gofile.io Open in urlscan Pro
151.80.29.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://file70.gofile.io/download/0d10b6d7-9e23-47f7-bdcf-42ace47ab9da/20230314-PTang-GA.mp4
Effective URL:
https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a
Submission: On March 26 via manual (March 26th 2023, 2:45:37 pm UTC) from SE — Scanned from FR

Summary HTTP 76 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 22 domains to perform 76 HTTP transactions. The main IP is 151.80.29.83, located in Roubaix, France and belongs to OVH, FR. The main domain is gofile.io. The Cisco Umbrella rank of the primary domain is 77496.
TLS certificate: Issued by R3 on February 10th 2023. Valid for: 3 months.

This is the only time gofile.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.14.70.250 31.14.70.250	203698 (MOJI Noir...) (MOJI Noir Network)
21	151.80.29.83 151.80.29.83	16276 (OVH) (OVH)
2	149.202.85.166 149.202.85.166	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:e7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:225... 2600:9000:2250:d000:12:4abd:d340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:3c00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:6000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.94 52.222.214.94	16509 (AMAZON-02) (AMAZON-02)
1	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:8640:764::2 2a06:8640:764::2	55081 (24SHELLS) (24SHELLS)
1	35.178.217.194 35.178.217.194	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.129 143.204.89.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.16 143.204.215.16	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.3 13.32.99.3	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
76	31

1 31.14.70.250 (Paris, France) 1 redirects

ASN203698 (MOJI Noir Network, FR)

file70.gofile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.80.29.83 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ns3048708.ip-151-80-29.eu

gofile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gofile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.202.85.166 (France)

ASN16276 (OVH, FR)
PTR: mail.gofile.io

plausible.gofile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:e7e (United States)

ASN13335 (CLOUDFLARENET, US)

platform.pubfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.pubfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2250:d000:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

largebrass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:3c00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-94.fra56.r.cloudfront.net

predicted-price-floor.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.217.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-217-194.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-129.fra50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-16.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-3.fra60.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gofile.io 1 redirects file70.gofile.io gofile.io — Cisco Umbrella Rank: 77496 api.gofile.io — Cisco Umbrella Rank: 282850 plausible.gofile.io — Cisco Umbrella Rank: 323925	389 KB
8	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 166 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	162 KB
8	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 3939	179 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	183 KB
4	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 892	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 808 api.btloader.com — Cisco Umbrella Rank: 902	25 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 46219 go.trvdp.com — Cisco Umbrella Rank: 37530 s.trvdp.com — Cisco Umbrella Rank: 36624	148 KB
3	pubfuture.com platform.pubfuture.com — Cisco Umbrella Rank: 43513 s3.pubfuture.com	25 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	457 B
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 456 mb.moatads.com — Cisco Umbrella Rank: 721	79 KB
2	largebrass.com largebrass.com — Cisco Umbrella Rank: 541652	22 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 15209	718 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 33248	4 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6038	404 B
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 32378	532 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	600 B
1	playwire.com predicted-price-floor.playwire.com — Cisco Umbrella Rank: 4828	464 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 575	484 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2368	249 B
1	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 3984	143 KB
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 12749	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	68 KB
76	22

	Domain	Requested by
18	gofile.io	gofile.io
8	cdn.intergient.com	gofile.io cdn.intergient.com
4	ad-delivery.net	btloader.com
4	pagead2.googlesyndication.com	gofile.io pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn.intergient.com securepubads.g.doubleclick.net
3	api.gofile.io	gofile.io
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api.btloader.com	btloader.com
2	largebrass.com	cdn.intergient.com largebrass.com
2	ad.doubleclick.net	btloader.com
2	btloader.com	gofile.io cdn.intergient.com
2	platform.pubfuture.com	gofile.io platform.pubfuture.com
2	plausible.gofile.io	gofile.io plausible.gofile.io
1	s3.pubfuture.com
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	platform.pubfuture.com
1	www.google.com	tpc.googlesyndication.com
1	mb.moatads.com	z.moatads.com
1	ghb.adtelligent.com	platform.pubfuture.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z.moatads.com	cdn.intergient.com
1	predicted-price-floor.playwire.com	cdn.intergient.com
1	static.adsafeprotected.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.intergi.com	cdn.intergient.com
1	cdn.plyr.io	gofile.io
1	www.googletagmanager.com	gofile.io
1	file70.gofile.io	1 redirects
76	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
dev.gofile.io
file70.gofile.io

Subject Issuer	Validity	Valid
*.gofile.io R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
cdn.intergient.com Amazon RSA 2048 M02	`2023-02-17` - `2024-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.plyr.io GTS CA 1P5	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
largebrass.com R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
cdn.intergi.com Amazon RSA 2048 M01	`2023-02-17` - `2024-01-02`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.playwire.com Amazon RSA 2048 M02	`2023-02-11` - `2024-03-11`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a
Frame ID: 069B3AF09D2163BAE018535539B16FE3
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 53F45A7E670E9CC4ABAB9A37897482F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5469679028990347&output=html&adk=1812271804&adf=3025194257&lmt=1678561876&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679841932908&bpp=4&bdt=560&idt=308&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7488427774002&frm=20&pv=2&ga_vid=2146078403.1679841933&ga_sid=1679841933&ga_hid=1287833706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C31071756%2C31073106&oid=2&pvsid=4419255100075426&tmod=75375599&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 182251057AB214DE85BF76CCA37C0374
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5469679028990347&output=html&h=280&slotname=4172489894&adk=749522683&adf=1092462468&pi=t.ma~as.4172489894&w=381&fwrn=4&fwrnh=100&lmt=1678561876&rafmt=1&format=381x280&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679841932912&bpp=3&bdt=564&idt=342&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7488427774002&frm=20&pv=1&ga_vid=2146078403.1679841933&ga_sid=1679841933&ga_hid=1287833706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=735&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C31071756%2C31073106&oid=2&pvsid=4419255100075426&tmod=75375599&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZeoYcv5c9M&p=https%3A//gofile.io&dtd=356
Frame ID: 763690703AF668E0BCAA82BCF28F7309
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45B276EEADB311807F96DB97A64BBB97
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37A81D1E39335CEC53B640E173C05CC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gofile - Free Unlimited File Sharing and Storage

