Report - cli.re/bpjdA8

Report Overview

Visited public
2023-12-05 08:19:27
Tags
Submit Tags
URL
cli.re/bpjdA8
Finishing URL
www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file
IP / ASN
104.21.94.71
#13335 CLOUDFLARENET
Title
!@#Setup-Pa$$W0rd-2024

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
translate.googleapis.com	1005	2005-01-25	2012-05-31 09:21:21	2023-12-04 14:42:31	1.2 kB	84 kB	142.250.74.138
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	466 B	4.2 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-05 08:08:22	1.6 kB	8.9 kB	142.250.74.35
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	1.3 kB	233 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-05 05:10:23	848 B	448 B	216.239.34.36
cli.re	unknown	2014-02-12	2015-12-28 02:56:46	2023-12-02 13:16:25	481 B	95 kB	172.67.220.142
translate.google.com	1156	1997-09-15	2012-05-30 03:30:32	2023-12-04 05:10:19	947 B	34 kB	216.58.211.14
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04 07:37:42	2023-12-04 09:43:34	543 B	2.3 kB	142.250.74.138
softsssall.mediafire.com	unknown	unknown	No data	No data	516 B	95 kB	104.16.114.74
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-12-04 06:35:54	512 B	20 kB	104.16.56.101
static.mediafire.com	47565	2002-08-11	2017-12-11 22:20:42	2023-12-02 20:06:38	4.7 kB	10 kB	104.16.114.74
www.mediafire.com	30109	2002-08-11	2012-05-22 04:29:38	2023-12-03 20:09:06	9.7 kB	130 kB	104.16.114.74
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-05 05:55:22	594 B	580 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 08:19:14	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:14	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:14	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:15	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:15	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:15	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:15	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:15	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:16	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:16	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 08:19:28	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c	ScriptElement	240 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 09:19 Last Seen2023-12-05 22:06 Times Seen4 Hash c8bcbd0bdf4d2e0124357e958a3b9e05 929e97ab059bfc849bbf48b5f78dfccb1b67241e 9f86c209c3767019c3a2cc2808be42b62d74927008c92ea3e5a14ac5e0e2186b Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	51 B	2023-03-13	2025-06-27
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 08:44 Last Seen2025-06-27 08:35 Times Seen201 Hash b48f6456cd553104202c2fe61ec8cbb2 4fbad834a07d18b0ade2982ef26e5844a1ff7e86 49c39104f0cd65772725e7b3d1ac247ae42f1735cb07831aa5d19e3fa5c6233a Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	366 B	2023-11-06	2024-08-20
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-06 19:21 Last Seen2024-08-20 20:39 Times Seen36 Hash 5056f7a6f0a28331104c88518553b515 2d9d48958d1e9322aafe8c2b87fe9295f2d5fd31 1ea9fcc80b5b27fcd454b96df54a8ee149599d7704fc68ebe3df481f22dcaa8c Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	2.0 kB	2023-03-07	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 03:04 Times Seen2015 Hash e48418f18355925eaea03355309b2e00 c51214ad93526b8c02f9624b7ef0dda8c7dfe9a5 2fd1cae6706b4ee934c5c6f90d0aee52851d2310a9a4a413dca147cf907906e1 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/sandbox%20eval%20code		147 B	2023-04-11	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 21:31 Times Seen380433 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.mediafire.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/am=AAM/d=1/rs=AN8SPfqTarZ7CfwZuRZ6kojPhk2UtLhMeg/m=el_conf	ScriptElement	90 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/am=AAM/d=1/rs=AN8SPfqTarZ7CfwZuRZ6kojPhk2UtLhMeg/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:43 Last Seen2024-08-20 16:43 Times Seen1 Hash 3783cd5da7a1d85db5d966880be0e0fe 04429491cbaaf5956e8f9d6f0655324b11c085c4 13ddba013cc1a19b0f53d23a0b20f66fd14f8dcd7022e05b3ada7580cb54247f Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	340 B	2023-03-07	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 03:04 Times Seen2015 Hash 7b0298352717334914068ec708c9513a faf49acfb2d927211e20a345a4f6d77b31fbb539 16d9425c57376be8131894bb4b01fea2547be2fbbed0f3587cba20af9dae4190 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	541 B	2023-03-07	2025-06-27
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:58 Last Seen2025-06-27 08:35 Times Seen564 Hash a68f6aac9d86e169f4b85835b880235a c6a5e1e6f04c84d4589b62f873f0c3ac1a47e9bf e8436cb372105c025d756b37f97bd6303ff7ed7e5e4f2868dbc63be07b447de6 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	658 B	2023-03-07	2025-06-10
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-10 17:52 Times Seen1412 Hash 3d9dd3dfd08271e8e67d096e4e43db5c 973cda2469d945e79930c96089eff05ee619294c 2c6a061a66c76e6a96530d6190e183aa6d17932f0d76778bba8bd9a6d80e09cf Loading...

