urlscan.io logo urlscan.io
SecurityTrails logo

gofile.io Open in urlscan Pro
51.38.43.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://store4.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4
Effective URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Submission: On April 01 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 6 countries across 35 domains to perform 108 HTTP transactions. The main IP is 51.38.43.18, located in Guerard, France and belongs to OVH, FR. The main domain is gofile.io. The Cisco Umbrella rank of the primary domain is 64801.
TLS certificate: Issued by R3 on February 10th 2023. Valid for: 3 months.
This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 31.14.70.245 203698 (MOJI Noir...)
1 1 38.154.238.138 55286 (SERVER-MANIA)
18 51.38.43.18 16276 (OVH)
3 151.80.29.83 16276 (OVH)
2 149.202.85.166 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
3 2600:1901:0:7... 15169 (GOOGLE)
1 34.160.110.8 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
5 2600:9000:211... 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.38 15169 (GOOGLE)
1 35.156.90.171 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.121.27 16509 (AMAZON-02)
2 35.71.131.137 16509 (AMAZON-02)
2 130.211.23.194 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
4 52.39.71.53 16509 (AMAZON-02)
3 34.107.140.113 396982 (GOOGLE-CL...)
4 35.244.159.8 15169 (GOOGLE)
2 18.157.253.52 16509 (AMAZON-02)
6 52.57.148.57 16509 (AMAZON-02)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 104.18.24.185 13335 (CLOUDFLAR...)
2 69.166.1.14 27630 (AS-XFERNET)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 34.160.152.31 15169 (GOOGLE)
2 54.228.50.204 16509 (AMAZON-02)
2 2.19.228.187 16625 (AKAMAI-AS)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 151.101.129.108 54113 (FASTLY)
5 5 3.69.140.176 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
2 2 3.125.255.88 16509 (AMAZON-02)
1 69.166.1.12 ()
108 46
1    31.14.70.245 (Paris, France)

ASN203698 (MOJI Noir Network, FR)
store4.gofile.io
1    38.154.238.138 (Piscataway, United States)

ASN55286 (SERVER-MANIA, CA)
file60.gofile.io
18    51.38.43.18 (Guerard, France)

ASN16276 (OVH, FR)
PTR: ns3120834.ip-51-38-43.eu
gofile.io
3    151.80.29.83 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ns3048708.ip-151-80-29.eu
api.gofile.io
2    149.202.85.166 (France)

ASN16276 (OVH, FR)
PTR: mail.gofile.io
plausible.gofile.io
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
3    2600:1901:0:7ec2::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
fronttoad.com
1    34.160.110.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.160.34.bc.googleusercontent.com
d.pub.network
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:223f:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:9000:211e:5200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2600:9000:225e:7800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
1    35.156.90.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-90-171.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    13.32.121.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-27.fra60.r.cloudfront.net
api.intentiq.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:223c:1400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    52.39.71.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-71-53.us-west-2.compute.amazonaws.com
seg.hadron.ad.gt
3    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
eu-u.openx.net
2    18.157.253.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-253-52.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    52.57.148.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com
c.pub.network
2    54.228.50.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-50-204.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    3.69.140.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-140-176.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    3.125.255.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-255-88.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    69.166.1.12 (None, )

ASN- ()
sync.go.sonobi.com
Apex Domain
Subdomains		 Transfer
25 gofile.io
store4.gofile.io
file60.gofile.io — Cisco Umbrella Rank: 921337
gofile.io — Cisco Umbrella Rank: 64801
api.gofile.io — Cisco Umbrella Rank: 234261
plausible.gofile.io — Cisco Umbrella Rank: 268748
390 KB
8 pub.network
a.pub.network — Cisco Umbrella Rank: 5026
d.pub.network — Cisco Umbrella Rank: 5360
c.pub.network — Cisco Umbrella Rank: 5188
363 KB
7 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 978
x.bidswitch.net — Cisco Umbrella Rank: 323
2 KB
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2919
test.cmp.quantcast.com — Cisco Umbrella Rank: 10753
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12482
194 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1123
913 B
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2381
bidder.criteo.com — Cisco Umbrella Rank: 748
2 KB
5 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 3838
seg.hadron.ad.gt — Cisco Umbrella Rank: 7684
730 B
4 openx.net
freestar-d.openx.net — Cisco Umbrella Rank: 10591
eu-u.openx.net — Cisco Umbrella Rank: 2519
965 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
ad.doubleclick.net — Cisco Umbrella Rank: 172
136 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1738
sync.go.sonobi.com Failed
4 KB
3 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4769
776 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 940
api.btloader.com — Cisco Umbrella Rank: 1036
81 KB
3 fronttoad.com
fronttoad.com — Cisco Umbrella Rank: 81642
22 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4505
1 KB
2 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 581
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 650
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 509
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 689
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
59 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 526
875 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368
649 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1016
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1453
117 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 6960
533 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
165 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 659
191 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1047
1 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1131
9 KB
1 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1700
826 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2725
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6211
469 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 198
27 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 591
483 B
1 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 13257
3 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
108 35
Domain Requested by
18 gofile.io gofile.io
6 btlr.sharethrough.com a.pub.network
5 x.bidswitch.net 5 redirects
5 cmp.quantcast.com a.pub.network
cmp.quantcast.com
5 a.pub.network gofile.io
a.pub.network
4 seg.hadron.ad.gt a.pub.network
3 s2s.t13.io a.pub.network
3 fronttoad.com a.pub.network
fronttoad.com
3 api.gofile.io gofile.io
2 ads.creative-serving.com 2 redirects
2 eu-u.openx.net a.pub.network
2 acdn.adnxs.com a.pub.network
2 js-sec.indexww.com a.pub.network
2 ads.pubmatic.com a.pub.network
2 ads.yieldmo.com a.pub.network
2 c.pub.network a.pub.network
2 static.criteo.net a.pub.network
static.criteo.net
2 apex.go.sonobi.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 bidder.criteo.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 freestar-d.openx.net a.pub.network
2 api.btloader.com freestar-io.videoplayerhub.com
2 match.adsrvr.org a.pub.network
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 ad-delivery.net
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 pagead2.googlesyndication.com gofile.io
pagead2.googlesyndication.com
2 plausible.gofile.io gofile.io
plausible.gofile.io
1 pixel-sync.sitescout.com
1 sync.go.sonobi.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com a.pub.network
1 api.intentiq.com a.pub.network
1 id.hadron.ad.gt a.pub.network
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 ad.doubleclick.net
1 test.cmp.quantcast.com cmp.quantcast.com
1 cdn.hadronid.net gofile.io
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 www.googletagservices.com a.pub.network
1 static.adsafeprotected.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 d.pub.network a.pub.network
1 cdn.plyr.io gofile.io
1 file60.gofile.io 1 redirects
1 store4.gofile.io 1 redirects
0 api.rlcdn.com Failed a.pub.network
108 52

This site contains links to these domains. Also see Links.