Page URL History Show full URLs

https://file70.gofile.io/download/0d10b6d7-9e23-47f7-bdcf-42ace47ab9da/20230314-PTang-GA.mp4 HTTP 302
https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Marked (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/marked(?:\.min)?\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Page Statistics

76
Requests

100 %
HTTPS

58 %
IPv6

22
Domains

34
Subdomains

31
IPs

4
Countries

1435 kB
Transfer

4458 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/Gofile_io
Title: @gofile_io

Search URL Search Domain Scan URL

URL: https://dev.gofile.io/d/123abc
Title: https://dev.gofile.io/d/123abc

Search URL Search Domain Scan URL

URL: https://file70.gofile.io/download/0d10b6d7-9e23-47f7-bdcf-42ace47ab9da/20230314-PTang-GA.mp4
Title: 20230314-PTang-GA.mp4

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://file70.gofile.io/download/0d10b6d7-9e23-47f7-bdcf-42ace47ab9da/20230314-PTang-GA.mp4 HTTP 302
https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a Show response
gofile.io/d/
Redirect Chain

https://file70.gofile.io/download/0d10b6d7-9e23-47f7-bdcf-42ace47ab9da/20230314-PTang-GA.mp4
https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

16 KB
7 KB

95ms
15ms

Document
text/html

151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

014898bd15c7d271b62c610b72fae95fdd9f3435f1b74bf2c4eb1cdf6832ad23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 26 Mar 2023 14:45:32 GMT
etag: W/"40d5-186d2159b62"
expect-ct: max-age=0
last-modified: Sat, 11 Mar 2023 19:11:16 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: *
content-length: 156
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 14:45:32 GMT
location: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
gofile.io/dist/css/ 191 KB
30 KB 19ms
18ms Stylesheet
text/css 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/bootstrap.min.css

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"2fbaa-1857d3988cb"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 bootstrap-icons.css
gofile.io/dist/css/ 93 KB
14 KB 19ms
18ms Stylesheet
text/css 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/bootstrap-icons.css

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"17579-1857d3988cb"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 bootstrap-nightfall.css
gofile.io/dist/css/ 50 KB
8 KB 18ms
17ms Stylesheet
text/css 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/bootstrap-nightfall.css

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"c869-1857d3988cb"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 plyr.css
gofile.io/dist/css/ 33 KB
6 KB 19ms
18ms Stylesheet
text/css 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/plyr.css

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 08 Jan 2023 19:47:31 GMT
etag: W/"85ae-18592ec8138"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 allcss.css
gofile.io/dist/css/ 2 KB
846 B 18ms
17ms Stylesheet
text/css 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/allcss.css

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 765
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Thu, 09 Feb 2023 16:33:45 GMT
etag: W/"72c-18637069bac"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 logo-small-70.png
gofile.io/dist/img/ 2 KB
2 KB 24ms
23ms Image
image/png 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofile.io/dist/img/logo-small-70.png

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 2392
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"93f-1857d3988cf"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 bootstrap.bundle.min.js Show response
gofile.io/dist/js/ 79 KB
24 KB 24ms
22ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/bootstrap.bundle.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"13a49-1857d3988cf"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 sha256.min.js Show response
gofile.io/dist/js/ 9 KB
4 KB 22ms
20ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/sha256.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 3701
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"2339-1857d3988d3"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 qrcode.min.js Show response
gofile.io/dist/js/ 19 KB
7 KB 22ms
19ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/qrcode.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"4dda-1857d3988d3"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 dayjs.min.js Show response
gofile.io/dist/js/ 7 KB
3 KB 23ms
21ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/dayjs.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 3029
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"1a0e-1857d3988cf"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 customParseFormat.js Show response
gofile.io/dist/js/ 4 KB
2 KB 23ms
21ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/customParseFormat.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1803
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"ea2-1857d3988cf"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 marked.min.js Show response
gofile.io/dist/js/ 43 KB
16 KB 24ms
22ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/marked.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"aca2-1857d3988d3"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 plyr.js Show response
gofile.io/dist/js/ 108 KB
34 KB 35ms
34ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/plyr.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Sun, 08 Jan 2023 19:47:31 GMT
etag: W/"1b1b2-18592ec8138"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 chart.umd.min.js Show response
gofile.io/dist/js/ 194 KB
71 KB 34ms
33ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/chart.umd.min.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 08 Mar 2023 18:58:11 GMT
etag: W/"3094c-186c2968d85"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 alljs.js Show response
gofile.io/dist/js/ 177 KB
34 KB 25ms
24ms Script
application/javascript 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/js/alljs.js

Requested by

Host: gofile.io
URL: https://gofile.io/d/5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

404516af55f4fd3c3a73fe72848819c506a82ec233a68d010980acce53ad6d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 22 Mar 2023 13:40:41 GMT
etag: W/"2c4ad-187098ce5d9"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 bootstrap-icons.woff2
gofile.io/dist/css/fonts/ 118 KB
119 KB 20ms
20ms Font
font/woff2 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

Requested by

Host: gofile.io
URL: https://gofile.io/dist/css/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
Origin: https://gofile.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 04 Jan 2023 14:40:00 GMT
etag: W/"1d9d0-1857d3988cf"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 createAccount Show response
api.gofile.io/ 67 B
810 B 128ms
49ms Fetch
application/json 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gofile.io/createAccount

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

4858f5d5fd734cfe672dc4cdadca57c95371398195048e5b9bd11612bc026679

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 26 Mar 2023 14:45:32 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 67
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"43-vCk2ZFLUhx6gz0WrgvuFK113vEE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofile.io
origin-agent-cluster: ?1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 getAccountDetails Show response
api.gofile.io/ 268 B
342 B 28ms
27ms Fetch
application/json 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gofile.io/getAccountDetails?token=NulPyK0krM8EifxdB9bKGrAtVz9Dcske

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

374ef7534395754207ce22b5fbbac45bbe7125da9ed72fa94a5c7617d5c7d7d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 26 Mar 2023 14:45:32 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 268
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"10c-oduT39dEC5bBbkxv3aQK3Ko9DHI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofile.io
origin-agent-cluster: ?1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 637 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca4b3d448276e792d47ffa25934c25909a84ba0135796db1dc3a5b3c8888a0ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 files.html Show response
gofile.io/contents/ 18 KB
3 KB 16ms
15ms Fetch
text/html 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://gofile.io/contents/files.html

