| mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html | 67.222.134.147 | 200 OK | 7.4 kB |
URL User Request GET HTTP/1.1mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP67.222.134.147:443
CertificateIssuerLet's Encrypt Subjectmediafiretrend.com Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1505) Hash76b610012adf3720574eb78160437426 9bbc24588b02fbc5c9ca87c6710dec1c8cae344b e124eb283e121ae7e8f3d57ea4f001958bf02ba8683d3c956ff68328f10dc579
GET /t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| mediafiretrend.com/logo.gif | 67.222.134.147 | 200 OK | 5.1 kB |
URL GET HTTP/1.1mediafiretrend.com/logo.gif IP67.222.134.147:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectmediafiretrend.com Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT
File typeGIF image data, version 89a, 500 x 80 Hashf586fd0c5e756fe823c92d85701d7362 5ca03518e3342a2577b73642efc736582d488b32 4e1e682b3780cfbc0342dd24a1b4cf06719347699518b732e5e1675b0b70bdf1
GET /logo.gif HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/gif
Content-Length: 5126
Last-Modified: Tue, 05 Oct 2010 17:21:52 GMT
Connection: keep-alive
ETag: "4cab5eb0-1406"
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/js?id=G-4908KN5GDY | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-4908KN5GDY IP142.250.74.168:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash9053af80fe42996d6a434dbf3301d42c ff32860e2999dad78023507d162f18330a2e5694 85d866b35980299f68ccd1cefe5af6ea7d6378947ab9443b638dc0204dc1c041
GET /gtag/js?id=G-4908KN5GDY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 23:25:31 GMT
expires: Sat, 04 May 2024 23:25:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mediafiretrend.com/images/default.png | 67.222.134.147 | 200 OK | 3.8 kB |
URL GET HTTP/1.1mediafiretrend.com/images/default.png IP67.222.134.147:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectmediafiretrend.com Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash13dde164086eff66508817b64bbfcd0f c8c0492a7a964e65fb3d36bffe701f9c6a138574 3b364ea83e229ed937f79079e8fb8f9fdd3f7199fcee4420357e724044d4c48a
GET /images/default.png HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/png
Content-Length: 3802
Last-Modified: Tue, 05 Oct 2010 15:47:39 GMT
Connection: keep-alive
ETag: "4cab489b-eda"
Accept-Ranges: bytes
|
|
| mediafiretrend.com/images/multimedia.png | 67.222.134.147 | 200 OK | 4.5 kB |
URL GET HTTP/1.1mediafiretrend.com/images/multimedia.png IP67.222.134.147:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectmediafiretrend.com Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashfd381d79b978def55cf4595f67a36d90 e67211c4076d3cb2b358dae1ec70a695ff6e55bf 1a4f5f292cdaf41be1429029e3eabe449038c752091dcff866a29946890bbc90
GET /images/multimedia.png HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/png
Content-Length: 4533
Last-Modified: Tue, 05 Oct 2010 15:47:38 GMT
Connection: keep-alive
ETag: "4cab489a-11b5"
Accept-Ranges: bytes
|
|
| questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js | 192.243.59.20 | 200 OK | 12 kB |
URL GET HTTP/1.1questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectquestioningtosscontradiction.com FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT
File typeJavaScript source, ASCII text, with very long lines (31299), with no line terminators Hash1aa981639ceebfca81a2633b10ce67d7 f2a50294f6cfa4e0bbd4c1d1bb2076a6e725970d c19180e72375358d5681a70f5c5d2f528b64ce9296de43233970c3341df90808
GET /029df468b29833c6cbf3554e951d7c81/invoke.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 527bdf66fcff0641d1b8252c8790869d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js | 192.243.59.20 | 200 OK | 31 kB |
URL GET HTTP/1.1questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectquestioningtosscontradiction.com FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc0672bdad27a9d7d990035d6a8c18aa0 ed663b345b91bc918424d41d22373cf5e31ee644 a53180666401113539b4989a69bf062035fea2b820f016346797b582d54fa37b
GET /dd/6a/42/dd6a421db78c65363347d1784b71968c.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07e119107c06c6a9a594aaed13442c4b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 23:25:32 GMT
Last-Modified: Sat, 04 May 2024 22:02:54 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DrSnYm96zZz7LnTqSOd1iPJNE0zU3X5ZI05xTAQx6dscIphIxhypJA==
Age: 4958
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashee0ff9675a82fd95f7b3e7e45bed5dad 3d27872330abbdeffa7835d0386e0c62ffc2384d 89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1; expires=Tue, 02 May 2034 23:25:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js | 192.243.59.20 | 200 OK | 9.8 kB |
URL GET HTTP/1.1questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectquestioningtosscontradiction.com FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26579), with no line terminators Hash753e28158207be761815fdba5a60ab6c 0a2891d091d04189533f45f224ec58f1546b0677 aa448dbd222d8606b132af54c9b18c3e75233700802f9b66b9a1df14f898ec2d