Domain
twitter.com
dev.gofile.io
file60.gofile.io
freestar.com
Subject Issuer Validity Valid
*.gofile.io
R3		 2023-02-10 -
2023-05-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
*.plyr.io
GTS CA 1P5		 2023-02-26 -
2023-05-27		 3 months crt.sh
fronttoad.com
R3		 2023-01-30 -
2023-04-30		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
cmp.quantcast.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
optimise.net
GTS CA 1D4		 2023-03-28 -
2023-06-26		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2023-02-11 -
2023-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-04-17		 2 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-02-16 -
2023-05-17		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-02-13 -
2023-05-14		 3 months crt.sh
id.hadron.ad.gt
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2023-03-19 -
2023-06-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 12 frames:

Primary Page: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Frame ID: 81B33FDA411686196D05383D4487DC75
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 23BBD712F03CDB73421156F8E7B52DC2
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 06F1CC18EEFF9EE38F9785E46CA22EF3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Frame ID: 13B2E65564E33DBFFFA59561448D710C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE70C5E6741C12ED35787895C9172AB3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Frame ID: CC4C66D6018E1F6C6D196FF51D98B97B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 515A4CEA9B4BEDAC5E8745C09EA4220E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A640D9804CC203E5F2F129F7AE6B5C9D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: 11CFAA867C0F4D66513C2B88C57D526D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Frame ID: 8E1C55B09A2A5CE85C26B1E28B9353A5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 13D32FC16D6E46D0B257CE150657D52F
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 597703CF949E56F036D47FAC797B5B1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gofile - Free Unlimited File Sharing and Storage

Page URL History Show full URLs

  1. https://store4.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4 HTTP 302
    https://file60.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4 HTTP 302
    https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

108
Requests

94 %
HTTPS

42 %
IPv6

35
Domains

52
Subdomains

46
IPs

6
Countries

1589 kB
Transfer

5471 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://store4.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4 HTTP 302
    https://file60.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4 HTTP 302
    https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 55
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=UejMrnwwRjh2LzZ6M2ljeTdxb3QyeDVtcVJmT3J4YkhOTVJQY216VGY5c0V6cXBCSmJOclprYmNGRzl5bE9jbExCTDZrRUU0UHd4a1RTWWtGSTAxZ1FtbTA3dTIvRFZ6S0JPTW9ZdWt0VTZZWlZFZ0tyaXBieUg3VDFseHJsOWx4R1pYTXRDYXcrTkcyb2hRWEhpZWxsL2MyVUY2YTRnV2RuUzB2RWx0SWY1L3kvQmh1TDVYMVBCVmYwaW9YaXBUMTlLUXVjdTRkL0w5a2JtOEs5OGtUU2VoWUxBQWxpbmRaelRqOE96VEszbGhyOFBzPXw&cppv=2
Request Chain 106
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0e586427-e7be-4e00-8996-ad2732c8556e
Request Chain 107
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 108
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=69019527-70f1-4cf9-99bd-b53b26bb22d7&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=69019527-70f1-4cf9-99bd-b53b26bb22d7&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c4199c5f-a18f-47da-b960-6d5c0b2a381d&ssp=sonobi&expires=30&user_group=5&bsw_param=69019527-70f1-4cf9-99bd-b53b26bb22d7 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=69019527-70f1-4cf9-99bd-b53b26bb22d7

108 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ebcc2a2c-a695-48a7-8553-5b1888da1ffe
gofile.io/d/
Redirect Chain
  • https://store4.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4
  • https://file60.gofile.io/download/direct/8936513a-0482-4f9f-a3bb-3e588aeaec45/040890E.mp4
  • https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
014898bd15c7d271b62c610b72fae95fdd9f3435f1b74bf2c4eb1cdf6832ad23
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 08:13:45 GMT
etag
W/"40d5-186d215b059"
expect-ct
max-age=0
last-modified
Sat, 11 Mar 2023 19:11:22 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
*
content-length
156
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 08:13:45 GMT
location
https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
origin-agent-cluster
?1
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
bootstrap.min.css
gofile.io/dist/css/ 		191 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/bootstrap.min.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"2fbaa-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.css
gofile.io/dist/css/ 		93 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/bootstrap-icons.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"17579-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-nightfall.css
gofile.io/dist/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/bootstrap-nightfall.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"c869-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.css
gofile.io/dist/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/plyr.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:36 GMT
etag
W/"85ae-18592ec961b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
allcss.css
gofile.io/dist/css/ 		2 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/allcss.css
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
765
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 09 Feb 2023 16:33:50 GMT
etag
W/"72c-1863706b0d1"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
logo-small-70.png
gofile.io/dist/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofile.io/dist/img/logo-small-70.png
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
2392
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"93f-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap.bundle.min.js
gofile.io/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/bootstrap.bundle.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"13a49-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
sha256.min.js
gofile.io/dist/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/sha256.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3701
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"2339-1857d39aa8b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
qrcode.min.js
gofile.io/dist/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/qrcode.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"4dda-1857d39aa8b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
dayjs.min.js
gofile.io/dist/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/dayjs.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3029
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"1a0e-1857d39aa8b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
customParseFormat.js
gofile.io/dist/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/customParseFormat.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1803
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"ea2-1857d39aa8b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
marked.min.js
gofile.io/dist/js/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/marked.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"aca2-1857d39aa8b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plyr.js
gofile.io/dist/js/ 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/plyr.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Sun, 08 Jan 2023 19:47:36 GMT
etag
W/"1b1b2-18592ec961b"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
chart.umd.min.js
gofile.io/dist/js/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/chart.umd.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 08 Mar 2023 18:58:17 GMT
etag
W/"3094c-186c296a29e"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
alljs.js
gofile.io/dist/js/ 		177 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/js/alljs.js
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
c007f5fb217aca3c1b8f40b601f0cbaa806c0f7290c7ad0ab66e3130d57a8d36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 28 Mar 2023 14:39:25 GMT
etag
W/"2c4cc-18728a8d47d"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
bootstrap-icons.woff2
gofile.io/dist/css/fonts/ 		118 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
Requested by
Host: gofile.io
URL: https://gofile.io/dist/css/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
Origin
https://gofile.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 04 Jan 2023 14:40:09 GMT
etag
W/"1d9d0-1857d39aa87"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
createAccount
api.gofile.io/ 		67 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gofile.io/createAccount
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
a7f3b06dc95403ac06b5693d0d2a54600393e07496944c4de9e962a8b9689185
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sat, 01 Apr 2023 08:13:45 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
67
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"43-FZOFOVVbqMEB2hy0dfIRmy/mE4c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
getAccountDetails
api.gofile.io/ 		268 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gofile.io/getAccountDetails?token=VDavgNhCnTFpssaXtK1pJMkGZKoUew6N
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
a9a957035088ebcbcd158a4ee57b512bac9f6650662ea99ba068f8cf3869f621
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sat, 01 Apr 2023 08:13:45 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
268
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"10c-0HiQrCqatQXmaivLRSKghXCsjoM"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
truncated
/ 		660 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
728d5faa3a9331fdbfe873fe6064549f70a7e10400a15955bb53b40a5ae401c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
files.html
gofile.io/contents/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gofile.io/contents/files.html
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.43.18 Guerard, France, ASN16276 (OVH, FR),
Reverse DNS
ns3120834.ip-51-38-43.eu
Software
/
Resource Hash
f2cbb89cd8582657ffc11b0a1412efddf74557f807eb25e1de264531eb4e620c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3250
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 24 Feb 2023 16:26:52 GMT
etag
W/"46ce-186843fb2f1"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
x-download-options
noopen
cache-control
public, max-age=0
plausible.js
plausible.gofile.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.gofile.io/js/plausible.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
x-content-type-options
nosniff
server
Cowboy
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
1321
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33e75f93f9eb91105ffb729785624b29f2c03b33936094db6ede343c72806018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://gofile.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48335
x-xss-protection
0
server
cafe
etag
14343480583845659018
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 08:13:45 GMT
pubfig.min.js
a.pub.network/gofile-io/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/gofile-io/pubfig.min.js
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cf8d7e51341f169fb6266a570399131db7468bad9f1d1012dc31609c44633b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
44855
x-guploader-uploadid
ADPycdt63Ny6UWukG2j2Bg4sFFr9Y3Ds8v-BA2GcoTySJh4uGnXmBDsnCXiS4zHwFq0ckZ-qCih6lGtTF6bJYgYWmKDc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 27 Mar 2023 20:04:57 GMT
server
cloudflare
etag
W/"c92b9a60f29a3d0eec0deeae3f2d4170"
vary
Accept-Encoding
x-goog-hash
crc32c=VP8ZKQ==, md5=ySuaYPKaPQ7sDe6uPy1BcA==
x-goog-generation
1679947497456236
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
109799
cf-ray
7b0f5fe91b0a0175-CDG
expires
Sat, 01 Apr 2023 08:43:45 GMT
getContent
api.gofile.io/ 		841 B
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gofile.io/getContent?contentId=ebcc2a2c-a695-48a7-8553-5b1888da1ffe&token=VDavgNhCnTFpssaXtK1pJMkGZKoUew6N&websiteToken=12345
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ns3048708.ip-151-80-29.eu
Software
/
Resource Hash
634c4b94fcb05bcd72e5de1d319cf098235315b401f64063cf6a49d0923e0644
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Sat, 01 Apr 2023 08:13:45 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
841
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"349-rPwZQUfIGMSASQGFjhuEJWp0aOQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
origin-agent-cluster
?1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
plyr.svg
cdn.plyr.io/3.7.3/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.7.3/plyr.svg
Requested by
Host: gofile.io
URL: https://gofile.io/dist/js/plyr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
C9BTBNA69BF8DGRM
age
7129558
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/0+r6NipCXOTMNBKG2Z20+Hti/j+izE1XevdGrVfMMoKVtzy2U9siX1ZYx5lwkvmBAq9Pmc9Ko4=
x-served-by
cache-iad-kjyo7100042-IAD, cache-yyz4547-YYZ
last-modified
Thu, 17 Nov 2022 06:34:03 GMT
server
cloudflare
x-timer
S1673207256.453652,VS0,VE0
etag
W/"3a727a9b7eef825081d78cc6e48aaadf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY6tIOweuMGf85EGijQEOP9wCwXcRXfFwfHUIzdSzosNvaABY8q3B%2FF4hST7PeKzcZf2MLaQTtO9Aj5HZuJNyqrd%2BCiyg1SbJgfAkoT25xX6xyhfkcJOieonvQf9vafG57Iu60d1QZV5"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
cf-ray
7b0f5fe96d3b22aa-CDG
x-cache-hits
0, 77
v2rhgkPASwm2y0ZIYpWgaQzdtibRGKmaqtx2rzhyXzf9EoCWNlXvLP4NPmEg
fronttoad.com/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/v2rhgkPASwm2y0ZIYpWgaQzdtibRGKmaqtx2rzhyXzf9EoCWNlXvLP4NPmEg
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ddc88b81cd26456440dbc36d6c8351089a6539e73e515a9c787035e0b91941d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 01 Apr 2023 08:13:45 GMT
x-datacenter
gce-europe-west1
etag
"0c27afc77e41020bda4c051cfbb31953de6eee270150b7da9727508d26a2a262"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-xkmn
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
814291840
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/ 		33 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=5818&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a80a1e6ef5e7e3205cfc688e80e7522151b0c016d10ab6ee50f29b5b278a7ab4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
plausible.gofile.io/api/ 		2 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.gofile.io/api/event
Requested by
Host: plausible.gofile.io
URL: https://plausible.gofile.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.gofile.io
Software
Cowboy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
server
Cowboy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
F1HBcLv1LdszkNRsRavB
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 		350 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5469679028990347&plah=gofile.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b2c79d496052ab21b3afcace965674c5273928081c77d115270e2246fa41356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119838
x-xss-protection
0
server
cafe
etag
4770782185716971610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 08:13:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 23BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
19518
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 02:48:27 GMT
etag
2378337311435320485
expires
Sat, 15 Apr 2023 02:48:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=pjzrmu&adnum=339692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24168047
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
2N1F732K2HeBkg9bJz7kEsYhjYUDoe1rJM-KzI7juAWZXEwyc3ET5Q==
choice.js
cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e96193e314a5d12a133e0a8aaec258b9293afde80c455300636b95b6e6927552