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

f2cbb89cd8582657ffc11b0a1412efddf74557f807eb25e1de264531eb4e620c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 3250
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Fri, 24 Feb 2023 16:26:46 GMT
etag: W/"46ce-186843f9cd3"
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
x-download-options: noopen
cache-control: public, max-age=0

GET
H2 200 plausible.js Show response
plausible.gofile.io/js/ 1 KB
1 KB 145ms
16ms Script
application/javascript 149.202.85.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.gofile.io/js/plausible.js

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.202.85.166 , France, ASN16276 (OVH, FR),

Reverse DNS

mail.gofile.io

Software

Cowboy /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
x-content-type-options: nosniff
server: Cowboy
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 1321

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 153ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7cc8e6919457de80b8d119038155c228ad69662a51e2cdf190903d3704ec33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://gofile.io
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48674
x-xss-protection: 0
server: cafe
etag: 18270370745318445558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 14:45:32 GMT

GET
H2 200 633ba36b6288d400280d0c77.js Show response
platform.pubfuture.com/v1/unit/ 3 KB
2 KB 536ms
482ms Script
application/javascript 2606:4700:20::681a:e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/unit/633ba36b6288d400280d0c77.js?v=2

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

258f15a0b2a02f88e8775f699307931e67d1c1afadfd51347275753758b3bba5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"aa5-dGwozu8XzErAVxpnsEP90Q9vbNY"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWcFqCRk03svyIJRKadtSyDvUrIssjTrAkuwd9BKYewBl83e6cznvzmIAntwUiQvR7VA5H%2FVDL9HIdx0%2B5vR9XTgmtJG9n1jmk3A8LHQ9tw0XYBCDLQz1KB4sRx6wVGWFU%2FHkN42xXL5863gnUj9H0YfFOY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800
vary: Accept-Encoding
cf-ray: 7ae02d8f9d020275-CDG

GET
H2 200 ramp.js Show response
cdn.intergient.com/1024419/73114/ 50 KB
6 KB 103ms
22ms Script
application/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/1024419/73114/ramp.js
Requested by: Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 4e16759b69983206c563001b2448a7bd0bf172dc23ec6b4532ed7221392553e0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:02:08 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
age: 20604
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: jaJxHAp4x7t3Vm_qIW23UOTfJ7TQGVUoHahdFdYFE56ASbB6s17pbw==

GET
H2 200 tag Show response
btloader.com/ 45 KB
12 KB 82ms
28ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by: Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a63dae7bf7b914fe06ce3069616401aacdab10fcd0a713adafd34565137463

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Mar 2023 14:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 114
etag: W/"55b55e7aa980e1bf10dd534bcf847aa3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev37jxR7sSMQ6EAXry6%2FyvHOZwGW%2BHjlygrJP%2FIKEJIl%2FdiEIBeVwJqFpdysT3AFzt8JsBIANYR8L4B2hRqOwpd0dEo%2BctPLL%2BwWDRPS2dOwswiNUuZBSWioSdXtZsYR87OwdPXK1HqYUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7ae02d8fafcf018c-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
68 KB 108ms
48ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QS5CNJM36B

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f8fc75c60dee113410e2c015478e5b6db88c373306cb854c2b0ad590f0978bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Mar 2023 14:45:32 GMT

GET
H2 200 getContent Show response
api.gofile.io/ 871 B
948 B 37ms
36ms Fetch
application/json 151.80.29.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gofile.io/getContent?contentId=5a0a5ce7-a7cc-42f7-adbd-40d07c2a813a&token=NulPyK0krM8EifxdB9bKGrAtVz9Dcske&websiteToken=12345

Requested by

Host: gofile.io
URL: https://gofile.io/dist/js/alljs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.80.29.83 Roubaix, France, ASN16276 (OVH, FR),

Reverse DNS

ns3048708.ip-151-80-29.eu

Software

Resource Hash

970424071b42e7536e83402df1e92b46823776a6b0acb7848c5632350126758a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 26 Mar 2023 14:45:32 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 871
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"367-xg++Ot+QG+v6gOiT21H8I+r1Z7Y"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofile.io
origin-agent-cluster: ?1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.3/ 6 KB
3 KB 74ms
25ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.3/plyr.svg
Requested by: Host: gofile.io
URL: https://gofile.io/dist/js/plyr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C9BTBNA69BF8DGRM
age: 6634680
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /0+r6NipCXOTMNBKG2Z20+Hti/j+izE1XevdGrVfMMoKVtzy2U9siX1ZYx5lwkvmBAq9Pmc9Ko4=
x-served-by: cache-iad-kjyo7100042-IAD, cache-jnb7026-JNB
last-modified: Thu, 17 Nov 2022 06:34:03 GMT
server: cloudflare
x-timer: S1673207253.629677,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1mKSgpu%2BqHxXbMly5u6LcaETsPQErc4lqxFpGzRCp6u7BX6aYIZyyYGSEz%2FTiAsnmycDHu4Xcs4vExbllBauKMY1iVgD1O5Plz4J6IQJoKADAwAJ5YFsmraRnzQJ93KyfTlm1INPGci"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 7ae02d8ffb8b0203-CDG
x-cache-hits: 4, 43

GET
H2 200 px.gif
ad-delivery.net/ 43 B
939 B 68ms
23ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 829682
x-guploader-uploadid: ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmY6%2Brar8kzbcAFrCslQxYcityVAvLS2wY9LKFab2CBuGTHFoJ68KwFx52LfhDGeD8t5lauHpa2JSPrvg51O8U4QJsKPpUIzf5aLmYVHVk37loyRKZLFwe96kW1NlefzoXRoWik27uceVsvtdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ae02d9038503ca7-CDG
expires: Fri, 17 Mar 2023 01:06:55 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 97ms
24ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 08:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Mar 2023 08:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 70ms
25ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.19434468103224578
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 829682
x-guploader-uploadid: ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFIKSGiEf%2F20pYY44FsSBw%2B6oMNA9LqhDOPTKBMMaBBMZ5rwxWy1j%2F7cH5zDLF1rjn7p3yj1QnIW1jK5qvSAGqXlnDt5E8I%2ByKQrCB8fRqcbrSsZeO1S5vQSfGMYGyRcrklEnJYQtKP5lXzO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ae02d9038523ca7-CDG
expires: Fri, 17 Mar 2023 01:06:55 GMT