GET /987c5bcd322e84c5759937076ef7c99c/invoke.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec31ccfa3aa714284667f36aaf3152aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashee0ff9675a82fd95f7b3e7e45bed5dad 3d27872330abbdeffa7835d0386e0c62ffc2384d 89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashee0ff9675a82fd95f7b3e7e45bed5dad 3d27872330abbdeffa7835d0386e0c62ffc2384d 89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| plumberwolves.com/pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1plumberwolves.com/pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70 IP172.240.108.68:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectplumberwolves.com Fingerprint6D:DE:01:27:89:8F:15:87:1B:2B:A9:9D:4C:53:F3:86:98:0B:B5:F5 ValidityMon, 29 Apr 2024 13:10:37 GMT - Sun, 28 Jul 2024 13:10:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: plumberwolves.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.profitabledisplaycontent.com/watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1www.profitabledisplaycontent.com/watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subject*.profitabledisplaycontent.com FingerprintF4:C1:8B:22:C3:5A:D9:C2:C4:6B:E0:3E:34:96:8E:99:A2:FE:86:0E ValiditySat, 30 Mar 2024 06:41:06 GMT - Fri, 28 Jun 2024 06:41:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1
Set-Cookie: u_pl=29748; expires=Sun, 05 May 2024 23:25:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTc0OCwiayI6IjAyOWRmNDY4YjI5ODMzYzZjYmYzNTU0ZTk1MWQ3YzgxIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjoxMjQ4NCwicGlkIjo2NjM1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsiNDciOiJhNGI5ZjBlNzA3YWVkNWE1MjI0MWQ0NThhMjkxMDcwNSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tZWRpYWZpcmV0cmVuZC5jb20vdC90aGUrZG9ubmFzK2FtZXJpY2FuK3RlZW5hZ2Urcm9jaytuK3JvbGwrbWFjaGluZSttZWRpYWZpcmUuaHRtbCIsImFyIjpbXX19.ZHaHeh4U-tpsMUtdRkB6_zeqtVXX0X4BEl4W1eL77O8; expires=Sat, 04 May 2024 23:26:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6366895feb8aec068c7a68a26469b32
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3779d42114004791a4683756f68257b4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| apis.google.com/js/platform.js | 142.250.74.110 | 200 OK | 21 kB |
URL GET HTTP/2apis.google.com/js/platform.js IP142.250.74.110:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT
File typeJavaScript source, ASCII text, with very long lines (2050) Hashe66acfdb2f1dfcff8c6dba736dd4ab6d 36026360b6c8d750488ef2c739e04969f8c5bcd7 742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21303
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:25:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d8cc7aca923e8ade"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mediafiretrend.com/favicon.ico | 67.222.134.147 | 200 OK | 198 B |
URL GET HTTP/1.1mediafiretrend.com/favicon.ico IP67.222.134.147:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectmediafiretrend.com Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 2 colors Hash7d2fac9ec784802103b07df705aeefc4 d427cc62b7fc793ebc4b0e60cdecc73c462cd74e 5870d4b4a73c45ad0adae8ec77b4b6c129a7197c0462dde29f405f32e6cd5fe1
GET /favicon.ico HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Cookie: _ga_4908KN5GDY=GS1.1.1714865132.1.0.1714865132.0.0.0; _ga=GA1.1.1347204119.1714865133; dom3ic8zudi28v8lr6fgphwffqoz0j6c=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1; pp_main_dd6a421db78c65363347d1784b71968c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: image/x-icon
Content-Length: 198
Last-Modified: Fri, 16 Nov 2012 15:35:46 GMT
Connection: keep-alive
ETag: "50a65d52-c6"
Accept-Ranges: bytes
|
|
| apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ | 142.250.74.110 | | 226 B |
URL apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP142.250.74.110:0
CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash4df07581948280a6e769a24c5d99d775 843a2c95362347eb8894a6acb607f139be65ded4 3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73
GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:55:33 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| arrearsdecember.com/ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1arrearsdecember.com/ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectarrearsdecember.com Fingerprint67:4E:90:04:8D:C3:35:EB:EC:61:DC:89:4F:B6:A9:A4:12:DB:B6:44 ValidityMon, 29 Apr 2024 08:44:16 GMT - Sun, 28 Jul 2024 08:44:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4 HTTP/1.1
Host: arrearsdecember.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14925896; expires=Sun, 05 May 2024 23:25:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b0ba705121abc99aa36813738abdb58
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs | 142.250.74.110 | 200 OK | 35 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs IP142.250.74.110:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1586) Hash2194126651ec918368e1c172f3003494 44cbf3b9bd5ac4f5c95cfcc8ad31844ba9f67c48 f3bed417a7effbce45e190fabd36fba0d906f4d39a893231eaf61c0801d0fbca
GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 35323
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:44:49 GMT
expires: Sat, 03 May 2025 07:44:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 142844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 56 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hasha07a0041143bc11d11c2fe0d37a5ded7 cb14b39ec6f8a362a08d1957af211d81f750d54d 233746b5d7f58579f0d5ea21e4907fdb5be5469f05dd7691633448aead77fc98
GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55813
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:04 GMT
