Report - www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file

Report Overview

Submitted URL
www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
IP
104.16.54.48
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-30 12:16:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	858 B	4.1 kB	216.58.211.3
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	6.9 kB	15 kB	142.250.74.131
securepubads.g.doubleclick.net	190	2013-05-31T06:19:39Z	2023-03-13T05:09:45Z	380 B	28 kB	142.250.74.130
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	513 B	578 B	142.250.74.164
lh3.googleusercontent.com	66	2012-05-22T09:35:05Z	2023-03-13T05:09:32Z	519 B	13 kB	142.250.74.97
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.mediafire.com	30109	2012-05-22T04:29:38Z	2023-03-13T08:42:30Z	5.1 kB	181 kB	104.16.54.48
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	207 kB	142.250.74.35
image6.pubmatic.com	637	2015-10-14T12:06:42Z	2023-03-13T05:36:44Z	402 B	381 B	185.64.190.78
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3.1 kB	5.8 kB	93.184.220.29
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	623 B	3.8 kB	157.240.205.35
btloader.com	169057	2020-10-22T22:38:52Z	2023-03-13T08:04:08Z	382 B	79 kB	104.26.7.139
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	744 B	4.7 kB	142.250.74.106
simage4.pubmatic.com	1129	2013-08-22T15:21:53Z	2023-03-13T05:36:44Z	577 B	320 B	198.47.127.20
cdn.otnolatrnup.com	50979	2019-03-11T16:12:14Z	2023-03-12T22:43:09Z	422 B	78 kB	104.19.215.37
api.btloader.com	1320	2020-10-14T17:25:59Z	2023-03-13T05:10:12Z	1.0 kB	597 B	130.211.23.194
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	512 B	578 B	142.250.74.163
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-13T06:44:20Z	341 B	1.0 kB	172.64.155.188
fundingchoicesmessages.google.com	2397	2019-01-16T16:59:52Z	2023-03-13T05:10:12Z	464 B	1.5 kB	216.58.211.14
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-13T05:15:33Z	457 B	393 B	104.16.56.101
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
hbopenbid.pubmatic.com	455	2018-01-08T13:15:02Z	2023-03-13T05:36:39Z	469 B	227 B	185.64.190.77
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
static.mediafire.com	47565	2017-12-11T22:20:42Z	2023-03-13T08:27:03Z	5.3 kB	26 kB	104.16.54.48
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-13T08:44:18Z	918 B	80 kB	142.250.74.106
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.163.168.122
ads.pubmatic.com	469	2012-05-21T05:56:35Z	2023-03-13T05:36:38Z	1.2 kB	7.7 kB	23.38.200.201
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	373 B	21 kB	142.250.74.110
api.amplitude.com	1242	2019-01-27T16:02:28Z	2023-03-13T08:38:49Z	471 B	307 B	52.38.101.246
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	383 B	45 kB	142.250.74.168
ad-delivery.net	1341	2017-06-22T07:33:30Z	2023-03-13T08:09:28Z	790 B	2.6 kB	104.26.3.70
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-13T05:10:57Z	321 B	479 B	216.58.211.14
ad.doubleclick.net	186	2012-05-24T22:21:08Z	2023-03-13T06:50:57Z	438 B	870 B	216.58.207.230
prebid.media.net	1256	2018-02-14T18:41:07Z	2023-03-13T05:36:39Z	456 B	614 B	34.107.148.139

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-30 12:16:57	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-01-30 12:16:57	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-01-30 12:16:59	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain in DNS Lookup (download .mediafire .com)
2023-01-30 12:16:59	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain in DNS Lookup (download .mediafire .com)
2023-01-30 12:16:59	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	iceconfigv3.zip	Sinkholed

ThreatFox

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	244 B	2023-03-07	2024-04-20
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-20 18:00:38 Times Seen1275 Hash 3d3cc144a4263f35a45be0ce301a7765 d4f9599219bcf86d846eaf65ebd8833fa67ddcae 9ee897df84988e54e3816800f2fd31ea5c2157dff7f21ab50fdb1eff4f1e3fde Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	13 kB	2023-03-13	2023-03-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash be0bde27c63ed6bd2f1373740bcb95ff d106c63075d071c927c6fc1101f174b3a8d56c3e 64a2b11fd3e91e2501aec94516d310fa887ccb2c8939af1a80d13acd09c006f4 Loading...

	ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936	16 kB	2023-03-09	2023-07-05
Pretty URL ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 IP 23.38.200.201 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:00:59 Last Seen2023-07-05 20:40:24 Times Seen661 Hash 5cdd86112f9012cc5bf30638358c2cd6 1606237627472651a62088a0b668c9df589abb90 b0e303d3a406110aae76a4c7f052d15c49ebf703db0f0185875a3532cb3b3f44 Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	www.mediafire.com/js/prebid5.17.0.js	269 kB	2023-03-07	2023-08-29
Pretty URL www.mediafire.com/js/prebid5.17.0.js IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-08-29 17:47:52 Times Seen440 Hash eba5d9afe5d9b12c6c751e93163d3464 3b3d57463f569156ccf06bb46ad8c6afbc690136 6dc7917529ca101209b15752c61816375bbbb8b7b9809efb540ccacf45748d09 Loading...

	translate.google.com/translate_a/element.js?cb=googFooterTranslate	77 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js?cb=googFooterTranslate IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 82f4443f13e072c12ad93c4f5bc9d897 5934ccf4e9dabca0cfe46ee2b72cbb07fd28f495 94ddf01cccceac3ec9cf46536422f95fa2f71f0e07cc0388b4d2b853cd1f51e5 Loading...

	fundingchoicesmessages.google.com/f/AGSKWxUZdrvZSZh1iQpCGVJFmofEewsi2Ia5n1-8NIKCFeJAoVJ76YnTSjzBfkC_QSrRKng1Fj-TpQEXbOkbU3VR7U8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MDgxMDE4LDUyNjAwMDAwMF0sIjMwQTlDQzBBLUMzNDctNEY5QS05M0MyLTQ1Qjk5Mzk2QjUwQyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHA6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzdrazR3MXN4Nmlpc2x3dy8zNjAlQzIlQjArQSVDNCVCME1CT1QrWW91dHViZUBpY2Vjb25maWd2My56aXAvZmlsZSIsbnVsbCxbWzgsIkJ5QjVZRHN2aVlZIl0sWzksImVuLVVTIl1dXQ	453 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxUZdrvZSZh1iQpCGVJFmofEewsi2Ia5n1-8NIKCFeJAoVJ76YnTSjzBfkC_QSrRKng1Fj-TpQEXbOkbU3VR7U8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc1MDgxMDE4LDUyNjAwMDAwMF0sIjMwQTlDQzBBLUMzNDctNEY5QS05M0MyLTQ1Qjk5Mzk2QjUwQyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHA6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzdrazR3MXN4Nmlpc2x3dy8zNjAlQzIlQjArQSVDNCVCME1CT1QrWW91dHViZUBpY2Vjb25maWd2My56aXAvZmlsZSIsbnVsbCxbWzgsIkJ5QjVZRHN2aVlZIl0sWzksImVuLVVTIl1dXQ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash cc039153a3724724efca9111a6de1810 ab3e62f54c958de471287c3d2436c59bc9deb728 ed5a9847e740c841a29dc7dad3c5cde06e294e6aaee80e8e61467f37ed80765d Loading...