GET
H2 200 v2ykpqVBImNHs0FL65pUHQHjww-JiNdxHm9A495acvqvBXXDkNKZu1ww Show response
largebrass.com/ 59 KB
22 KB 96ms
30ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://largebrass.com/v2ykpqVBImNHs0FL65pUHQHjww-JiNdxHm9A495acvqvBXXDkNKZu1ww

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024419/73114/ramp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

88282aaf0c5953174098810451ac6a613e858f662b6cd62e410b6c142db7cb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sun, 26 Mar 2023 14:45:32 GMT
x-datacenter: gce-europe-west1
etag: "58a96ed952069779c53ee038058456540e485d6588ac5a2fe7d723332dcf16fa"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-blst
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 814291840
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 142ms
51ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024419/73114/ramp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4ba20bee09150928475b801358a2e57859d7f03709eeb24f375dafd8f386ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27418
x-xss-protection: 0
server: sffe
etag: "1522 / 845 of 1000 / last-modified: 1679695651"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Mar 2023 14:45:32 GMT

GET
H2 200 prebid.js.br Show response
cdn.intergi.com/prebid/ 564 KB
143 KB 120ms
28ms Script
text/javascript 2600:9000:223d:3c00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024419/73114/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3c00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d657eceb02f80aad924892ef65e3fc09ba020d067783661314fe6515046be022

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: RRiapV27jEhNYA43q_UCWtTi0f_6k82z
content-encoding: br
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
date: Sun, 26 Mar 2023 13:27:03 GMT
last-modified: Wed, 01 Mar 2023 14:33:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 8713
x-amz-server-side-encryption: AES256
etag: "c8c0cc3408d21309c6fcf102e9c3b6c1"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 146180
x-amz-cf-id: lzeO_5pW5xZSLiMcacqvTKBgNr2DYQHlex2mropYXDeUOlnZ6ur0fQ==

GET
H2 200 ramp_core.js Show response
cdn.intergient.com/ 305 KB
99 KB 165ms
164ms Script
application/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp_core.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024419/73114/ramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d5772e870d666d6f6372a2d852529367848f3edca34324843b31ef4b42be0714

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:170
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: gEne516UOj4excpeS0z-AH7ZeAu4ectzxJg_Z2klYXpvX55yOq_AYQ==

POST
H2 202 event Show response
plausible.gofile.io/api/ 2 B
191 B 167ms
99ms XHR
text/plain 149.202.85.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.gofile.io/api/event
Requested by: Host: plausible.gofile.io
URL: https://plausible.gofile.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.202.85.166 , France, ASN16276 (OVH, FR),
Reverse DNS: mail.gofile.io
Software: Cowboy /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
server: Cowboy
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 2
x-request-id: F0__VnfuMnXmv3WgcTsj

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 87ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QS5CNJM36B&gtm=45je33m0&_p=1287833706&cid=2146078403.1679841933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679841932&sct=1&seg=0&dl=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&dt=Gofile%20-%20Free%20Unlimited%20File%20Sharing%20and%20Storage&en=ramp_js&_fv=1&_nsi=1&_ss=1&_ee=1&ep.pageview_id=1679841932462
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QS5CNJM36B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Mar 2023 14:45:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gofile.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 151ms
98ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5469679028990347&plah=gofile.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7eda157d384eb4984e003dc79fd9ed9d9911221d7217ff5a7da7252969547b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119749
x-xss-protection: 0
server: cafe
etag: 5959468539564180037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 14:45:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 53F4 0
0 93ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5469679028990347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 81369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 16:09:24 GMT
etag: 2378337311435320485
expires: Sat, 08 Apr 2023 16:09:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 country Show response
api.btloader.com/ 16 B
204 B 176ms
122ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
67 B 177ms
123ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=p9fAtXByj&w=6259520371163136&o=5150306120761344&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&sid=csABtVLAN&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 26 Mar 2023 14:45:33 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
484 B 89ms
22ms Image
image/gif 2600:9000:223f:6000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_6724608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 23673155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 7f33KcuCw5q-UMkpCY_TqsB4ypMvfS7qKS1ax6XQFRjKb-5UmUtDkg==

GET
H2 200 pubads_impl_2023032101.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73fb2fa0d192c9fe74aaef182a6dbc31c29e7cc863038f0d69eac0d5c8ae204f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 11:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136519
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 08:35:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 25 Mar 2024 11:15:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 3 KB
664 B 110ms
60ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofile.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e49818c57f207d38b86fd65fce6d490c4ab6c60348e9a7ff67f64a724b9e7019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 639
x-xss-protection: 0
expires: Sun, 26 Mar 2023 14:45:33 GMT

GET
H2 200 videoCard.01fa78e7064a386f48fc.js Show response
cdn.intergient.com/pageos/1.9.16/ 554 B
920 B 22ms
22ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.9.16/videoCard.01fa78e7064a386f48fc.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 13:44:32 GMT
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 13:34:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3662
x-amz-server-side-encryption: AES256
etag: "ce3cc474e63b7f656de18953fb710c43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 554
x-amz-cf-id: BNLw7o2hDXgIqT6TbsBt506BZlVBzNNrXtnRstWuzb5c9suoFQXxug==

GET
H2 200 batchHandler.a83789fae305a44ffe68.js Show response
cdn.intergient.com/pageos/1.9.16/ 3 KB
2 KB 22ms
22ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.9.16/batchHandler.a83789fae305a44ffe68.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743f0138a0425418260a773e375e698d20820a4a54c816e0819ba1efc38f09aa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:00:35 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 13:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 78299
x-amz-server-side-encryption: AES256
etag: W/"4c0fd7be4ce9be47bd15a48c78fd791c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: VWXFu36GSG2IiwQsd6j5TVh4rDSeYgDufiLo0d_r7iIoFxmH-k4Haw==

GET
H2 200 88.da4099999895d5101ca6.js Show response
cdn.intergient.com/pageos/1.9.16/ 49 KB
11 KB 23ms
22ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.9.16/88.da4099999895d5101ca6.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14cd167420b962b3db2cc70fac2bfc7b49f23fdd0b93b9c73f6dc567f730643e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:00:34 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 13:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 78300
x-amz-server-side-encryption: AES256
etag: W/"390f1d013f98ebb10d7f0d50b5595896"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: ssubDJw7p_O7wmMfEi-Y_Apm9DvaN3eChN6-yA46aoT0h9hs2FmzaA==