expires: Fri, 02 May 2025 12:30:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 212129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subject*.profitabledisplaycontent.com FingerprintF4:C1:8B:22:C3:5A:D9:C2:C4:6B:E0:3E:34:96:8E:99:A2:FE:86:0E ValiditySat, 30 Mar 2024 06:41:06 GMT - Fri, 28 Jun 2024 06:41:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
Referer: https://mediafiretrend.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=29748; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTc0OCwiayI6IjAyOWRmNDY4YjI5ODMzYzZjYmYzNTU0ZTk1MWQ3YzgxIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjoxMjQ4NCwicGlkIjo2NjM1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsiNDciOiJhNGI5ZjBlNzA3YWVkNWE1MjI0MWQ0NThhMjkxMDcwNSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tZWRpYWZpcmV0cmVuZC5jb20vdC90aGUrZG9ubmFzK2FtZXJpY2FuK3RlZW5hZ2Urcm9jaytuK3JvbGwrbWFjaGluZSttZWRpYWZpcmUuaHRtbCIsImFyIjpbXX19.ZHaHeh4U-tpsMUtdRkB6_zeqtVXX0X4BEl4W1eL77O8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1; expires=Sat, 11 May 2024 23:25:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbab678d3c480c9e9815e73febd3474c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| apis.google.com/js/rpc:shindig_random.js?onload=init | 142.250.74.110 | 200 OK | 5.9 kB |
URL GET HTTP/3apis.google.com/js/rpc:shindig_random.js?onload=init IP142.250.74.110:443
Requested byhttps://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2054) Hash23a7ab8d8ba33d255e61be9fc36b1d16 042d8431d552c81f4e504644ac88adce7bf2b76f 127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5
GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5908
date: Sat, 04 May 2024 23:25:34 GMT
expires: Sat, 04 May 2024 23:25:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9b77125b6924cb07"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js | 142.250.74.67 | 200 OK | 4.8 kB |
URL GET HTTP/2ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js IP142.250.74.67:443
Requested byhttps://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (1915) Hash40aaadf2a7451d276b940cddefb2d0ed b2fc8129a4f5e5a0c8cb631218f40a4230444d9e 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2
GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:05 GMT
expires: Fri, 02 May 2025 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 12:07:43 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 249029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs | 142.250.74.110 | 200 OK | 24 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP142.250.74.110:443
Requested byhttps://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash63e5a0b45632b3dde3694ffcaf0e3f7a 923736d0cdc308331d5cfaa0ea159bfedc83d53f 889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db
GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23473
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:59:06 GMT
expires: Fri, 02 May 2025 01:59:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 249988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| unseenreport.com/pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 303a54d52c67a7c4a1054c4768a528b1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ | 74.125.131.84 | 200 OK | 566 B |
URL GET HTTP/2accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP74.125.131.84:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67 ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT
File typeHTML document, ASCII text, with very long lines (586), with no line terminators Hash68b04272a04aabe507686fa32fe1b59a 32b6f4d13f261040f7154eefc608c9cb07a8f5fb e56c5305f7d6a1928fe598c4f7cc52bc94ba19e63efec240c23561ca3a5f41ef
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 23:25:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-MYE-oiFog-WLHQZW03lpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ | 142.250.74.110 | 301 Moved Permanently | 0 B |
URL GET HTTP/2apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP142.250.74.110:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:55:33 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2a24919f265193e816ded6065556395d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 23:25:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=parFNqA%2Furq23cmPbovvj%2B%2Bx7Lsun7STckpLxFQfVGAhUqbEVRaumy4ZfFoQf2Ir228kuKESCcxHQV5avKFCw3d5mVNGFVKgw0da%2FCSoqPM%2BrLULJqDrwKmEpVHPKLEIHkA%2FNds2R7UCZw%2BAfsSiyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec40267aea56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js | 104.17.111.223 | 200 OK | 9.2 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.17.111.223:443
Requested byhttps://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9410), with no line terminators Hash5eb2adfca36be15c8d4a206576132abd f507beb2560693723f4b360af70bfe9bd8bed534 6ad1aa44625325d8e975bccee776e9a60ae134d2de1cb8d98852de9f3109aa4a
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:31 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3430
expires: Tue, 07 May 2024 23:25:31 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=GUJHFqJqA0CDodmJYLhmgGOp4Nd1bIBw0.kbbRz268g-1714865131-1.0.1.1-GFbmHDmL_CmxQvcGYaMBfQ8rrNhDPu1ZvGzeE816.6bGuxqvKNf3Y.70pYncJIS.nhYI9jlvLD5Ee_MRVYTlQg; path=/; expires=Sat, 04-May-24 23:55:31 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87ec401ffd4eb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|