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:10 GMT
content-encoding
br
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Fri, 24 Mar 2023 16:55:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
37
x-amz-server-side-encryption
AES256
etag
W/"286a58730985e4f2ff61410dd5db6732"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8bQvzNz0g_tSWvOjK7qFigaieSUWflM-XNTdKNKYExwhsbaP4H1NLw==
pubfig.engine.js
a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/ 		445 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/gofile-io/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151febbb9d9458c8be45c12eb4a63bc06b0c84260ba461f3162748d6dad8c47a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
44858
x-guploader-uploadid
ADPycdsbUFlys0KvwxTjLJqNQhL1QnivgA9p6CbBXLwST4MSTrjOxeQfdVX3a02HSycLEuxccVOyLDuum4tKB8DOrwiL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 27 Mar 2023 16:22:47 GMT
server
cloudflare
etag
W/"a28ce101f634821dd648e328873226e9"
vary
Accept-Encoding
x-goog-hash
crc32c=dSt+dg==, md5=oozhAfY0gh3WSOMohzIm6Q==
x-goog-generation
1679934167601592
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
455669
cf-ray
7b0f5feabc290175-CDG
expires
Sat, 01 Apr 2023 09:13:46 GMT
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=gofile.io&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sat, 01 Apr 2023 08:13:46 GMT
expires
0
fs-client-rtt
19
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		508 B
533 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=gofile.io&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fbde7fa1f1176c49ba1589b28eaaacc76d14156e4d95cad993e63165b3a614ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Sat, 01 Apr 2023 08:06:26 GMT
fs-client-rtt
19
age
440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
508
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://gofile.io
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
expires
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d2557283728ee496a40a1eaf489937e726a32d55bc7c9be283a4384a278bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 06:17:13 GMT
server
cloudflare
x-amz-request-id
1JH3HC76GS82S603
age
669
etag
W/"17fa2726cd64eee9de41d67b61dbc355"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7b0f5feba9dd2a05-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
EUTktMyo+NEt4isazo1eKUbUlmx1ZgyyrOrRoF6h8j7FMsEVLpUiamW2Xf/W07CdEzcFIQStCF0=
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26aa0f95fb66100f5eba7d7df4fddb1fd4c04736e8d28c7f7b5e55d1cc8305a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27206
x-xss-protection
0
server
sffe
etag
"1528 / 155 of 1000 / last-modified: 1680300336"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 08:13:46 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
470 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d61d6ba3192fb88a5f90e4f0271fe07ea26ed1172ee08336dc1953bf0b8d061

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 08:06:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
386
etag
W/"9a2ab598a0e2cf65e9a1c2ca28689417"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKj70TqGKItwgVHS8mipyjTN3PB8HCUQAn7uU7Eoj%2FttGDIOx24UUTArO5iZE99vDMRY%2FKCyo%2FwvncauWPaFyefSVEiUQKVtFK%2F4QLaOiFPFqTLTUtODNeew2IPt1juJt0rM3U06k9lKKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7b0f5fec3dbc00bd-CDG