	www.googletagmanager.com/gtm.js?id=GTM-53LP4T	ScriptElement	266 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 09:19 Last Seen2023-12-05 20:51 Times Seen4 Hash cd517cf47dce75a151ebb2cc8d2eb3b4 5b32fe4306d3566a873a054ee9e9a29d444cc515 9bf33d3cdeacf983373af0536c2e2775b3cf34547a74f4847e905c551bea97be Loading...

	www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2023-12-05	2023-12-05
Pretty URL www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 09:19 Last Seen2023-12-05 10:08 Times Seen2 Hash 2d4a243a32a4d9a6c40f40d71d55bfe6 f58f5bfef45df211dd661cbd765076df5c73a435 e99a88e8aa760dac23e859a19da2fc927af0e62877bf239cd0e46518db06b9cd Loading...

	www.googletagmanager.com/gtag/js?id=UA-829541-1	ScriptElement	178 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 09:19 Last Seen2023-12-05 22:06 Times Seen7 Hash 4c412c31ab7e4a5c5c97111ccfc41b23 a918cf8228b05d2d0e1f82658f29d18644048522 4387cb621ced1c08574413866413ddc84e37b4caeb911d9151f8c02b5d67d4de Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-30
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 21:31 Times Seen379885 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	1.4 kB	2023-03-07	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 03:04 Times Seen1297 Hash ac28d3adfc51fa961f442efde7c10ce6 faed185c2f5dea63f1140b033f7d6e8c02c29295 c78d75016d77016fa0ef5cd7ee429bb10974397b970ef6eb975bce72099c29c6 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	244 B	2023-03-07	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 03:04 Times Seen1310 Hash 3d3cc144a4263f35a45be0ce301a7765 d4f9599219bcf86d846eaf65ebd8833fa67ddcae 9ee897df84988e54e3816800f2fd31ea5c2157dff7f21ab50fdb1eff4f1e3fde Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	14 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:43 Last Seen2024-08-20 16:43 Times Seen1 Hash 1df3381b6a97bb2020bb71534c7daf65 6d295b6cabd70fbded22248728758ce3318fa49d e8c6195869e6f00a50153e1f0cd43f366bf267f08928a3b0ee75a0e6a0d67290 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-06-30
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-06-30 00:58 Times Seen17163 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:43 Last Seen2024-08-20 16:43 Times Seen1 Hash 5e6c486e828202bb91df6a6f538d5c17 9ddfc6004ed5309c3bf5bac5191da6ce9079ae72 517e88ed98c7a12e03fcce3d4df16837e54a00cff58fc3ad1b8b8dff1ea65e44 Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	116 B	2023-04-26	2025-06-30
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-26 19:54 Last Seen2025-06-30 03:04 Times Seen1088 Hash f73495320c5339bf6dd20bdf8abd421e 00e3250f052eab322ae032f1afaa658ac5dda9ee 1f67e0d37ab8f1187d91e7e315f3a3b0938ddcb4291c68bc60d89e883dbe6a9c Loading...

	www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:43 Last Seen2024-08-20 16:43 Times Seen1 Hash 0a3b581c9a81221a904589b1d0fda6e4 b9870618bbce76853ea35db253757b936142df81 47559c1754a6bf9702677303ab64181fb47974394b4829bb64ed3033d785861e Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main	ScriptElement	233 kB	2023-12-04	2023-12-08
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 22:08 Last Seen2023-12-08 02:08 Times Seen133 Hash 45498924419212780ef341b346f83f38 407175bd46e2ac2ccd073473131c06da6c8cc9a5 1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e Loading...