	fundingchoicesmessages.google.com/i/183096492?ers=3	125 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/i/183096492?ers=3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 8bc10c9031a105cde5ea21fbd538b94c 2824fd94067c296bfe5a42fa2378fc0b106ada28 e90c24294dc1cd71c456c53fdb9c918702744a895408845d07b1efb0496d83d7 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	14 kB	2023-03-13	2023-03-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:49:56 Last Seen2023-03-13 14:26:02 Times Seen1 Hash 02d6214c73979fc9b3986ea83c152aae 9a9ac572752f8fd4981782d93824321aa2b68180 1a606572b2aede19e987b361f0b93380fc88769b7d96ba5cf3129ef0ba6daf4e Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash 11fce363f5710df0dc32f152e58637f2 9443280608b104eb972669677bbb0bcfa7c1231a b04d0f6b5f781241052b16100d61256d99798ada635d2eaa93fd3d2d2ac7998e Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	145 kB	2023-03-07	2023-06-12
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2023-06-12 19:20:47 Times Seen214 Hash 2c9be7bc36453e859df3528df961f246 82274c02baaa12d208c1fb99115e1761c24e332c 489031021eb6f032a2674ed1acaa65e67f724c6271f60c22305bbdd56ba74ba2 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	99 B	2023-03-07	2024-04-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-13 10:55:46 Times Seen834 Hash f669d6bf5c7ad4dc205ba9ceeb629791 e5401d4cd8dea04b0f707db35451ae3944152a01 9fe4e69552905c408b9c2cead95f2f5c314e83a91b72af6ff284e46f16a5af49 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-53LP4T	227 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 1322cb61e9d6aeb83ca429e4ad40e659 1d530c6adc7bfbd2ec3f41c2c1d1867a13d01f71 1aa242906b7465e3c16627f4732cd38aa819fa143443dfdce39fc9696ca10cb9 Loading...

	ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D71F4B6F0-E054-4B7C-8772-473BA0FAA1CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID	1.7 kB	2023-03-08	2023-03-17
Pretty URL ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D71F4B6F0-E054-4B7C-8772-473BA0FAA1CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID IP 23.38.200.201 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:01 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 33c1736dc4614876d1536e2dad54357c 06a0ba6c3be9e07eb4ed999771cfe68b5208a381 fd937b2d24f04ee2d97046130c2b0dc120fbb0c715f1101e7ddbcf6ac68ae174 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	658 B	2023-03-07	2024-04-20
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-20 18:00:38 Times Seen1255 Hash 3d9dd3dfd08271e8e67d096e4e43db5c 973cda2469d945e79930c96089eff05ee619294c 2c6a061a66c76e6a96530d6190e183aa6d17932f0d76778bba8bd9a6d80e09cf Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	1.4 kB	2023-03-07	2024-04-20
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-20 18:00:38 Times Seen1255 Hash ac28d3adfc51fa961f442efde7c10ce6 faed185c2f5dea63f1140b033f7d6e8c02c29295 c78d75016d77016fa0ef5cd7ee429bb10974397b970ef6eb975bce72099c29c6 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	99 B	2023-03-07	2024-01-16
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-01-16 05:47:01 Times Seen793 Hash a11fb74027afaefcf2078d2c17739163 416b8adf94667a3552b37c4dbc93bf4e36b6cb6e 02bd4f056189f10d506c63fb2dbd6879896654fdbe64ea8f927745e00510ab20 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	371 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:57 Last Seen2023-07-31 12:46:10 Times Seen38 Hash 8cc223a162922f01dbd5d9e61b4c73bb d78b08d7940bce0cce007ec72c056211814fa292 60f6ec55d3dc815bf8ac1fe65f9fbc7bdd61584a55e417b7db82d7f52ebfd3ab Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js	70 kB	2023-03-07	2023-05-06
Pretty URL cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-05-06 01:23:33 Times Seen337 Hash c43d9f000a09bd500ed8728606a09de3 36ad6b0fa2c6bcd116fb642f25789fc2d08a68e6 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4 Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867	394 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:49:03 Last Seen2023-03-13 12:37:00 Times Seen1 Hash 600b1ab53ace6b866fa6721758dfc7c0 8f4b4a78646e752c29d0fe01c815217dba2613d6 79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main	212 kB	2023-03-08	2023-12-02
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:50:09 Last Seen2023-12-02 15:44:19 Times Seen21 Hash 8bf322278cc4d5349d9f216543dad348 836605271acad0b93010bf2a97c2b4d2cdab6527 dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816 Loading...