Redirect headers

date
Sat, 01 Apr 2023 08:13:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPaA6IsLBQ4Ye1DJBeF%2BUIevwEFZGErKGtVBmTZVG5wRkLMZZzg1od4Qm5qh4mEkXKFEAZ9cuGR4b0ePoyNinLn%2FVq2xO%2Fb8aLZjoZQ6K9oqOjPLR8VWkSvm%2FlZ37%2B1XR%2B%2BpwR8hiEJ4rtMlud65D0RknffC97ZyDqUISg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7b0f5febab452155-CDG
expires
Sat, 01 Apr 2023 09:13:46 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&ref=&_it=freestar&partner_id=474
Requested by
Host: gofile.io
URL: https://gofile.io/d/ebcc2a2c-a695-48a7-8553-5b1888da1ffe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
R73R1YPRACF14W1S
age
4869
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7b0f5febbead017f-CDG
x-amz-id-2
WpOFdHRh0gZH7PTUEqY5v8mEYbtnrkKVHNEuK91XPVGIyKANEnrrd1RZ9sjCZq9Ca2D9jqeWhgI=
prebid-analytics-7.37.0.js
a.pub.network/core/ 		578 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.37.0.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3185bc42c8ca3f93874f2caa46848aaf28192d71adcdf770c0045f2a326dcc5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
44858
x-guploader-uploadid
ADPycdspI16dJneXL-YgVtzQalWL6DUz0DzpQLy1NtVGwv27lMoZn3TXqCj7CIii6huSPCYA7SlHvEciXc5rBDh3gqQGWV5GMMPE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 27 Feb 2023 19:41:16 GMT
server
cloudflare
etag
W/"ac79a52155d1d846e5f8db243d3cd297"
vary
Accept-Encoding
x-goog-generation
1677526876107470
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=sQc5Xw==, md5=rHmlIVXR2Ebl+NskPTzSlw==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31481861
x-goog-stored-content-length
592265
cf-ray
7b0f5feb6cc00175-CDG
expires
Sat, 30 Mar 2024 17:11:27 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/gofile.io/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:49:40 GMT
content-encoding
br
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 08 Feb 2023 17:32:57 GMT
server
AmazonS3
etag
W/"15d537792bfc5eb18136ef129a7ec0a5"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
_SEFYpv5dH3uu9vlcQu5Sojn7uLLk58lVmeqo9_b-foGDiYwKr1Bow==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
152e7c5526b92a4bdc195f5d0186e79d1e7494bffea089229f3074434da7bea3

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 03:00:36 GMT
x-amz-version-id
Q2dMm0LZtnIqBsDUTB8PNIsB16c9pwBC
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
18791
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 30 Mar 2023 19:52:29 GMT
server
AmazonS3
etag
W/"62fd667efe0c7268fc68ea18d1179e2b"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
UYk-cC7jnthgrUkGRrKnRTo1hgsPyivG7XBS2rw51kwz58qef8KpXQ==
v2wjfxlRqHWCPGIeCehj58zdPygWT9EP99c8vHuNHUxemdlMSu-JdKX8yizySvLS58PbYChPmjz6t
fronttoad.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/v2wjfxlRqHWCPGIeCehj58zdPygWT9EP99c8vHuNHUxemdlMSu-JdKX8yizySvLS58PbYChPmjz6t
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/v2rhgkPASwm2y0ZIYpWgaQzdtibRGKmaqtx2rzhyXzf9EoCWNlXvLP4NPmEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6fa9a56a5622b87e044fba9b02a76db55ba4ce1bd984390b251bc4357eddfd87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 01 Apr 2023 08:13:46 GMT
via
1.1 google
x-buildnumber
814291840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-europe-west1-spot-xkmn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 01 Apr 2023 08:13:45 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202303290926/ 		234 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202303290926/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44dd5398523b5bcb2ddecede990928312cd714324da5129e54a7632d2250b67

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 13:28:20 GMT
server
cloudflare
x-amz-request-id
4JBYZKFKZ0QNZ1C3
age
237402
etag
W/"885ce32b561efadfad5a3faddd629c87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7b0f5fec2a362a05-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/zJhmsvrh8qmUp8gJ7sM+VyyYoTczECQKRIURY2ViB8OmU/IeAO8GI+KWJoLmoLhU66A3gzdoez5Qty5mKnqAl4Fgs9zI/amV5WHkgf61uU=
pubads_impl_2023032801.js
securepubads.g.doubleclick.net/gpt/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136767
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:36:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Mar 2024 20:04:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c92e40c1e9156a8f147e030843abc30d4431837d48cc32153cbc9b6328ed13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
676
x-xss-protection
0
expires
Sat, 01 Apr 2023 08:13:46 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/46/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 03:45:54 GMT
content-encoding
br
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
102473
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 08 Feb 2023 17:32:24 GMT
server
AmazonS3
etag
W/"56cdb8d3d5e2ab2d10d42277297ff84e"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
0TOtqXdHUZh9fmNk1C0OH1wpCKH4MeYVeUhLeQewevShUmlTuUnWpQ==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		352 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1932db3610dc9d7e5b49d81bbedb04d25034d4f3d86b9c6e2929d82d3919cf75

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 03:00:36 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
18791
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 01 Apr 2023 03:00:33 GMT
server
AmazonS3
etag
W/"13c8f6bf426ccc6ec046a6e01bf1677f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Bq5I_ESz_xp7gz1Xh6j7UG42YrLqGUulZtSREAPfsxoGzp_1tzWgLQ==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=gofile.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 03:00:30 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
18797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 01 Apr 2023 03:00:27 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
W3DNHutPh9fIS3-GK4bd2z2q_GmENdGn2aPGlDAbE4mQzWWlyJEDdQ==
v2nwpK9tsuwFqPdc0i9uq_L3FToyc1k9oRufkEKVhNExqnAB-I_0-b5-4ky5ht34nE7INPdjBQ7Yd
fronttoad.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fronttoad.com/v2nwpK9tsuwFqPdc0i9uq_L3FToyc1k9oRufkEKVhNExqnAB-I_0-b5-4ky5ht34nE7INPdjBQ7Yd
Requested by
Host: fronttoad.com
URL: https://fronttoad.com/v2rhgkPASwm2y0ZIYpWgaQzdtibRGKmaqtx2rzhyXzf9EoCWNlXvLP4NPmEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 01 Apr 2023 08:13:46 GMT
via
1.1 google
x-buildnumber
814291840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
x-hostname
fen-hoothoot-europe-west1-spot-xkmn
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
px.gif
ad-delivery.net/ 		43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1324576
x-guploader-uploadid
ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fIqFgkH40ieKrAfvkyKa0ozGoTZlgNJzVHkTvTuZEywZ9z155FTDZ0seYZ67%2F3bNAJXoBVfHmkR1maSfDJAsX4l2meDTy%2FnA6E6%2FstNxPSJ3RipKUW%2FKf6orXmwTjPqYH5eauomoy4OkAsnrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7b0f5fed0f3a229e-CDG
expires
Fri, 17 Mar 2023 01:06:55 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Apr 2023 18:03:05 GMT
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.02173886358256083
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1324576
x-guploader-uploadid
ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlwYiHI6VJTw50foijC9uKD977ccnfvYS7P73vnTkWjkA8%2BgjPzMm2NDMkfAKGlKf8qlHm1H8jBDWoRMNkhwhNzdwFPfSduvkj2nwdHYSGNy9mEA3WJPUYgXxF3Lp5UQ332MoHpqv%2B7GwMdyWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7b0f5fed0f3e229e-CDG
expires
Fri, 17 Mar 2023 01:06:55 GMT
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22gofile.io%22%2C%22publisher%22%3A%22gofile.io%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.46%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22DYeDoiOMARldjgUd2SeZVA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1680336826385%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-kedle4hccg4k40u6hwli%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/46/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.90.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-90-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 08:13:46 GMT
content-length
2
content-type
text/plain; charset=utf-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Apr 2023 08:13:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
503576
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgofile.io%2F&domain=gofile.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=UejMrnwwRjh2LzZ6M2ljeTdxb3QyeDVtcVJmT3J4YkhOTVJQY216VGY5c0V6cXBCSmJOclprYmNGRzl5bE9jbExCTDZrRUU0UHd4a1RTWWtGSTAxZ1FtbTA3dTIvRFZ6S0JPTW9ZdWt0VTZZWlZFZ0tyaXBieUg3VDFseH...
412 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UejMrnwwRjh2LzZ6M2ljeTdxb3QyeDVtcVJmT3J4YkhOTVJQY216VGY5c0V6cXBCSmJOclprYmNGRzl5bE9jbExCTDZrRUU0UHd4a1RTWWtGSTAxZ1FtbTA3dTIvRFZ6S0JPTW9ZdWt0VTZZWlZFZ0tyaXBieUg3VDFseHJsOWx4R1pYTXRDYXcrTkcyb2hRWEhpZWxsL2MyVUY2YTRnV2RuUzB2RWx0SWY1L3kvQmh1TDVYMVBCVmYwaW9YaXBUMTlLUXVjdTRkL0w5a2JtOEs5OGtUU2VoWUxBQWxpbmRaelRqOE96VEszbGhyOFBzPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
13c6d66a1c68ee7ca1938e320f4fdb9a47f0bae2ad57fe8c413c943430d1b68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1561278
expires
0