		Size	First Seen	Last Seen
	#1 Write - 257d49463eeec3d54ec1746b4c93362e	3.0 kB	2023-12-04 22:37	2024-08-20 16:46
Pretty Observations First Seen2023-12-04 22:37 Last Seen2024-08-20 16:46 Times Seen297 Hash 257d49463eeec3d54ec1746b4c93362e 96149ec43996ef38de4cb2f0501d1a2f8e2834c3 e79ec683492f3ada142c6dda65bfe1eee30b29eb2c8fd7baf00fcca3afc79f71 Loading...

HTTP Transactions (32)

	URL	IP	Response	Size
	GET static.mediafire.com/images/backgrounds/footer/social/footerIcons.png	104.16.114.74	200 OK	583 B
URL GET HTTP/2 static.mediafire.com/images/backgrounds/footer/social/footerIcons.png IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type PNG image data, 112 x 28, 8-bit/color RGBA, non-interlaced\012- data Size 583 B (583 bytes) Hash e0abc4fea89d2c5153b73cd02ac5ba13 00465ef774805c82fb5b8a40b743f7b1a1d1a7d6 f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061 HTTP Headers GET /images/backgrounds/footer/social/footerIcons.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/png content-length: 583 last-modified: Mon, 25 Jul 2022 18:00:54 GMT etag: "62deda56-247" expires: Thu, 04 Jan 2024 03:33:11 GMT cache-control: max-age=2592000 access-control-allow-origin: * cf-cache-status: HIT age: 7003 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 830adccf28b056be-OSL X-Firefox-Spdy: h2`

	GET static.mediafire.com/images/filetype/file-zip-v3.png	104.16.114.74	200 OK	1.9 kB
URL GET HTTP/2 static.mediafire.com/images/filetype/file-zip-v3.png IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type PNG image data, 43 x 58, 8-bit/color RGBA, non-interlaced\012- data Size 1.9 kB (1872 bytes) Hash a23b8b7059e953fc1b74bf87a77ebb0c f23e0ad301389083104f04d4164fa57423387b17 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e HTTP Headers GET /images/filetype/file-zip-v3.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/png content-length: 1872 last-modified: Mon, 25 Jul 2022 18:00:54 GMT etag: "62deda56-750" expires: Thu, 04 Jan 2024 03:32:52 GMT cache-control: max-age=2592000 access-control-allow-origin: * cf-cache-status: HIT age: 7003 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 830adccf28ac56be-OSL X-Firefox-Spdy: h2`

	GET www.googletagmanager.com/gtag/js?id=UA-829541-1	142.250.74.168	200 OK	65 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (3026) Size 65 kB (64914 bytes) Hash 4c412c31ab7e4a5c5c97111ccfc41b23 a918cf8228b05d2d0e1f82658f29d18644048522 4387cb621ced1c08574413866413ddc84e37b4caeb911d9151f8c02b5d67d4de HTTP Headers `GET /gtag/js?id=UA-829541-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 05 Dec 2023 08:19:09 GMT expires: Tue, 05 Dec 2023 08:19:09 GMT cache-control: private, max-age=900 last-modified: Tue, 05 Dec 2023 06:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 64914 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.googletagmanager.com/gtm.js?id=GTM-53LP4T	142.250.74.168	200 OK	84 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (30556) Size 84 kB (83460 bytes) Hash cd517cf47dce75a151ebb2cc8d2eb3b4 5b32fe4306d3566a873a054ee9e9a29d444cc515 9bf33d3cdeacf983373af0536c2e2775b3cf34547a74f4847e905c551bea97be HTTP Headers `GET /gtm.js?id=GTM-53LP4T HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 05 Dec 2023 08:19:09 GMT expires: Tue, 05 Dec 2023 08:19:09 GMT cache-control: private, max-age=900 last-modified: Tue, 05 Dec 2023 06:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 83460 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.mediafire.com/images/icons/svg_light/icons_sprite.svg	104.16.114.74	200 OK	8.8 kB
URL GET HTTP/2 www.mediafire.com/images/icons/svg_light/icons_sprite.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 8.8 kB (8816 bytes) Hash 23860144b156d87027e551fe0509d1f8 0226523952562819bcc39343a741a9c17e50a155 0c6238b216826aa3162e481d6443c423ee4332bbcd5bebc7308af0cf7cc58928 HTTP Headers GET /images/icons/svg_light/icons_sprite.svg HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml cf-ray: 830adccf28ae56be-OSL cf-cache-status: HIT access-control-allow-origin: * age: 6374 etag: W/"62deda56-90ab" last-modified: Mon, 25 Jul 2022 18:00:54 GMT vary: Accept-Encoding server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2`