	image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB	60 B	2023-03-13	2023-03-13
Pretty URL image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB IP 185.64.190.78 ASN #62713 AS-PUBMATIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 85e5ff4c1b926cd40a983e5c11f0b727 eb79c03752737ad7611ab48a00af3f5921da1c50 c7bcb062c4a73c067f9ea08e529602dbedf7f957b0a036c1d3f775210a3f695a Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash f941f76ccee1ae706eedd6add8c7d3b3 5d4c4a5d7f5fb030dc6e01b656fcc393423cd5b5 c40fd0b9a7e6d6ab90cf21f10aafe06639f1e6735bed9068e893b0ffd0d07c76 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash 25b1cf26c97255912ad392a889e66a07 c934c0f0d64eeb228cdc0f3491516281f8374d38 01caddfe898aea02b6d55a3c52683b46ac27c921d03f17804a5fbe7f462676ba Loading...

	otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=93660&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=939&res=1280x1024&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2F7kk4w1sx6iislww%2F360%25C2%25B0%2BA%25C4%25B0MBOT%2BYoutube%40iceconfigv3.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone	1.9 kB	2023-03-13	2023-03-13
Pretty URL otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=93660&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=939&res=1280x1024&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2F7kk4w1sx6iislww%2F360%25C2%25B0%2BA%25C4%25B0MBOT%2BYoutube%40iceconfigv3.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash de5c55f4017969435fe64fb2bd5e441d 385965a840f9dcc49fd68102ce16213f0e4ab23b 0319c391166da87f1b7abd2424a78780d4fc7f40da919825c04eae87f115eeaf Loading...

	btloader.com/tag?o=5678961798414336&upapi=true	14 kB	2023-03-13	2023-03-13
Pretty URL btloader.com/tag?o=5678961798414336&upapi=true IP 104.26.7.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:53:49 Last Seen2023-03-13 12:22:53 Times Seen1 Hash e54693d226aabbefe51e5425b6c62467 8a60c56821ecfca24f56cd4a6716d48da4050d7a 83c22311596cb3dfd7a69965c108fe894fed636b7d7224de4c3fa076595e9c87 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	50 B	2023-03-07	2024-04-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-13 10:55:45 Times Seen1134 Hash 2a3e0cf1eb9a605784a92569cf894f8c 10e7021ec5823da40f0916471956088fe86473da baeead41095f1450cfb9f5bc75df542fcc953f28f0455499e308407e72ad4b0d Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash bd154b3d8a8e6cd2d00aed789067724c e5b3ffec82f7e987e002d278e9f1a71d579c2209 964ed903f0f240fa1ada1d7274afb52279e544088550b21512c012c6953311da Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	90 B	2023-03-07	2023-03-29
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-03-29 21:43:15 Times Seen5 Hash 6460d29283ac4fba5b74cbd3ca275236 b5dd8e0ec6e8fbd07c9ef9a323f518cfaa9a3813 08e492c45a4d0cc5cbec895f132ed277ee74695481948461ff70a00487b08e2c Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	805 B	2023-03-07	2024-04-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-13 10:55:45 Times Seen1120 Hash f9aec3b48bec0e276b5ebbf90dd111e7 7da6fbeab0b7d5f3b4207a632ac672ecca0f2aa7 50dc7f84488cec37c774f2d47c05b549ffd9fb71baaf5d46d34b313e1c18e3ef Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash cfdc30831a0b3c68f6e25651e0337060 0294ded30901cc2effefa6916ad438c3d3f43d8a 7069594ae3cf7da34743de2228eee51ded6510ac80a13ce08571bc195d4ed8d2 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	543 B	2023-03-07	2024-04-13
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-13 10:55:46 Times Seen837 Hash 9d139d72e2571ec8b88f2b08f79efb25 adb7b37f804197f726caf37ae6cd6e7becb2a549 f41723d29915e771a79001b062c73b94ccfcb9bda5a1ba30aa5f29bda7c0faf4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-829541-1	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 17e6bcac10eee4e4b166184ac979db0b 38d3a2fb2b6d2550e619f5f12a4e0e7da90814af 8021d599c285f223a52304c31f045af4b6cdb902f0fb2f73c68b3caaa843aa6d Loading...

	cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0	185 kB	2023-03-13	2023-03-13
Pretty URL cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 IP 104.19.215.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash 1920584869efd4cbcbfd13a5c5afbf01 4b9f0bdb7e9dda93d639cdc806f8473180c9b9a4 b6a28826cb5360f435f8a28b36035b1ecdb799159f603868f2a046496cbb3050 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	9.7 kB	2023-03-07	2024-02-01
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-02-01 00:53:44 Times Seen843 Hash fb3ef70a9c3427141a42ff7b9973a5a5 8c6981aa075b2be7874badea20646ebd9273c1bc ff901e96d202c77a3dafe7a0a381bdf49269979c8b54497b1044729cd133f869 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	2.0 kB	2023-03-07	2024-04-24
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 17:14:37 Times Seen1800 Hash e48418f18355925eaea03355309b2e00 c51214ad93526b8c02f9624b7ef0dda8c7dfe9a5 2fd1cae6706b4ee934c5c6f90d0aee52851d2310a9a4a413dca147cf907906e1 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	340 B	2023-03-07	2024-04-24
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 17:14:37 Times Seen1801 Hash 7b0298352717334914068ec708c9513a faf49acfb2d927211e20a345a4f6d77b31fbb539 16d9425c57376be8131894bb4b01fea2547be2fbbed0f3587cba20af9dae4190 Loading...

	www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file	2.1 kB	2023-03-07	2024-02-20
Pretty URL www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file IP 104.16.54.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-02-20 22:13:21 Times Seen867 Hash 93aa8e871ebf303daab6f0b0093d879d cd91630b93ddd892e3e910d42f44f1f5836e7aa9 7f824ad0e56ad94ae36acd4b9ac580ae8e6fb262b8eb5443d66653c1cdad4bc2 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	82 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:27:54 Times Seen1 Hash 265830f0c8926ea66c3f54538f226842 b5805bb741730414b32c54e510540678c71cc66b 02f79ca3973bf2d50e5731149f887bc0cf63a6621b105178de1a6533cfb68b7a Loading...

	fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=	125 kB	2023-03-13	2023-03-13
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:22:53 Last Seen2023-03-13 12:22:53 Times Seen1 Hash af82944406b4ebdb9f9e9919f4fe2e6b aabef3e145641b83fd06f95dd0e20049336cc462 a313e1578c40bddecace0b7d66ff88f14ed5b8047bc3e231927d9f217b0bd88b Loading...

HTTP Transactions (96)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17230
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 12:16:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2516
Expires: Mon, 30 Jan 2023 12:58:41 GMT
Date: Mon, 30 Jan 2023 12:16:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 11:35:42 GMT
content-type: application/json
age: 2463
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5571
Expires: Mon, 30 Jan 2023 13:49:36 GMT
Date: Mon, 30 Jan 2023 12:16:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WqO7Ws5kDjYA44/644twPE7DzuvbnzdeQ27dkVQhlF/FOqEjkWpxn2ZotUVZD4sSL1/Ce5Tgh6yg0IF1i9qomA==
x-amz-request-id: N5CQBH29S1679JDS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 11:21:46 GMT
age: 3299
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file

104.16.54.48

200 OK

86 kB

URL HTTP/1.1
www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62935)
Size
86 kB (85867 bytes)
Hash
4f3f0cbe807ba27f0e9ffab64cdc56a8
7f7f8b1ec274fe8490acff4e4cb3417aed79f771
e49924f9b122cb8d8604cb7a51f6efd5c54e7755bf1de2fdca9a7f2ee9fa9c36

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: 0
Pragma: no-cache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex, nofollow
CF-Cache-Status: DYNAMIC
Set-Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; expires=Fri, 30-Jan-2043 12:16:45 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly
7kom=1; expires=Thu, 02-Feb-2023 12:16:45 GMT; Max-Age=259200; path=/; domain=.mediafire.com; HttpOnly
ad_count=1; expires=Mon, 30-Jan-2023 12:46:45 GMT; Max-Age=1800; path=/; domain=.mediafire.com; HttpOnly
conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D; expires=Wed, 01-Mar-2023 12:16:45 GMT; Max-Age=2592000; path=/; domain=.mediafire.com
__cf_bm=b_3kgNRfgmvZ4Guzuks2ERGTX5O1mIVdouLHIVI1jrU-1675081005-0-AVh5BeKb+B235T9dr3l3ZbTsKx2ibZcPbaivroQPIJkvj3hiUWesSPlbQ7gZH2Le3sw7KaowGorzsxoGPqLjN6k=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 791a23fb8ad8b524-OSL
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:16:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.mediafire.com/images/icons/svg_light/icons_sprite.svg