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=UejMrnwwRjh2LzZ6M2ljeTdxb3QyeDVtcVJmT3J4YkhOTVJQY216VGY5c0V6cXBCSmJOclprYmNGRzl5bE9jbExCTDZrRUU0UHd4a1RTWWtGSTAxZ1FtbTA3dTIvRFZ6S0JPTW9ZdWt0VTZZWlZFZ0tyaXBieUg3VDFseHJsOWx4R1pYTXRDYXcrTkcyb2hRWEhpZWxsL2MyVUY2YTRnV2RuUzB2RWx0SWY1L3kvQmh1TDVYMVBCVmYwaW9YaXBUMTlLUXVjdTRkL0w5a2JtOEs5OGtUU2VoWUxBQWxpbmRaelRqOE96VEszbGhyOFBzPXw&cppv=2
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
532154
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a39d864d92f3a887cb55c4b924412cc62ae1384e3cdafc25a95ed5f0e12870

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7b0f5fede88f03c5-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		0
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		95 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=6a744f10-044b-4cdd-8a13-e2dc5147dd4a
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-27.fra60.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e7094b344d558aabfdcddb2bd5b279e277ee96cef95558ac63eb01ba3fcbe2e2

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://gofile.io
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
TrV5U_LHbvmzxwiQQRk1dHo7C2FcqY3fBf2zSGtRaHRFo0PikefRsg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rid
match.adsrvr.org/track/ 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ebff4c51892083d9e054439de1558bcf737dad7e7bc469f9ea4aec955dd7f30c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 01 May 2023 08:13:46 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=Ax9TJCl4A&w=5912996595892224&o=5714937848528896&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&sid=KssZ4Y7xL&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 08 Apr 2023 08:13:46 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1607
x-guploader-uploadid
ADPycdsgzviGzAWjKcXtkt44hJi-7TxRh8M4wQVa7PpWTQT51TlfFlpjZKVrfMjNrxnfB5XogQmdXfm3NJN35TRnw2q-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
7b0f5fee0f040175-CDG
expires
Sat, 01 Apr 2023 09:13:46 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UejMrnwwRjh2LzZ6M2ljeTdxb3QyeDVtcVJmT3J4YkhOTVJQY216VGY5c0V6cXBCSmJOclprYmNGRzl5bE9jbExCTDZrRUU0UHd4a1RTWWtGSTAxZ1FtbTA3dTIvRFZ6S0JPTW9ZdWt0VTZZWlZFZ0tyaXBieUg3VDFseHJsOWx4R1pYTXRDYXcrTkcyb2hRWEhpZWxsL2MyVUY2YTRnV2RuUzB2RWx0SWY1L3kvQmh1TDVYMVBCVmYwaW9YaXBUMTlLUXVjdTRkL0w5a2JtOEs5OGtUU2VoWUxBQWxpbmRaelRqOE96VEszbGhyOFBzPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 01 Apr 2023 08:13:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
514764
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 07:30:58 GMT
content-encoding
gzip
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2569
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
vgJEW_hDCiH_lsl695adY5rZs5GHS-HpX1U79aVHNB-NEpViXcXeHQ==
rtd
seg.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.71.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-71-53.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://gofile.io
content-encoding
gzip
content-type
application/json
date
Sat, 01 Apr 2023 08:13:47 GMT
server
nginx/1.20.0
vary
Origin
rtd
seg.hadron.ad.gt/api/v1/ 		21 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.71.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-71-53.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e58f2b14bf0d4c54c1b5d68ea56a2a698a9cd16763de1da6650f3e23361042a5

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
rtd
seg.hadron.ad.gt/api/v1/ 		21 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.71.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-71-53.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e58f2b14bf0d4c54c1b5d68ea56a2a698a9cd16763de1da6650f3e23361042a5

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
rtd
seg.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seg.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.71.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-39-71-53.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://gofile.io
content-encoding
gzip
content-type
application/json
date
Sat, 01 Apr 2023 08:13:47 GMT
server
nginx/1.20.0
vary
Origin
cookie_sync
s2s.t13.io/ 		49 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
via
1.1 google
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
expires
0
auction
s2s.t13.io/openrtb2/ 		172 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a24f829941a04275465c223c7258743e6f3a6afd83220877288c0ded81d2dec6

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.108.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
expires
0
arj
freestar-d.openx.net/w/1.0/ 		190 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0c3312f2-e6d0-450f-b279-0cbb0d65ef8f&nocache=1680336826725&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&us_privacy=1---&audigentid=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl&pubcid=a1a05ea4-482b-4ecd-987e-cca67e42b937&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&aus=970x90%2C728x90%2C468x60%2C1x1&divids=gofileio_adhesion&aucs=%252F15184186%252Fgofileio_adhesion%252Fgofileio_adhesion&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7e38c6dfce0de6d1e1ccaaebf18b8fec158083e79e4b70e6071fed64219c8f1c

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gofile.io
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.253.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-253-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a321adc326c76af884d3fe43f8715b956b05e388f5b69f4013118c0fbeec7d2e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.37.0&cb=41975146749&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1377a6b774e6f4e605881b6d8c4d34509297927ff637893c99d674a8e067c1b8

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5POHAYjTBN2Qgj9%2FcMxauXJPF4kdULf3r6D4kEiNX7sqb5RnzOnDW2rxkrHsYvCqAxL1BKWLau9%2BUO63QzzWzROj86h5TtQkb8xYPztIg3njDMSlaA7xIxjCVIWvwQtO3qr%2Fxh4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b0f5fef8a7199f4-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
trinity.json
apex.go.sonobi.com/ 		522 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22327ff016fa8e10d%22%3A%221374b2b838cb3c97488f%7C970x90%2C728x90%2C468x60%2C1x1%7Cgpid%3D%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&s=e07b5e9c-db74-45bd-a412-c1ef3fb7cb50&pv=8b0ccd21-9352-4768-a1ee-e2a2357f2d72&vp=desktop&lib_name=prebid&lib_v=7.37.0&us=3&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u%22%2C%22domain%22%3A%22gofile.io%22%2C%22keywords%22%3A%22filesharing%2Cfilestorage%2Cfreefilesharing%2Cfreefilestorage%2Cunlimitedfilesharing%2Cunlimitedfilestorage%2Csecurefilesharing%2Csecurefilestorage%2Clargefilesharing%2Clargefilestorage%2Cvideofilesharing%2Cimagefilesharing%2Caudiofilesharing%2Ccdn%2Cdirectlink%2Cfilehosting%22%2C%22publisher%22%3A%7B%22domain%22%3A%22gofile.io%22%7D%2C%22name%22%3A%22gofile-io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%22c0dcc049-1317-4c00-a6aa-3531e9bdf990%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ed53ec34-a4af-4644-b0b0-9285273718b1%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4b3249b870677fc73bcd2d3f67f21d0cce268f4d94d98780bd6dfd068b648c4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 08:13:47 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-19
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://gofile.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
356
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
s2s.t13.io/openrtb2/ 		172 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b2a50673896dfaae350920e9988921d7acc6bd832d953028923837d406343759