	GET translate.google.com/translate_a/element.js?cb=googHeadTranslate	216.58.211.14	200 OK	32 kB
URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=googHeadTranslate IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type gzip compressed data, max compression\012- data Size 32 kB (31566 bytes) Hash 786279ceaad25154563b866cae554488 57ebb415868989b824fe0357099634f8514e4c37 10c62609bd3be6bab6bedaa382c1b3446ff451d6f3ac54c01af3546a215db081 HTTP Headers `GET /translate_a/element.js?cb=googHeadTranslate HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 05 Dec 2023 08:19:09 GMT cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: CONSENT=PENDING+658; expires=Thu, 04-Dec-2025 08:19:09 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c	142.250.74.168	200 OK	83 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (7711) Size 83 kB (82886 bytes) Hash c8bcbd0bdf4d2e0124357e958a3b9e05 929e97ab059bfc849bbf48b5f78dfccb1b67241e 9f86c209c3767019c3a2cc2808be42b62d74927008c92ea3e5a14ac5e0e2186b HTTP Headers `GET /gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 05 Dec 2023 08:19:10 GMT expires: Tue, 05 Dec 2023 08:19:10 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 82886 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.16.114.74	302 Found	492 B
URL GET HTTP/2 www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type gzip compressed data, max speed\012- data Size 492 B (492 bytes) Hash 8fa0c3dfd441f220607af2488e6c6693 42b5cff7afeb3a6173b8e15a3482244b3db1fc2d 59fffd241a29693b11fc6cc31f945859a75713cd3df99707e7659195b1cd82b0 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found date: Tue, 05 Dec 2023 08:19:09 GMT access-control-allow-origin: * location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js cache-control: max-age=300, public vary: accept-encoding content-encoding: gzip server: cloudflare cf-ray: 830adccf58d556be-OSL X-Firefox-Spdy: h2`

	GET www.mediafire.com/favicon.ico	104.16.114.74	200 OK	5.4 kB
URL GET HTTP/2 www.mediafire.com/favicon.ico IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 8 bits/pixel\012- data Size 5.4 kB (5431 bytes) Hash 7e3d95b3a05df5380677c088cadc5e90 4bea4481b66f7d5a722f472355dfe6fdabaa0378 d795dc457f279b5591bb0b9d61d387b619d06de4eab3ea04965b44ad20e6f3c6 HTTP Headers GET /favicon.ico HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/x-icon cf-ray: 830adcd069b256be-OSL cf-cache-status: HIT access-control-allow-origin: * age: 525892 cache-control: max-age=2592000 etag: W/"62deda56-2a46" expires: Wed, 27 Dec 2023 15:31:04 GMT last-modified: Mon, 25 Jul 2022 18:00:54 GMT vary: Accept-Encoding server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2`

	GET translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main	142.250.74.138	200 OK	82 kB
URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (2193) Size 82 kB (81976 bytes) Hash 45498924419212780ef341b346f83f38 407175bd46e2ac2ccd073473131c06da6c8cc9a5 1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e HTTP Headers GET /_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 81976 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Dec 2023 18:19:43 GMT expires: Tue, 03 Dec 2024 18:19:43 GMT cache-control: public, max-age=31536000 last-modified: Sat, 02 Dec 2023 00:18:31 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 50367 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.mediafire.com/images/icons/svg_dark/icons_sprite.svg	104.16.114.74	200 OK	8.4 kB
URL GET HTTP/2 www.mediafire.com/images/icons/svg_dark/icons_sprite.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 8.4 kB (8385 bytes) Hash 8c7bfd8da95503007c971019a588880e 1da35a96b87bbeee0fef5b5547ceb897797d954e df2c158bdca8e2f4cc4985b5e8431588ed16a45b14e6c652232b25e1681e62a3 HTTP Headers GET /images/icons/svg_dark/icons_sprite.svg HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml cf-ray: 830adccdcf8456be-OSL cf-cache-status: HIT access-control-allow-origin: * age: 2955 etag: W/"62deda56-90ab" last-modified: Mon, 25 Jul 2022 18:00:54 GMT vary: Accept-Encoding server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2`