104.16.54.48

200 OK

8.4 kB

URL HTTP/1.1
www.mediafire.com/images/icons/svg_light/icons_sprite.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (1204)
Size
8.4 kB (8372 bytes)
Hash
c01bdde26a363ed7260b44fd1a731e98
669c691b1e1e4210ce80997387536c2aee7733f3
158cb8de96c09cdecff36d1b3de54c2853a1e57d32693d6e41f34572e6df6062

HTTP Headers

GET /images/icons/svg_light/icons_sprite.svg HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Etag: W/"62deda56-90ab"
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
CF-Cache-Status: HIT
Age: 10277
Set-Cookie: __cf_bm=GtxSmRUko11C0JfzfmnFByVxeit_VcRD2W7d4Lpps98-1675081005-0-ATiGMDWomkHs5sWLwFRSwchN8GbCZgUO1g+OwO/L9YZ7GEkaNlEGANtbaWEDLeu6civuzlVIxQEwOiLmgPBeSxY=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe4eedb50f-OSL
Content-Encoding: gzip

www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg

104.16.54.48

200 OK

244 B

URL HTTP/1.1
www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (315), with no line terminators
Size
244 B (244 bytes)
Hash
438c74ce96fb46c379506f9a1a4b9882
0449a026abfda3ef8498ea612951d167202e44c8
3529bb7eb84889386b8b3dfaf3cb475fecbd83e1912d80fd43b790ca90aadb1f

HTTP Headers

GET /images/icons/svg_dark/arrow_dropdown.svg HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Etag: W/"62deda56-13b"
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
CF-Cache-Status: HIT
Age: 10755
Set-Cookie: __cf_bm=185tiWIXOjN4DLtj8IDdWp3R5DCxWG1sT0aCodrbAvQ-1675081005-0-AaBBdUQVRErrmmYylFor/Ti7HbtnfpIe7NM4tKzAsCEPIDR5evW39X9sM/iHgcEkPnYASSJjnP/A6jY0b7aUIOE=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe5bc71bfe-OSL
Content-Encoding: gzip

static.mediafire.com/images/icons/svg_dark/check_circle_green.svg

104.16.54.48

200 OK

300 B

URL HTTP/1.1
static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (444), with no line terminators
Size
300 B (300 bytes)
Hash
748ded416c9ac6cf3e6bf71899654ef4
f4c9e5092d30f4c19acb2150f58cd5829e0bdeed
2e81ec62e6a56b57437ae015adff93fb3e729e441755d3f58ebe3e39003aa487

HTTP Headers

GET /images/icons/svg_dark/check_circle_green.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: W/"62deda56-1bc"
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 10277
Set-Cookie: __cf_bm=pj35WFMDYNZPY4P575hF8E2.DKmx0hP1BOBvC_5puLE-1675081005-0-AZRt8qEQbDYi5T6UZ+JeKgu/jZHdA/Sk88laTI+CA8CCQI03VXtynre6o5UZpOkRag7yw3XDOd8uCrEogBqdapE=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe7be01bfe-OSL
Content-Encoding: gzip

static.mediafire.com/images/backgrounds/download/social/fb_16x16.png

104.16.54.48

200 OK

181 B

URL HTTP/1.1
static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Size
181 B (181 bytes)
Hash
78226526732869add09512e9b4be3090
f1ce9c760e17e69509cabe114392a108a6c839bc
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