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.108.0
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
expires
0
cdb
bidder.criteo.com/ 		18 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.37.0&cb=31542203841&lsavail=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.148.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-148-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:46 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
freestar-d.openx.net/w/1.0/ 		190 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=64ab925e-2dce-4e87-a3ca-8ece17d800db&nocache=1680336826857&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&us_privacy=1---&audigentid=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl&pubcid=a1a05ea4-482b-4ecd-987e-cca67e42b937&schain=1.0%2C1!freestar.com%2C1523%2C1%2C%2C%2C&aus=970x90%2C728x90%2C468x60%2C1x1&divids=gofileio_adhesion&aucs=%252F15184186%252Fgofileio_adhesion%252Fgofileio_adhesion&auid=539181725
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f35a09be69583c3f5d04dc087405e2ad25689517361d328e794c5ab0d5f3f8d1

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gofile.io
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		522 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2257ebf097aa2fbab%22%3A%221374b2b838cb3c97488f%7C970x90%2C728x90%2C468x60%2C1x1%7Cgpid%3D%2F15184186%2Fgofileio_adhesion%2Fgofileio_adhesion%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u&s=4a7ac861-5c7d-4385-b861-67f166fc7e5f&pv=8b0ccd21-9352-4768-a1ee-e2a2357f2d72&vp=desktop&lib_name=prebid&lib_v=7.37.0&us=3&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofile.io%2Fd%2Ftoe06u%22%2C%22domain%22%3A%22gofile.io%22%2C%22keywords%22%3A%22filesharing%2Cfilestorage%2Cfreefilesharing%2Cfreefilestorage%2Cunlimitedfilesharing%2Cunlimitedfilestorage%2Csecurefilesharing%2Csecurefilestorage%2Clargefilesharing%2Clargefilestorage%2Cvideofilesharing%2Cimagefilesharing%2Caudiofilesharing%2Ccdn%2Cdirectlink%2Cfilehosting%22%2C%22publisher%22%3A%7B%22domain%22%3A%22gofile.io%22%7D%2C%22name%22%3A%22gofile-io%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22fs_optimized%22%3Afalse%7D%7D%7D%2C%22user%22%3A%7B%22id%22%3A%22c0dcc049-1317-4c00-a6aa-3531e9bdf990%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22devicetype%22%3A2%2C%22make%22%3A%22%22%2C%22model%22%3A%22%22%2C%22os%22%3A%22Windows%22%2C%22osv%22%3A%2210%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%2C%22geo%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22ext%22%3A%7B%22prebid%22%3A%7B%22storedrequest%22%3A%7B%22id%22%3A%22f20a6258-ed38-48d5-9cef-ec48c9438341%22%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221523%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ed53ec34-a4af-4644-b0b0-9285273718b1%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
59ee2d7dff0ecbe764c0766c4f4068142061212e57e0939da69d44be6646c629
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 08:13:47 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-130
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://gofile.io
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
356
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6038c51060d89ad62bbb1faa922305447f853938f51dd1f6c2db68d2b9c22553

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 08:13:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiegURII37cZOaMV89LR3GjmJG5cWDCZuOjFEC12%2F0%2FVxcvTYsqKyXN2%2FvFn4rbpLRnMkekjJp4MiPS32OLdwUvWYsMi29v6DseG53hB4UcEbaEgwiGlTPb%2FTYhIRBvNNoF5ugMu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gofile.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b0f5feffa9999f4-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.253.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-253-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
18133850a9513b4d0261c0086afc3a62ea328482e5d5252e41074e1bfbd71566

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gofile.io
date
Sat, 01 Apr 2023 08:13:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
analytics.min.js
a.pub.network/core/analytics/1.1.1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/43bdc266045a65f73cbf80eb171faf7a45311c87/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:47 GMT
content-encoding
gzip
cf-cache-status
HIT
age
44859
x-guploader-uploadid
ADPycdt0JBoIHJHJov_sKRkHmVqEuKFlB9EmHHtpyxwG4g4RUPn8xb_Rbc64KZFBszY5X7-5-mha4wlH8mkbIV5yju0gHA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 21 Mar 2023 16:29:06 GMT
server
cloudflare
etag
W/"9faa51c72267d7040ea861c2a59c266f"
vary
Accept-Encoding
x-goog-hash
crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
x-goog-generation
1679416146332026
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
13155
cf-ray
7b0f5ff1a99f0175-CDG
expires
Sat, 01 Apr 2023 09:13:47 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Apr 2023 08:13:47 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 08:13:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Apr 2023 08:13:47 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e54acafbe0327b8009540f0bcc53ef95d48ccef710f60ef7a04ce48003227da4

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 01 Apr 2023 08:13:47 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://gofile.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gofile.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://gofile.io
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 01 Apr 2023 08:13:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
pbcas
ads.yieldmo.com/ Frame 06F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.50.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-50-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

date
Sat, 01 Apr 2023 08:13:50 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 13B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24397
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 01 Apr 2023 08:13:50 GMT
expires
Sat, 01 Apr 2023 15:00:27 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame AE70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
28
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7b0f6005288a2a6f-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 08:13:50 GMT
expires
Sat, 01 Apr 2023 12:13:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24397
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 01 Apr 2023 08:13:50 GMT
expires
Sat, 01 Apr 2023 15:00:27 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 515A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3599
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 01 Apr 2023 08:13:50 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
292, 22535
X-Served-By
cache-lga13626-LGA, cache-cdg20752-CDG
X-Timer
S1680336830.267454,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame A640 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3600
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 01 Apr 2023 08:13:50 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
292, 22174
X-Served-By
cache-lga13626-LGA, cache-cdg20740-CDG
X-Timer
S1680336830.266319,VS0,VE0
pd
eu-u.openx.net/w/1.0/ Frame 11CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
539
content-type
text/html
date
Sat, 01 Apr 2023 08:13:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
eu-u.openx.net/w/1.0/ Frame 8E1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
539
content-type
text/html
date
Sat, 01 Apr 2023 08:13:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 13D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
28
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7b0f6005388b2a6f-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 08:13:50 GMT
expires
Sat, 01 Apr 2023 12:13:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 5977 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.37.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.50.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-50-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

date
Sat, 01 Apr 2023 08:13:50 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=92e0ecff80&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 01 Apr 2023 08:13:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0e586427-e7be-4e00-8996-ad2732c8556e
0
0
pixelSync
pixel-sync.sitescout.com/dmp/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=1---
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 01 Apr 2023 08:13:49 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
//pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=1---
date
Sat, 01 Apr 2023 08:13:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=69019527-70f1-4cf9-99bd-b53b26bb22d7&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=69019527-70f1-4cf9-99bd-b53b26bb22d7&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c4199c5f-a18f-47da-b960-6d5c0b2a381d&ssp=sonobi&expires=30&user_group=5&bsw_param=69019527-70f1-4cf9-99bd-b53b26bb22d7
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=69019527-70f1-4cf9-99bd-b53b26bb22d7
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=69019527-70f1-4cf9-99bd-b53b26bb22d7
Protocol
HTTP/1.1
Server
69.166.1.12 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Apr 2023 08:13:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-19
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=69019527-70f1-4cf9-99bd-b53b26bb22d7
date
Sat, 01 Apr 2023 08:13:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0e586427-e7be-4e00-8996-ad2732c8556e