GET
H2 200 gdpr.cdb3dbd6ca16dfbc6d84.js Show response
cdn.intergient.com/pageos/1.9.16/ 8 KB
3 KB 24ms
23ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.9.16/gdpr.cdb3dbd6ca16dfbc6d84.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd14c38fb0548fa540d6bd5e35262ab9abace01d15addde853d733b68f5d1bde

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:10:23 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 13:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 52511
x-amz-server-side-encryption: AES256
etag: W/"2a1ed8e47fff9ae64ff26018d125baeb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: CFf5bcRq4CoDH2bPk5oMRJSV4p7q7qAFKxldhXxgPBl8BNEBltbeUw==

GET
H2 404 GDPR Show response
predicted-price-floor.playwire.com/websites/73114/v1/Sun/10/desktop/Chrome/ 40 B
464 B 459ms
401ms XHR
application/json 52.222.214.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://predicted-price-floor.playwire.com/websites/73114/v1/Sun/10/desktop/Chrome/GDPR
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74aea868e86139abd39ce34cd5aceb7d6bb76b45044a9feb0a8553970ac11f4e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 02:00:38 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 45898
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 40
last-modified: Fri, 20 Jan 2023 18:50:00 GMT
server: AmazonS3
etag: "e1521fb6c5e6c1af9c2ce15f13752922"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: rM6BJe7ji6AyG7V4lgG9rpjN8UZA0U5KjDrUN3p71KNb5l87RJgfFg==

GET
H2 200 tag Show response
btloader.com/ 45 KB
12 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a63dae7bf7b914fe06ce3069616401aacdab10fcd0a713adafd34565137463

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Mar 2023 14:39:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115
etag: W/"55b55e7aa980e1bf10dd534bcf847aa3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtnlyQZYOaIdOhj5kUtuNAazwuB5c%2Bq%2FZnye9PVYgE8Q%2BzPocn8LK6CIDQtkYxmd8Zltd3zrU9%2BGsLd2N5pwaoeH0yUcZ6TnzNw778aWzxPG6gwkHCi42SpBmCyHWggNrniykDEaUat0sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7ae02d9209e1018c-CDG

GET
H2 200 nielsen.b850d86715bcafaea630.js Show response
cdn.intergient.com/pageos/1.9.16/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.9.16/nielsen.b850d86715bcafaea630.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:00:33 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 13:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 78301
x-amz-server-side-encryption: AES256
etag: W/"70341af160996aa15aad5fcd74fdda2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: xzdKhheyuZf8xfMR9P6KsF1qZ42vhIoYtxDT7DXQpIvIYUi8Uhg5fw==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 222 KB
78 KB 112ms
28ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 57ee79d968a668f6f2374b679c4d37ef55059cd601fc5a9d612c20315b685bb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 15:59:20 GMT
server: AmazonS3
x-amz-request-id: ZK8R4QK0K4EB1D51
etag: "79e8b06d5de124001084f64bed3fd5b0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=29393
accept-ranges: bytes
content-length: 79844
x-amz-id-2: BXgQr/RR1DKNgbJjt347WcrasbBMyOU0AsSDKopiOGCLx8prHWDuGOt06OyXuuAEUlY6bKKOrro=

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 24ms
23ms Script
text/javascript 2600:9000:2250:d000:12:4abd:d340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.9.16/batchHandler.a83789fae305a44ffe68.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 19:06:53 GMT
content-encoding: br
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 70721
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: PpB92JkyOSsHw8IsoHpJmKQceIV_qaHu3gek3YDuRD9f5zZWU_b6-g==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 25ms
24ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 829683
x-guploader-uploadid: ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMwM97RtjZ6ETkD9GfSql9nXjT5njtT1HQDM1eGZ1yXTR3I8lOzSiDMCfEVJsYOStjvtP3d3Woo%2FcKe69zplS8M1t9Dg%2FfC5pGr84n9%2FiLYbQb3xyploXJ77Z%2B1rAsx2UCCklp12BrNBaSlWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ae02d926a363ca7-CDG
expires: Fri, 17 Mar 2023 01:06:55 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
170 B 25ms
24ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 08:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Mar 2023 08:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
369 B 23ms
23ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.08548685411409829
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 829683
x-guploader-uploadid: ADPycdt0qW3MDEjqHQ00nJvNLaxOq5aW-GTx6YmoGDtayvUtCztSAzoABNR5-xel123owjNGJifDJZaWO8dqPFVL9T39KgI5XjfK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2eUlZzg2YhivlGP0GYLRsV6aVylLzvGjaNdvzeQpp3HHdYt1h3RJiQ5x9vUn%2BPbcvarNs9rHmbRuPrUr9fw8wf%2FtvQdrSccMw8rQpYqys9zEehRPNlW4uQMV%2BY8RCwDAvAnUwxDYQBxR1V%2Bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ae02d926a373ca7-CDG
expires: Fri, 17 Mar 2023 01:06:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 103ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gofile.io&callback=_gfp_s_&client=ca-pub-5469679028990347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5469679028990347&plah=gofile.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

339dfc2b14a2cd9cc085b4771b6c1c297757ea472acef92d55c60a080f8c77e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
532 B 110ms
32ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=gofile.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 97ms
36ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gofile.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1822 0
0 456ms
455ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5469679028990347&output=html&adk=1812271804&adf=3025194257&lmt=1678561876&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679841932908&bpp=4&bdt=560&idt=308&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7488427774002&frm=20&pv=2&ga_vid=2146078403.1679841933&ga_sid=1679841933&ga_hid=1287833706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C31071756%2C31073106&oid=2&pvsid=4419255100075426&tmod=75375599&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 14:45:33 GMT
expires: Sun, 26 Mar 2023 14:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
72ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7664e22fd373e8eed6b0e3dac3bb6012db5acadde1aec6a25090c12794f27333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11251
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7636 0
0 504ms
504ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5469679028990347&output=html&h=280&slotname=4172489894&adk=749522683&adf=1092462468&pi=t.ma~as.4172489894&w=381&fwrn=4&fwrnh=100&lmt=1678561876&rafmt=1&format=381x280&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679841932912&bpp=3&bdt=564&idt=342&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7488427774002&frm=20&pv=1&ga_vid=2146078403.1679841933&ga_sid=1679841933&ga_hid=1287833706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=735&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C31071756%2C31073106&oid=2&pvsid=4419255100075426&tmod=75375599&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZeoYcv5c9M&p=https%3A//gofile.io&dtd=356

