2723e22ae
adf624f6c513c6be7f8f635e59ad5c0b9d5010df12dae0bfa9eddb74b2cadb8e
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
aebc0eac28568aef65321a154c19c264fe51fafabbbba9ae322b534f7c4e0bc3
aebe989ea2d8d96d7b43d6b34dd9b6d3a05acb5c2b67eaa3cf9a911911f1da1b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b09b4585f9689e0b37e726b4c80efeacdb37b73dcdea0a854a0d84680fbe201f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b40d2091decb56fd34865db73525dad6da99c3ba157bcc836a3251cc0f6a11d1
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
ba4f50bb2181c9c86d00cb1f0887621917c06ead8ab48b5ea0747ba57d63731c
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c416e42d6643a9b55a23bb3a20db03aa5aafadd2fc9f3b12c43359dc6bf82772
c548d3005886b2128151da13175f418c55449b6b680a5714329ba251b1bfcc00
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cacdd0274e3294cb3ac00b3567e96b876689c224cbd29fa8d487d37103bfebde
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
ce2042db53f9bb5f5d0c610a0f6b555fdcc5102017fa1aba1560745970edfb72
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
d5fbcab6b4b103860b15f4aa2437b34aab2c0840896e172bcbc1c12db7897b97
d741699edb36753ffea99ffc8d66cec5612596c77748156942713cb6a0ada6af
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb55fc10c046dcf4cc7eec174f6d41aefa197f30557a6fa5d99f513f94bc7091
ec665206cae3074fdfcf0600da47f064cfb47e6e050ebf0ac92982d2c8daa05c
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee76af6aa2310ef046d746c72acec2c6e1f38bb190aec8b7f787fa5d5a3758cb
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f5958eb7a304ee9f84e0196a6fc9058eb88c10eeccaf09142fd5b1e98b23b1ad
f6431b5c85ee06c223ba8cb3bb5b135be9f73312e0b877e02f8f272295d3940b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcf2561d61b108ca978e1e07c722c5777f7a5a79dea73fec566fead46237bc0d
ff337d3fc99d6d499d416375030bdd263995369bd01dc530fca55a565d0367ff
ff8d74d2328df5590c675df09ecd425eacb78956c23c57c44a8b4a769b86c89a