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless number| uidEvent object| bootstrap function| sha256 function| sha224 function| QRCode function| dayjs function| dayjs_plugin_customParseFormat function| marked function| Plyr function| Chart object| accountsObject string| accountActive string| apiServer string| contentsDir string| entryPage object| urlSplit number| sidebarCollapseLevel undefined| modal object| mainFolderObject object| pressedKeys number| random string| referrer object| bestServer object| uploadQueue object| uploadObject number| uploadingCount number| totalBytesToSend number| totalBytesSent number| uploadStartedAt undefined| dropFiles object| contentsSelected object| lastContentSelected undefined| countrySelected string| currencySelected number| premiumStorageSelected number| premiumTrafficSelected number| premiumDurationSelected number| premiumPriceSelected boolean| freestarScriptLoaded boolean| playwireScriptLoaded boolean| googleScriptLoaded boolean| pubfutureScriptLoaded object| countriesArray function| fade function| sleep function| uuidv4 function| humanFileSize function| toHHMMSS function| validateEmail function| validateName function| validatePasswd function| validateTags function| sidebarCollapse function| setAccountActive function| selectAccountActive function| myFetch function| loadContent object| modalTemplate function| createModal function| createToast function| processURL function| checkAccountAndUpdateInfo function| createGuestAccount function| buildSidebarAccountList function| logout function| startup function| addFilesToUploadQueue function| processUploadQueue function| uploadFile function| createUploadDiv function| deleteContent function| popupBeforeCopyContent function| copyContent function| downloadBulkContents function| loadTableFromFolderResult function| addContentIdToTable function| playFile function| closeFile function| showInfos function| showSettings function| showShare function| afterPageFilesLoad function| afterPageProfileLoad function| afterPageApiLoad function| afterPageTestLoad function| updatePremiumPrice boolean| adReady object| freestar object| blockies object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag object| adsbygoogle function| admiral object| googletag object| regeneratorRuntime function| plausible object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| 4dm1r11545242527 object| fsdata function| __tcfapi function| __uspapi object| fsprebid function| load_script object| confiant function| ha function| google_sa_impl object| googleToken object| googleIMState object| fsprebidChunk object| _pbjsGlobals object| mnet function| __tcfapiui object| hadron object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| _qevents function| quantserve function| __qc object| ezt object| _qoptions object| Criteo object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| criteo_syncframe_state

51 Cookies

Domain/Path Name / Value
.gofile.io/ Name: accountToken
Value: VDavgNhCnTFpssaXtK1pJMkGZKoUew6N
gofile.io/ Name: fs.bot.check
Value: true
.pub.network/ Name: _fsuid
Value: c0dcc049-1317-4c00-a6aa-3531e9bdf990
.gofile.io/ Name: _awl
Value: 2.1680336826.5-77d1ec8403fe98d288c916f376979b2a-6763652d6575726f70652d7765737431-0
gofile.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
gofile.io/ Name: _iiq_fdata
Value: %7B%22pcid%22%3A%226a744f10-044b-4cdd-8a13-e2dc5147dd4a%22%7D
.gofile.io/ Name: cookie
Value: ed53ec34-a4af-4644-b0b0-9285273718b1
gofile.io/ Name: _lr_retry_request
Value: true
gofile.io/ Name: _lr_env_src_ats
Value: false
.intentiq.com/ Name: IQver
Value: 1.9
.gofile.io/ Name: cto_bundle
Value: 3pq5XF9rSWduNW5MTUVLVlR6JTJGeFY1Nk9XWlVqTTglMkZRSXhzNnhkRk9URHpmYkYwVEVraUpNUHFhVVNoVjNUejZlJTJGZ01QJTJGaEtlSjRTTkI0TEFnelNyWGNLdWZlNXBkRjJ6a0dHRmdZWjRCUHNnbnZJd2ZrSnAwS2x0SzlEWlFzY3g1QU1W
.gofile.io/ Name: cto_bidid
Value: 3pq5XF9rSWduNW5MTUVLVlR6JTJGeFY1Nk9XWlVqTTglMkZRSXhzNnhkRk9URHpmYkYwVEVraUpNUHFhVVNoVjNUejZlJTJGZ01QJTJGaEtlSjRTTkI0TEFnelNyWGNLdWZlNXBkRjJ6a0dHRmdZWjRCUHNnbnZJd2ZrSnAwS2x0SzlEWlFzY3g1QU1W
.openx.net/ Name: i
Value: a1a05ea4-482b-4ecd-987e-cca67e42b937|1680336826
.go.sonobi.com/ Name: _usd_gofile.io
Value: 8b0ccd21-9352-4768-a1ee-e2a2357f2d72
.go.sonobi.com/ Name: __uin_tl
Value: 1548947479240546665963
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uis
Value: 0f52f75d-af27-4721-95c6-f6f266b9a3e0
.go.sonobi.com/ Name: HAPLB8A
Value: s85130|ZCfnv
.openx.net/ Name: pd
Value: v2|1680336830|mOgeginskin0vNomiygu
.bidswitch.net/ Name: c
Value: 1680336830
.bidswitch.net/ Name: tuuid_lu
Value: 1680336830
.bidswitch.net/ Name: tuuid
Value: 69019527-70f1-4cf9-99bd-b53b26bb22d7
.ads.pubmatic.com/ Name: KCCH
Value: YES
.quantserve.com/ Name: mc
Value: 6427e7be-4cb24-57bd9-c1156
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8285794B-C6EE-487B-BE85-512933417850
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1681516800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1681516800%3A13_56_54_8_251_220_21_161_7%7C1681603200%3A35
.w55c.net/ Name: matchopenx
Value: 5
.w55c.net/ Name: wfivefivec
Value: z5YJ4FHX1PIwmW5
.quantserve.com/ Name: d
Value: EKIBEQHTKPijCJiTAA
.doubleclick.net/ Name: IDE
Value: AHWqTUk_9_TAufc6FNh35SaLNe4HWrc91LDmSdd2PNchnfu-fIDl1Yxo5Cso__v_Z0U
.adform.net/ Name: uid
Value: 7160440396830230365
.weborama.fr/ Name: AFFICHE_W
Value: -iOMMr-HT6j@16
.simpli.fi/ Name: suid
Value: 6E85A81C2ED34FCE8F2F75408577F352
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7376576719046379571&KRTB&23263-7376576719046379571
.pubmatic.com/ Name: PugT
Value: 1680336830
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-uHmDbut60zyjedI7vHmcbLkv1WCjLoBou3tCi9qH&KRTB&19420-uHmDbut60zyjedI7vHmcbLkv1WCjLoBou3tCi9qH&KRTB&22979-uHmDbut60zyjedI7vHmcbLkv1WCjLoBou3tCi9qH&KRTB&23462-uHmDbut60zyjedI7vHmcbLkv1WCjLoBou3tCi9qH
.creative-serving.com/ Name: tuuid
Value: c4199c5f-a18f-47da-b960-6d5c0b2a381d
.creative-serving.com/ Name: c
Value: 1680336830
.creative-serving.com/ Name: tuuid_lu
Value: 1680336830
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b6e54d86-febf-516f-4b52-247869ec079d.Q8voKwjHJzxkO09xjNAMai3aC04Fya0nL9Tno%2FVFvBo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtuVNhv6_UW9LUiR4aewHnbIhkLM.7BcN2OxiaiAv2sfHgEiz892CSV7ztAv68%2F3LVkAzTl4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtuVNhv6_UW9LUiR4aewHnbIhkLM.7BcN2OxiaiAv2sfHgEiz892CSV7ztAv68%2F3LVkAzTl4
.amazon-adsystem.com/ Name: ad-id
Value: Ay4p3uQDVUpxmlYxN4LpzBk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