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33554
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 14:45:33 GMT
expires: Sun, 26 Mar 2023 14:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK geo Show response
ghb.adtelligent.com/ 139 B
404 B 325ms
95ms XHR
application/json 2a06:8640:764::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo
Requested by: Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/633ba36b6288d400280d0c77.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 50f111b7b11b3d3ee99b3d3e280a3c002ed6cea19c5ba32ed0fb1a732585c930

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Sun, 26 Mar 2023 14:45:32 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://gofile.io
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 139

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 324 B
499 B 154ms
39ms Script
text/html 35.178.217.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-QWdbXVZgr1f3LlF%2Fnkx0mb91P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-D9EJVCAZgVLOGg%3D%3D&sc=1&os=1-sw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1285&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt&pcode=playwireprebidheader597261727146&rx=423046588834&callback=MoatNadoAllJsonpRequest_88467095
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.217.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-217-194.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 120b592ce2c7ffa8f9c65e652cdd0fdff73fdad195262f5f03a949a810daa5c4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "4b65892c93e77a688963fe05ba7346a17cde1e6e"
content-length: 324
content-type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 99ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 14:45:33 GMT

POST
H3 200 v2gigzrgbDSNHV4_Jzt5att6nFj_LiGdXS_4UCgvd-e5qVQ-GGsv0f-3qWPc_51KlFyZDyC6w Show response
largebrass.com/ 206 B
233 B 82ms
38ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://largebrass.com/v2gigzrgbDSNHV4_Jzt5att6nFj_LiGdXS_4UCgvd-e5qVQ-GGsv0f-3qWPc_51KlFyZDyC6w

Requested by

Host: largebrass.com
URL: https://largebrass.com/v2ykpqVBImNHs0FL65pUHQHjww-JiNdxHm9A495acvqvBXXDkNKZu1ww

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

443b6153204d491bbb045b2a446e121373cf4f14174c07eecf048c6b12e2fba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sun, 26 Mar 2023 14:45:33 GMT
via: 1.1 google
x-buildnumber: 814291840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofile.io
x-hostname: fen-hoothoot-europe-west1-blst
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sun, 26 Mar 2023 14:45:32 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45B2 0
0 29ms
26ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 5551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 13:13:02 GMT
expires: Mon, 25 Mar 2024 13:13:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 37A8 0
0 104ms
34ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LVZQBULgusAO2RyYYrgzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LVZQBULgusAO2RyYYrgzGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 14:45:33 GMT
expires: Sun, 26 Mar 2023 14:45:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 633ba36b6288d400280d0c77.js Show response
platform.pubfuture.com/v1/config/ 3 KB
2 KB 483ms
483ms Script
application/javascript 2606:4700:20::681a:e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.pubfuture.com/v1/config/633ba36b6288d400280d0c77.js?v=6&ip=MjAwMTo0MWQwOjg6ZDE1NDo6OA==&cc=RlI=&c=&d=ZGVza3RvcF93aW5kb3dz&s=Z29maWxlLmlvL2QvSDFKWlR0

Requested by

Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/633ba36b6288d400280d0c77.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50600951b5eb7cca66717a57ad2e9fb0522896174a094b8a7fe6ed76cdd4934

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:34 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"c37-mDmNbRt4fc/2hhGoeWN5BahqNUI"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Atc9XqvDB9%2BDJLQPX%2B1CiYK4XhyG%2BkyeS0C0HoBu76EoEhRkBSP3EYPSNWVYKpm9TrrP4v9r3t8M3qzEoKze5KTqNvkALFg73bOZJu42mt8zHIadcGADe%2Finr783Y16Zk%2BaMRgOEsZflUBOfQnNEEP7mNGQ%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7ae02d951a4c0275-CDG

GET
H2 200 7913.js Show response
cnt.trvdp.com/js/1441/ 3 KB
2 KB 90ms
22ms Script
application/javascript 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1441/7913.js
Requested by: Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/config/633ba36b6288d400280d0c77.js?v=6&ip=MjAwMTo0MWQwOjg6ZDE1NDo6OA==&cc=RlI=&c=&d=ZGVza3RvcF93aW5kb3dz&s=Z29maWxlLmlvL2QvSDFKWlR0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-129.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b34334a5a0d4fd755df0abf55c266930feaac4ae86ce08ad3c3ba875b2822a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:08:04 GMT
content-encoding: br
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 15:07:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 344251
etag: W/"9355fd813178a02ac7c338c5b7e056a8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vJweSQdxn_Zw9v1Kwuukd1KOBbgAPX0TcBc_9FRzDQ7TWiWouJdMfw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=4419255100075426&bg=!kJOlk8fNAAbO2UOH7tk7ADkAdvg8WsD8XtAYMckGRITEQSXNmhm9j3lttQbE79j3ulVwz2UgUsuJy_hn0gcKwPyhdEe2nL-dzjMCAAAAaFIAAAABaAEHmQLz11UCQKkxzsGRdlfb2JcPecVekEKuiM5EPrdLaZzIydP139X_ZRlIFLHUcFFpsEJzfIFxMUHWZPUGjKaGZ0_ksDpKo7rOvUdPReBTw440qFTOUUE8aOGh4XESfHJcmLe2kPkZu2jfurkezEuK-a4pJO-FSuI3uWYaxEE-kGd9B_2TapaWlkcSqrW5cBjhT0KdvO4-RSI9cdje5YP9N_X9J0q_v_r5H0j4F6IzL_IbN0n1CT1MasQXduSSuJlIFQGDplBAoxBvMuoxepnz3kUaY2M9tEq8r8OiWq60VCE9ngnIN9FbCf2CAwp8RxTpfQLsefu-JrNKmgWq9nUYkZf-1jbQurbzYS5lfMEPxn8PCpHc2Z9NFWlSMVNrEYl_cXa0TnKvFstfu9pj_ZSvL_ZpRXhWEtycZr1qHP6NQuD6PscetXH1e3ugTLgvqk6wSyLLmjtwFRJfWSKw0vlplvM2BnCINt9LFwd8be4a9dXWptEYEC8WDvTEfs4g6IzjdipVX9ZtIr03zkEqJeIrg-_8OQ0Upib6JRMbIPOzW4UHQXzMNg_3-Ty4sfxAYTC2JbgG9she5rsPM1-RtrtKzipVlXpBRxMJEq4ygcaJAwPo0dUj8_L65BiGm_0K5cbOzQCcLCkzrcPETfmTAy_n5mAO7_VK7PoQaTYcrOIwsopEq8O2PjeJLhznW7Mpudv7S-qahZC1p4PpEMxEdERE7GQqA8gcXmjtYoMpKud0aNY-gIt6WBgxZ7XfWJkW6n9ZFp6g6YgVzaSzaPsuCl7BEJe1aqeDbZ2oH8x2JcJmn21qyJXGTIztksxL99V8rAN-yUJHAOeXppI9JeuzLBjHrMk6OL98HRFO_W6XCsrNlm8nmbMi4qUJFFOe7LjLMUF96Nmybzp95VE_BDX9QXIZTJSrQp1g5x743-LHhLwuJiybLyqkF-phNdYbsOvHOdwoQh847Qs9II391p0xCgYdOhTKFf8aLogdUkbvu52f2j2x7Vtkmwo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 7913.js Show response
go.trvdp.com/init/ 6 KB
6 KB 79ms
23ms Script
binary/octet-stream 143.204.89.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7913.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1441/7913.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-129.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f768dfa50588a60910bc4f53c33d64797e1c562946ec6a98c765639b6b5ae9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:53:55 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 14:47:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 341500
etag: "6272a9ba2c3c70328f7223425d8257d9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: He3asMHLgazinbz1irnZQn2Z5B-NwnW_40nwlCDlyKM24NBPEngKQQ==