HTTP Headers

GET /images/backgrounds/download/social/fb_16x16.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/png
Content-Length: 181
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: "62deda56-b5"
Expires: Wed, 01 Mar 2023 08:45:27 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 10277
Accept-Ranges: bytes
Set-Cookie: __cf_bm=3WxSD4ABazcIK9ukjhoOoRXJWXMuS7etYoYowwrNQww-1675081005-0-Aem7yV14GUigq4fp3TJ845Lp/DlfxTd3Pz9759ArI1JUpkN8wKG2Gu86MYISMrBADrsw6j+Zo+teOt3MXo9WdN0=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe7d490b59-OSL

static.mediafire.com/images/backgrounds/footer/social/footerIcons.png

104.16.54.48

200 OK

583 B

URL HTTP/1.1
static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 112 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
583 B (583 bytes)
Hash
e0abc4fea89d2c5153b73cd02ac5ba13
00465ef774805c82fb5b8a40b743f7b1a1d1a7d6
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

HTTP Headers

GET /images/backgrounds/footer/social/footerIcons.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/png
Content-Length: 583
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: "62deda56-247"
Expires: Wed, 01 Mar 2023 05:52:18 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 10759
Accept-Ranges: bytes
Set-Cookie: __cf_bm=8501f1oHkyt.BZp.8dP9CHWu6HlTqLewcZCbJcnPc8U-1675081005-0-AUD0RE3Uhy3/h20LdZFzL8DS7tziq3A9sokKWzuSdr0aSgPFUB/yJCr9KuJQy+sum3J8vNn6LWCVGn1fXvcF6kQ=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe789bb4f1-OSL

static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png

104.16.54.48

200 OK

8.1 kB

URL HTTP/1.1
static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 36 x 828, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8145 bytes)
Hash
d3df203853c4482e8753a856e13b0b07
bcee90ce0ef36a1aecdfc64596fee107b5a07a3a
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738

HTTP Headers

GET /images/backgrounds/download/apps_list_sprite-v6.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/png
Content-Length: 8145
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: "62deda56-1fd1"
Expires: Wed, 01 Mar 2023 08:40:51 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 5446
Accept-Ranges: bytes
Set-Cookie: __cf_bm=yH2kMD3RRaXUOhD7D.U5CCb0YZ_PNlDyPhundIZotEg-1675081005-0-AeTGHmMMtmGbFjPmVNTiiMJ/ugWkL4qwZJj8OprplDnEDMR86Awvau33Reqci9bfei8j7xUA0OKDknaT3sn1bSI=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe6efeb4ee-OSL

static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg

104.16.54.48

200 OK

1.5 kB

URL HTTP/1.1
static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3357), with no line terminators
Size
1.5 kB (1549 bytes)
Hash
cd8619bb27c40ac285ca7ca5cc0e12c6
71a679f2e69914390e27de9b12fbebd6740b420d
348ca0cfaec31819e81ec29c3ea7808a7f9142d8448ba06edfca37e5363f967b

HTTP Headers

GET /images/backgrounds/header/mf_logo_full_color.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2016 22:22:42 GMT
ETag: W/"5813cfb2-d1d"
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 10759
Set-Cookie: __cf_bm=bxFF0DpUTHQ9QqlC_ILjvlbnvTPpm6fOV2jnAVZ0EdQ-1675081005-0-AV2Nkv9fthkiAX4Cd54T3bLYrrc7xfw9O8Ol1F2oh7Jo6Or+82DRlMTC5fJ/0AdehtUQ01081739YZICqroDQKY=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe7c09fab4-OSL
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
b3cfb02067e23353a750c1d12e97f9b8
56ce41d00161a25c585fdcaf6df96930420d0171
d53fa38e4c25b66317edadb798a22baba4ec4f89c077c297ee8f0a9c89982417

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1278
Cache-Control: max-age=126356
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Etag: "63d6fac3-118"
Expires: Tue, 31 Jan 2023 23:22:41 GMT
Last-Modified: Sun, 29 Jan 2023 23:01:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

static.mediafire.com/images/filetype/file-zip-v3.png

104.16.54.48

200 OK

1.9 kB

URL HTTP/1.1
static.mediafire.com/images/filetype/file-zip-v3.png
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 43 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1872 bytes)
Hash
a23b8b7059e953fc1b74bf87a77ebb0c
f23e0ad301389083104f04d4164fa57423387b17
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