3 Console Messages

Source Level URL
Text
javascript error URL: https://gofile.io/d/toe06u
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://gofile.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://s2s.t13.io/cookie_sync
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.creative-serving.com
ads.pubmatic.com
ads.yieldmo.com
apex.go.sonobi.com
api.btloader.com
api.gofile.io
api.intentiq.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.pub.network
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.plyr.io
cmp.quantcast.com
d.pub.network
eu-u.openx.net
file60.gofile.io
freestar-d.openx.net
freestar-io.videoplayerhub.com
fronttoad.com
gofile.io
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
htlb.casalemedia.com
id.hadron.ad.gt
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
optimise.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
plausible.gofile.io
rules.quantcount.com
s2s.t13.io
secure.quantserve.com
securepubads.g.doubleclick.net
seg.hadron.ad.gt
static.adsafeprotected.com
static.criteo.net
store4.gofile.io
sync.go.sonobi.com
test.cmp.quantcast.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
sync.go.sonobi.com
104.18.11.47
104.18.24.185
13.32.121.27
130.211.23.194
142.250.186.38
149.202.85.166
151.101.129.108
151.80.29.83
178.250.0.157
18.157.253.52
2.19.228.187
2600:1901:0:7ec2::1
2600:9000:211e:5200:9:46dc:4700:93a1
2600:9000:223c:1400:6:44e3:f8c0:93a1
2600:9000:223f:1c00:8:48e:53c0:93a1
2600:9000:225e:7800:3:a4cd:8380:93a1
2606:4700:10::6816:34ad
2606:4700:10::ac43:17ea
2606:4700:20::681a:346
2606:4700:20::681a:932
2606:4700:20::ac43:4686
2606:4700:21::681b:c258
2606:4700:4400::6812:220a
2606:4700::6812:15ce
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:803::2002
2a00:1450:4001:813::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:3::7
2a02:2638::1c
2a02:2638::3
3.125.255.88
3.69.140.176
31.14.70.245
34.107.140.113
34.111.152.239
34.160.110.8
34.160.152.31
35.156.90.171
35.244.159.8
35.71.131.137
38.154.238.138
51.38.43.18
52.39.71.53
52.57.148.57
54.228.50.204
69.166.1.12
69.166.1.14
98.98.134.243
014898bd15c7d271b62c610b72fae95fdd9f3435f1b74bf2c4eb1cdf6832ad23
04a39d864d92f3a887cb55c4b924412cc62ae1384e3cdafc25a95ed5f0e12870
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
1377a6b774e6f4e605881b6d8c4d34509297927ff637893c99d674a8e067c1b8
13c6d66a1c68ee7ca1938e320f4fdb9a47f0bae2ad57fe8c413c943430d1b68d
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
151febbb9d9458c8be45c12eb4a63bc06b0c84260ba461f3162748d6dad8c47a
152e7c5526b92a4bdc195f5d0186e79d1e7494bffea089229f3074434da7bea3
18133850a9513b4d0261c0086afc3a62ea328482e5d5252e41074e1bfbd71566
1932db3610dc9d7e5b49d81bbedb04d25034d4f3d86b9c6e2929d82d3919cf75
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26aa0f95fb66100f5eba7d7df4fddb1fd4c04736e8d28c7f7b5e55d1cc8305a4
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
297d2557283728ee496a40a1eaf489937e726a32d55bc7c9be283a4384a278bf
29cf8d7e51341f169fb6266a570399131db7468bad9f1d1012dc31609c44633b
2b2c79d496052ab21b3afcace965674c5273928081c77d115270e2246fa41356
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
33e75f93f9eb91105ffb729785624b29f2c03b33936094db6ede343c72806018
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4b3249b870677fc73bcd2d3f67f21d0cce268f4d94d98780bd6dfd068b648c4d
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
59ee2d7dff0ecbe764c0766c4f4068142061212e57e0939da69d44be6646c629
5d91ffbdea8ecad30d07d2b6a979be09556cc16c50bc643fd96c749b2621c14a
6038c51060d89ad62bbb1faa922305447f853938f51dd1f6c2db68d2b9c22553
634c4b94fcb05bcd72e5de1d319cf098235315b401f64063cf6a49d0923e0644
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
6fa9a56a5622b87e044fba9b02a76db55ba4ce1bd984390b251bc4357eddfd87
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
728d5faa3a9331fdbfe873fe6064549f70a7e10400a15955bb53b40a5ae401c6
7e38c6dfce0de6d1e1ccaaebf18b8fec158083e79e4b70e6071fed64219c8f1c
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
8d61d6ba3192fb88a5f90e4f0271fe07ea26ed1172ee08336dc1953bf0b8d061
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
a24f829941a04275465c223c7258743e6f3a6afd83220877288c0ded81d2dec6
a321adc326c76af884d3fe43f8715b956b05e388f5b69f4013118c0fbeec7d2e
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7f3b06dc95403ac06b5693d0d2a54600393e07496944c4de9e962a8b9689185
a80a1e6ef5e7e3205cfc688e80e7522151b0c016d10ab6ee50f29b5b278a7ab4
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
a9a957035088ebcbcd158a4ee57b512bac9f6650662ea99ba068f8cf3869f621
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
b15c094a683c050f4de3a028a8d461c800b7b8af0159eccfb27bbfb36563982c
b2a50673896dfaae350920e9988921d7acc6bd832d953028923837d406343759
b44dd5398523b5bcb2ddecede990928312cd714324da5129e54a7632d2250b67
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
c007f5fb217aca3c1b8f40b601f0cbaa806c0f7290c7ad0ab66e3130d57a8d36
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c3185bc42c8ca3f93874f2caa46848aaf28192d71adcdf770c0045f2a326dcc5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
ddc88b81cd26456440dbc36d6c8351089a6539e73e515a9c787035e0b91941d1
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54acafbe0327b8009540f0bcc53ef95d48ccef710f60ef7a04ce48003227da4
e58f2b14bf0d4c54c1b5d68ea56a2a698a9cd16763de1da6650f3e23361042a5
e7094b344d558aabfdcddb2bd5b279e277ee96cef95558ac63eb01ba3fcbe2e2
e8c92e40c1e9156a8f147e030843abc30d4431837d48cc32153cbc9b6328ed13
e96193e314a5d12a133e0a8aaec258b9293afde80c455300636b95b6e6927552
ebff4c51892083d9e054439de1558bcf737dad7e7bc469f9ea4aec955dd7f30c
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
f2cbb89cd8582657ffc11b0a1412efddf74557f807eb25e1de264531eb4e620c
f35a09be69583c3f5d04dc087405e2ad25689517361d328e794c5ab0d5f3f8d1
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
fbde7fa1f1176c49ba1589b28eaaacc76d14156e4d95cad993e63165b3a614ef