	GET static.mediafire.com/images/icons/svg_light/facebook.svg	104.16.114.74	200 OK	2.1 kB
URL GET HTTP/2 static.mediafire.com/images/icons/svg_light/facebook.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 2.1 kB (2140 bytes) Hash b7e2a7f155ad1ba5c918ad2877f7150d 59955a8eb4fd24dafb9f1b4348753a9bb41a50d1 b61876749181d23cc7b2ee9ca6657b2e55bbc67620991626d9ec554e66e5bab4 HTTP Headers GET /images/icons/svg_light/facebook.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml last-modified: Mon, 25 Jul 2022 18:00:54 GMT etag: W/"62deda56-191" access-control-allow-origin: * cf-cache-status: HIT age: 5128 vary: Accept-Encoding server: cloudflare cf-ray: 830adccdefa256be-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	GET www.mediafire.com/images/flags_svg/usa.svg	104.16.114.74	200 OK	1.4 kB
URL GET HTTP/2 www.mediafire.com/images/flags_svg/usa.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 1.4 kB (1382 bytes) Hash 8594334aa465f022e0a1cbc3bff33657 702b83ecada0bf5de0b0dc0bbb5ac959007637e8 81a2a61c38778e81baff90d5fe7a727669487e24dfe6794ee461f3c9d3c58bad HTTP Headers GET /images/flags_svg/usa.svg HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml cf-ray: 830adccdcf8556be-OSL cf-cache-status: HIT access-control-allow-origin: * age: 4468 etag: W/"62deda56-5c7" last-modified: Mon, 25 Jul 2022 18:00:54 GMT vary: Accept-Encoding server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2`

	GET fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg	216.58.207.227	200 OK	3.3 kB
URL GET HTTP/2 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators Size 3.3 kB (3340 bytes) Hash 2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 HTTP Headers `GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-length: 3340 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 30 Nov 2023 23:23:19 GMT expires: Fri, 29 Nov 2024 23:23:19 GMT cache-control: public, max-age=31536000 age: 377751 last-modified: Wed, 20 Apr 2022 14:24:23 GMT content-type: image/svg+xml vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	142.250.74.138		1.4 kB
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 142.250.74.138:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text Size 1.4 kB (1392 bytes) Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 HTTP Headers GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1 Host: translate-pa.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK cross-origin-resource-policy: cross-origin p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-type: text/javascript; charset=UTF-8 vary: Origin, X-Origin, Referer content-encoding: gzip date: Tue, 05 Dec 2023 08:19:10 GMT server: ESF cache-control: private content-length: 1392 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: NID=511=ack36DVTVXGkuwVrNPdKJbJF6yPeDTF6ZN5QxoxBQ2Zzb_ePgsjhGTr_iDz6Gs3-3_Lk3E0DbKuAMbUEqI0xlxlsCbnWfi_TFzbRNKF1YucyxoFYlyk202ncexwrCFoP3CXwF-rH33VjutT3ArSaTSBOmdfAPOzg8YFYkMcsOBU; expires=Wed, 05-Jun-2024 08:19:10 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly CONSENT=PENDING+892; expires=Thu, 04-Dec-2025 08:19:10 GMT; path=/; domain=.googleapis.com; Secure expires: Tue, 05 Dec 2023 08:19:10 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	POST www.mediafire.com/cdn-cgi/rum?	104.16.114.74	204 No Content	0 B
URL POST HTTP/2 www.mediafire.com/cdn-cgi/rum? IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br content-type: application/json Content-Length: 6284 Origin: https://www.mediafire.com DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D; cf_clearance=QtZaJUyM3lWF9t.VI1QsGevGt3R2M8dSPaaUq4b7ocY-1701764349-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701764349; _ga_K68XP6D85D=GS1.1.1701764355.1.0.1701764355.60.0.0; _ga=GA1.1.1096140769.1701764356 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 204 No Content date: Tue, 05 Dec 2023 08:19:10 GMT access-control-allow-origin: https://www.mediafire.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 830adcd64ed556be-OSL x-frame-options: DENY x-content-type-options: nosniff X-Firefox-Spdy: h2`