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 9 KB
4 KB 210ms
135ms XHR
application/json 143.204.215.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1441&wid=7913&cb=1290.1884967260812&pid=5397&url=https%3A%2F%2Fgofile.io%2Fd%2FH1JZTt
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7913.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-16.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 0e2082693605b1938ae4b560b41dc3c5ade5dfa0c8817aebe3c10cdf7013cacb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:34 GMT
content-encoding: gzip
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://gofile.io
access-control-allow-credentials: true
x-amz-cf-id: uZUTLD-M8kYE8msUWQkYbiLjsDDre-vqEPUU3Qi0Mf56ogswH9ByFg==

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.802/ 476 KB
140 KB 100ms
26ms Script
application/javascript 13.32.99.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7913.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-3.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:20:14 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 3453920
etag: W/"af85b8e97ffce21514cfccbb7a8c96a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Owm73v_F2v6cKNM3N79qNgq2Mu7j2N-aRI1Fic939ZlOdeFuaG5Kng==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
718 B 522ms
136ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=gofile.io&l1=7913&l2=gofile.io&l3=FR&l4=desktop&l5=5.802&cb=0.6169066239028143
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Mar 2023 14:45:35 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://gofile.io
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 favicon.ico
s3.pubfuture.com/ 21 KB
21 KB 35ms
25ms Image
image/x-icon 2606:4700:20::681a:e7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.pubfuture.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e649b7248c6654b2f9b8fbd1de068ac6ea88568a2a9f4e27c61de53db44ad0ac

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 14:45:37 GMT
x-amz-version-id: .n9JmlnexdK9ep5pVHKNkPpiL2sUy5ge
via: 1.1 f71686f416809921055425c79026dd70.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG50-P1
age: 549815
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
last-modified: Thu, 22 Dec 2022 00:27:43 GMT
server: cloudflare
etag: W/"5a10f4d56ecc576aac7ab338278c298e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyyIn84YV07qmPRiFrI%2BQ%2BKCD1SrybDIUa140lC%2BgGkcnHljhQjOdh4wHoobxqhPAvApjgGG8twRzL1NMLLXx%2B8o%2F7Oe8OlxDA1AMS7saXNN7YebENi31oVjVwwBXxkeAs2Aqwtw1wSUBT55SAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=2592000
cf-ray: 7ae02daafe8a0275-CDG
x-amz-cf-id: v4zzeo0aOwcDenMIv1OUFOfYKNGQrYHukc0v5TiocugsCaaKixLDHg==