	GET translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203	216.58.211.14	204 No Content	0 B
URL GET HTTP/3 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203 IP 216.58.211.14:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95 ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203 HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 204 No Content content-type: image/gif; charset=us-ascii cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Tue, 05 Dec 2023 08:19:10 GMT cross-origin-resource-policy: cross-origin p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* content-security-policy: script-src 'nonce-FAR027PZ7HtjwrUDS0oWHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy: same-origin server: ESF content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff set-cookie: __Secure-ENID=16.SE=qVHmHadssJBGPMihz54YKJwt1h2axMIYHC5UoqeTvq1CiyLhZGjIgNh0RYOx7Z6QWt8Lu25Wk1uzKTv2oyk_qfC121hYrE5qVjVE4hl8ark9ocuKO6O1CC6iMi42Dkvq9g_q_T4WfsleWk7-ziZuJjIAN0NYtwfJRw5CdYfjoT0; expires=Sat, 04-Jan-2025 00:37:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css	142.250.74.35	200 OK	4.0 kB
URL GET HTTP/3 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type ASCII text, with very long lines (20367), with no line terminators Size 4.0 kB (3960 bytes) Hash 72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1 HTTP Headers GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 3960 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Dec 2023 18:39:49 GMT expires: Tue, 03 Dec 2024 18:39:49 GMT cache-control: public, max-age=31536000 last-modified: Sat, 15 Jul 2023 01:09:03 GMT content-type: text/css; charset=UTF-8 vary: Accept-Encoding age: 49161 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	POST region1.analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701764354815&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1096140769.1701764356&ul=en-us&sr=1280x1024&_s=1&sid=1701764355&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&dt=!%40%23Setup-Pa%24%24W0rd-2024&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&tfd=2351	216.239.34.36	204 No Content	0 B
URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701764354815&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1096140769.1701764356&ul=en-us&sr=1280x1024&_s=1&sid=1701764355&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&dt=!%40%23Setup-Pa%24%24W0rd-2024&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&tfd=2351 IP 216.239.34.36:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701764354815&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1096140769.1701764356&ul=en-us&sr=1280x1024&_s=1&sid=1701764355&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&dt=!%40%23Setup-Pa%24%24W0rd-2024&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F01qf3gtk547xus3%2F!%40&tfd=2351 HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.mediafire.com DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.mediafire.com date: Tue, 05 Dec 2023 08:19:10 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	OPTIONS translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0	142.250.74.138	200 OK	0 B
URL OPTIONS HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP 142.250.74.138:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser Referer: https://www.mediafire.com/ Origin: https://www.mediafire.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK access-control-allow-origin: https://www.mediafire.com access-control-allow-methods: GET, POST, OPTIONS access-control-max-age: 86400 access-control-allow-credentials: true access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin content-type: text/plain; charset=UTF-8 date: Tue, 05 Dec 2023 08:19:20 GMT server: Playlog content-length: 0 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: CONSENT=PENDING+765; expires=Thu, 04-Dec-2025 08:19:20 GMT; path=/; domain=.googleapis.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires: Tue, 05 Dec 2023 08:19:20 GMT cache-control: private

	GET static.mediafire.com/images/icons/svg_light/twitter.svg	104.16.114.74	200 OK	684 B
URL GET HTTP/2 static.mediafire.com/images/icons/svg_light/twitter.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1080), with no line terminators Size 684 B (684 bytes) Hash ee5b67dd14c862f806a245597c5c00d0 3eb45ed6358447cdef740f576b646d2bc161c32a 00f3a4f4db3c45f63a04b8c66f5375bbd9280f3cddc3080510dd7a2313cf03e5 HTTP Headers GET /images/icons/svg_light/twitter.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml last-modified: Mon, 25 Jul 2022 18:00:54 GMT etag: W/"62deda56-3b5" access-control-allow-origin: * cf-cache-status: HIT age: 3304 vary: Accept-Encoding server: cloudflare cf-ray: 830adccdefa056be-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	GET softsssall.mediafire.com/file/01qf3gtk547xus3/!@	104.16.114.74	302 Found	94 kB
URL User Request GET HTTP/2 softsssall.mediafire.com/file/01qf3gtk547xus3/!@ IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type Size 94 kB (94305 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /file/01qf3gtk547xus3/!@ HTTP/1.1 Host: softsssall.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Tue, 05 Dec 2023 08:19:08 GMT content-type: text/html; charset=UTF-8 location: https://www.mediafire.com/file/01qf3gtk547xus3/!@ strict-transport-security: max-age=0 access-control-allow-origin: cf-cache-status: DYNAMIC set-cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; expires=Sat, 05-Dec-2043 08:19:08 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; path=/; expires=Tue, 05-Dec-23 08:49:08 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 830adcc7c9b556be-OSL X-Firefox-Spdy: h2

	GET www.mediafire.com/file/01qf3gtk547xus3/!@	104.16.114.74	200 OK	94 kB
URL User Request GET HTTP/2 www.mediafire.com/file/01qf3gtk547xus3/!@ IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52654) Size 94 kB (94305 bytes) Hash b043af5bbf1cb2ad0cf09d5aa89ea06c d5056c1041a4d50c0970e1f73a1e47c4221eb8fa 9a27f5f206be0af07ed7b899400dda700e0b34671d6b157cfffd461e0192bc17 HTTP Headers GET /file/01qf3gtk547xus3/!@ HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I= Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:08 GMT content-type: text/html; charset=UTF-8 cf-ray: 830adcc97b9756be-OSL cf-cache-status: DYNAMIC access-control-allow-origin: https://www.mediafire.com cache-control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires: 0 set-cookie: conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D; expires=Thu, 04-Jan-2024 08:19:08 GMT; Max-Age=2592000; path=/; domain=.mediafire.com strict-transport-security: max-age=0 vary: Accept-Encoding pragma: no-cache x-frame-options: SAMEORIGIN x-robots-tag: noindex, nofollow server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2

	GET www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1096140769.1701764356&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1396839199	142.250.74.163	200 OK	42 B
URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1096140769.1701764356&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1396839199 IP 142.250.74.163:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.google.no Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32 ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1096140769.1701764356&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1396839199 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 05 Dec 2023 08:19:10 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png	142.250.74.35	200 OK	910 B
URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 910 B (910 bytes) Hash efa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 HTTP Headers `GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 910 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Dec 2023 13:40:04 GMT expires: Tue, 03 Dec 2024 13:40:04 GMT cache-control: public, max-age=31536000 last-modified: Thu, 02 Nov 2023 22:48:00 GMT content-type: image/png vary: Origin age: 67146 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET www.mediafire.com/file/01qf3gtk547xus3/!@	0.0.0.0		0 B
URL GET www.mediafire.com/file/01qf3gtk547xus3/!@ IP 0.0.0.0:0 ASN #0 Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /file/01qf3gtk547xus3/!@ HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D; cf_clearance=QtZaJUyM3lWF9t.VI1QsGevGt3R2M8dSPaaUq4b7ocY-1701764349-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701764349; _ga_K68XP6D85D=GS1.1.1701764355.1.0.1701764355.60.0.0; _ga=GA1.1.1096140769.1701764356 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache