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gofile.io/	1969-12-31 23:59:59	Name: accountToken Value: NulPyK0krM8EifxdB9bKGrAtVz9Dcske
.gofile.io/	1970-01-20 20:13:21	Name: _ga_QS5CNJM36B Value: GS1.1.1679841932.1.0.1679841932.0.0.0
.gofile.io/	1970-01-20 20:13:21	Name: _ga Value: GA1.1.2146078403.1679841933
gofile.io/	1970-01-20 19:58:57	Name: usprivacy Value: 1---
.gofile.io/	1970-01-20 19:58:57	Name: __gads Value: ID=d4bdb1090c4a1f20-22ef2ffa6edd00e8:T=1679841933:RT=1679841933:S=ALNI_MYfv45mCtFxY2xAcFwSw5mSKyNcag
.gofile.io/	1970-01-20 19:58:57	Name: __gpi Value: UID=00000bcc9fee6e48:T=1679841933:RT=1679841933:S=ALNI_MYlsnEVFcESaMsgU9Eh75GxpGdc4g
.gofile.io/	1970-01-20 20:06:09	Name: _awl Value: 2.1679841933.5-3bf3381a40890e4feaf9873a7d2c2fe0-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 19:58:57	Name: IDE Value: AHWqTUkWIHlzmIlymMgsRBLv7w5UhyoCAtEMG7iHxnpBYsKTjrg7-PbZjc1TIPAtQzk
rt.ad-score.com/	1970-01-20 20:13:21	Name: token Value: djyEgElVrnMBM-cj6h-wyfolnQnmatNJ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://predicted-price-floor.playwire.com/websites/73114/v1/Sun/10/desktop/Chrome/GDPR Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.fr
api.btloader.com
api.gofile.io
btloader.com
cdn.intergi.com
cdn.intergient.com
cdn.plyr.io
cnt.trvdp.com
file70.gofile.io
ghb.adtelligent.com
go.trvdp.com
gofile.io
googleads.g.doubleclick.net
largebrass.com
mb.moatads.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.pubfuture.com
plausible.gofile.io
predicted-price-floor.playwire.com
region1.google-analytics.com
rt.ad-score.com
s.trvdp.com
s3.pubfuture.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stg.truvidplayer.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
z.moatads.com
13.225.78.129
13.32.99.3
130.211.23.194
142.250.181.230
143.204.215.16
143.204.89.129
149.202.85.166
151.80.29.83
2001:4860:4802:34::36
2600:1901:0:4277::1
2600:9000:223d:3c00:14:2602:6e80:93a1
2600:9000:223f:6000:8:48e:53c0:93a1
2600:9000:2250:d000:12:4abd:d340:93a1
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700:20::681a:e7e
2606:4700:21::681b:c358
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a06:8640:764::2
31.14.70.250
35.178.217.194
35.208.216.174
52.222.214.94
88.221.169.143
014898bd15c7d271b62c610b72fae95fdd9f3435f1b74bf2c4eb1cdf6832ad23
0e2082693605b1938ae4b560b41dc3c5ade5dfa0c8817aebe3c10cdf7013cacb
11f24ea8272c8454bfd93c6102b511bb75a7f1bfd70c0e1f6cf58a4b067ed41f
120b592ce2c7ffa8f9c65e652cdd0fdff73fdad195262f5f03a949a810daa5c4
14cd167420b962b3db2cc70fac2bfc7b49f23fdd0b93b9c73f6dc567f730643e
258f15a0b2a02f88e8775f699307931e67d1c1afadfd51347275753758b3bba5
25f5229d2c05f4883245fe331033b79f2b77dd84296151ae8c59b1ed27e7fe5c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e
339dfc2b14a2cd9cc085b4771b6c1c297757ea472acef92d55c60a080f8c77e6
374ef7534395754207ce22b5fbbac45bbe7125da9ed72fa94a5c7617d5c7d7d0
404516af55f4fd3c3a73fe72848819c506a82ec233a68d010980acce53ad6d05
40a63dae7bf7b914fe06ce3069616401aacdab10fcd0a713adafd34565137463
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
443b6153204d491bbb045b2a446e121373cf4f14174c07eecf048c6b12e2fba7
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4858f5d5fd734cfe672dc4cdadca57c95371398195048e5b9bd11612bc026679
4e16759b69983206c563001b2448a7bd0bf172dc23ec6b4532ed7221392553e0
4e77de82816e4ed7844defc61447f84c79164f528da0c321c31d1876e17a4050
50f111b7b11b3d3ee99b3d3e280a3c002ed6cea19c5ba32ed0fb1a732585c930
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
57ee79d968a668f6f2374b679c4d37ef55059cd601fc5a9d612c20315b685bb4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6729042fecd6e011c0ba45f807dc93fa750169d7ac57c14daa01069f14430f73
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
73fb2fa0d192c9fe74aaef182a6dbc31c29e7cc863038f0d69eac0d5c8ae204f
743f0138a0425418260a773e375e698d20820a4a54c816e0819ba1efc38f09aa
74aea868e86139abd39ce34cd5aceb7d6bb76b45044a9feb0a8553970ac11f4e
7664e22fd373e8eed6b0e3dac3bb6012db5acadde1aec6a25090c12794f27333
85bd0e28180f06b7f944d35dd07ef1ce75d6d9b63c2d70cb8e65f8b566c43db4
8706c07750059d4f474353cc469150fd09a539df6f8830ccf418c47709f25b36
88282aaf0c5953174098810451ac6a613e858f662b6cd62e410b6c142db7cb5a
8b34334a5a0d4fd755df0abf55c266930feaac4ae86ce08ad3c3ba875b2822a7
8f8fc75c60dee113410e2c015478e5b6db88c373306cb854c2b0ad590f0978bb
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
970424071b42e7536e83402df1e92b46823776a6b0acb7848c5632350126758a
9f768dfa50588a60910bc4f53c33d64797e1c562946ec6a98c765639b6b5ae9f
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ba20bee09150928475b801358a2e57859d7f03709eeb24f375dafd8f386ce6
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
bc3b9c09bf69ce51b930e86a23c6f249f9cc6dc98a84fd278d4131c9ddd78f43
bd14c38fb0548fa540d6bd5e35262ab9abace01d15addde853d733b68f5d1bde
ca4b3d448276e792d47ffa25934c25909a84ba0135796db1dc3a5b3c8888a0ae
cb72289f70690b272267a0741402cdc3f4099ae40c834a13cb60a59f99fdc091
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10fcd57fbc3eb87320fe1469bcb522ded6c480f48ed51c511ef6da20f165760
d50600951b5eb7cca66717a57ad2e9fb0522896174a094b8a7fe6ed76cdd4934
d5772e870d666d6f6372a2d852529367848f3edca34324843b31ef4b42be0714
d657eceb02f80aad924892ef65e3fc09ba020d067783661314fe6515046be022
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a98b67c7edffef7138d578788a1c25310cd3561b94d8bce6999f40b0073186
dd03323db8b78ab71bbf4cc27f517ed48d19a5478f3f545a5b9fb7969e5913f6
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49818c57f207d38b86fd65fce6d490c4ab6c60348e9a7ff67f64a724b9e7019
e649b7248c6654b2f9b8fbd1de068ac6ea88568a2a9f4e27c61de53db44ad0ac
e7cc8e6919457de80b8d119038155c228ad69662a51e2cdf190903d3704ec33d
e7eda157d384eb4984e003dc79fd9ed9d9911221d7217ff5a7da7252969547b0
f2cbb89cd8582657ffc11b0a1412efddf74557f807eb25e1de264531eb4e620c

gofile.io Open in urlscan Pro 151.80.29.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

58 %IPv6

22 Domains

34 Subdomains

31 IPs

4 Countries

1435 kBTransfer

4458 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gofile.io Open in urlscan Pro
151.80.29.83 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

58 %
IPv6

22
Domains

34
Subdomains

31
IPs

4
Countries

1435 kB
Transfer

4458 kB
Size

9
Cookies

76 HTTP transactions
1 data transactions