	POST www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/830adcc97b9756be	104.16.114.74	200 OK	0 B
URL POST HTTP/2 www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/830adcc97b9756be IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/830adcc97b9756be HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12250 Origin: https://www.mediafire.com DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/file/01qf3gtk547xus3/!@ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: text/plain; charset=UTF-8 set-cookie: cf_clearance=QtZaJUyM3lWF9t.VI1QsGevGt3R2M8dSPaaUq4b7ocY-1701764349-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701764349; path=/; expires=Wed, 04-Dec-24 08:19:09 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 830adcd2ebd756be-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	GET www.gstatic.com/images/branding/product/2x/translate_24dp.png	142.250.74.35	200 OK	1.8 kB
URL GET HTTP/3 www.gstatic.com/images/branding/product/2x/translate_24dp.png IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 1.8 kB (1842 bytes) Hash c69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 HTTP Headers GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 1842 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 30 Nov 2023 05:20:13 GMT expires: Fri, 29 Nov 2024 05:20:13 GMT cache-control: public, max-age=31536000 age: 442737 last-modified: Thu, 14 Oct 2021 09:08:00 GMT content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	GET static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	104.16.56.101	200 OK	20 kB
URL GET HTTP/2 static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.56.101:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8 ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT File type ASCII text, with very long lines (19986), with no line terminators Size 20 kB (19986 bytes) Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 HTTP Headers `GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.mediafire.com DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/"2023.10.0" last-modified: Tue, 10 Oct 2023 21:38:13 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 830adccdab12568d-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	GET cli.re/bpjdA8	172.67.220.142	301 Moved Permanently	94 kB
URL User Request GET HTTP/2 cli.re/bpjdA8 IP 172.67.220.142:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectcli.re Fingerprint59:57:F4:2C:59:60:FA:1A:29:D8:52:D5:F0:F8:C6:26:31:68:80:77 ValidityWed, 01 Nov 2023 06:44:44 GMT - Tue, 30 Jan 2024 06:44:43 GMT File type Size 94 kB (94305 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /bpjdA8 HTTP/1.1 Host: cli.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Tue, 05 Dec 2023 08:19:08 GMT content-type: text/html; charset=UTF-8 location: https://softsssall.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file x-powered-by: Capsulink.com cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Fri, 22 Apr 2016 13:33:37 GMT strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r0qRn%2BbGua58Z9eilddER0XcE9RkFpTh1m5EZpogMmILtCFJ3BySC0Patio6erzAqHP3egcZVUXh2ePuKIzbIMWs8Z9efouSA1L3n9LfXYaoSoVeqIJZms%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 830adcc6e88256bb-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	GET www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js	104.16.114.74	200 OK	7.3 kB
URL GET HTTP/2 www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type ASCII text, with very long lines (7336), with no line terminators Size 7.3 kB (7336 bytes) Hash 2d4a243a32a4d9a6c40f40d71d55bfe6 f58f5bfef45df211dd661cbd765076df5c73a435 e99a88e8aa760dac23e859a19da2fc927af0e62877bf239cd0e46518db06b9cd HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: application/javascript; charset=UTF-8 vary: accept-encoding x-content-type-options: nosniff cache-control: max-age=14400, public content-encoding: gzip server: cloudflare cf-ray: 830adcd079c656be-OSL X-Firefox-Spdy: h2`

	GET static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg	104.16.114.74	200 OK	3.4 kB
URL GET HTTP/2 static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg IP 104.16.114.74:443 ASN #13335 CLOUDFLARENET Requested by https://www.mediafire.com/file/01qf3gtk547xus3/!@#Setup-Pa$$W0rd-2024.rar/file Certificate IssuerSectigo Limited Subject.mediafire.com Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3431), with no line terminators Size 3.4 kB (3357 bytes) Hash dcdfa60ac03cdc6d20a6f5387d8e8bc1 44eb0cadc59e09b469ebe80f5e8daa08d171bd4a c51b0ebbdbc3f553f727d7b29c9390260ffc62f0fd67356081e6ac03cf0e3155 HTTP Headers GET /images/backgrounds/header/mf_logo_full_color.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.mediafire.com/ Cookie: ukey=c7dya7mhsdtsttbxk84tk9e6fz9efvoo; __cf_bm=WMHkfT2z..EQ385sZ5RTkrlUpOs9yqVS3pFO2qQb6DU-1701764348-0-AZbGe74FogT3cExx823//Y+vkcxtobzZ0Y+4wawMXNXeOj7urPdiTc6UnD+dzXtSvs9PKrZeg3VkzpfPK8bGj8I=; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-1%22%2C%22mf_content%22%3A%22Business%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%2201qf3gtk547xus3%22%2C%22mf_term%22%3A%22969979866bfa2714453c28c162fba17d%22%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Tue, 05 Dec 2023 08:19:09 GMT content-type: image/svg+xml last-modified: Fri, 28 Oct 2016 22:22:42 GMT etag: W/"5813cfb2-d1d" access-control-allow-origin: * cf-cache-status: HIT age: 7003 vary: Accept-Encoding server: cloudflare cf-ray: 830adccdef9e56be-OSL content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by