HTTP Headers

GET /images/filetype/file-zip-v3.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/png
Content-Length: 1872
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: "62deda56-750"
Expires: Wed, 01 Mar 2023 07:58:17 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 12063
Accept-Ranges: bytes
Set-Cookie: __cf_bm=7u3sQtTnB3bGCMCjTEJjwyHjXfZ_j9Yz3vhuHR_aqWw-1675081005-0-Actc8FYUXNevGNHk68AqRnbLQbfs2Enn4ZuNqEytMb2jOxDepQ54rEyGPnrkbbob5dOWlwUnlXqj0VPFZOz6Hms=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23fe681eb506-OSL

www.googletagmanager.com/gtag/js?id=UA-829541-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-829541-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (44019 bytes)
Hash
a6ec381fc6ac562760492529f2cba94a
c6ac5b741c8a4f1163995f7333ee05d03cefce59
41e212ba6bfe3b934fc70ac039bec8dc1ec73a3011eb8079e91ded1b3c472205

HTTP Headers

GET /gtag/js?id=UA-829541-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 12:16:45 GMT
expires: Mon, 30 Jan 2023 12:16:45 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ef6f050a4cfd7d46443836a1fd0a52f7
5157855a1260ff67d9548211393e674bc828957c
b731a6f82c4b37a523172d2f6f2c4a6e943217672765af5baf4bffb9203fc1b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: max-age=156971
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Etag: "63d766df-117"
Expires: Wed, 01 Feb 2023 07:52:56 GMT
Last-Modified: Mon, 30 Jan 2023 06:42:39 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

static.mediafire.com/images/backgrounds/download/additional_content/flag.svg

104.16.54.48

200 OK

204 B

URL HTTP/1.1
static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Size
204 B (204 bytes)
Hash
47d7d3db93bf1c6d312c0a1eea858eae
3add4272aec9039a339d1a1c8ab0a296d2e0f714
0571284e5e17e3e8108d921ccd12926cd2a5783bace1f254289cdd67e275e976

HTTP Headers

GET /images/backgrounds/download/additional_content/flag.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:45 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: W/"62deda56-ea"
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 5443
Set-Cookie: __cf_bm=SjS9_ywKRG2aa_fCBGQ8WI6x.YqDpD4tC8W526Tc6EU-1675081005-0-ATfgLlaW7FdvOfpQDIAtOB6VjspAAUtQGWG3wr7yk/Y8p0fsgTVYx/CCQNPWuSVK/cOrjuKtkDrxBRNEeGXYl/Q=; path=/; expires=Mon, 30-Jan-23 12:46:45 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23ff2911b506-OSL
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
819ca65b2665fcb4e172f3f02f546cdd
29ab9324398492aac3787eafe9755c6110010a71
488f4c4fc5fc9eb1a4a5b840172033ef37e97f5c946c85efacb602be9d46f9e5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2276
Cache-Control: max-age=153239
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Etag: "63d75fe0-118"
Expires: Wed, 01 Feb 2023 06:50:44 GMT
Last-Modified: Mon, 30 Jan 2023 06:12:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5475
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Last-Modified: Mon, 30 Jan 2023 10:45:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

157.240.205.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 26ZSyfZ91WcPJfOq84fCb0rrn3gx3yhgj7p1IiZWFmO4M8mk0UXAkxBhw2dLaOVHwgmk7AsPQDslV7drTetcDg==
content-length: 0
date: Mon, 30 Jan 2023 12:16:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e3821369aecde1082bdfd174aab97907
16a53ede9ab606d953f11e0b096fc8fb661886db
65bbf04c4e8a92a8bbf3b73994269f32ce9e87384d528ec436dd6385dd29384a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Etag: "63d6389f-117"
Last-Modified: Mon, 30 Jan 2023 10:45:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e3821369aecde1082bdfd174aab97907
16a53ede9ab606d953f11e0b096fc8fb661886db
65bbf04c4e8a92a8bbf3b73994269f32ce9e87384d528ec436dd6385dd29384a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Etag: "63d6389f-117"
Last-Modified: Mon, 30 Jan 2023 10:45:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

ad-delivery.net/px.gif?ch=2

104.26.3.70

200 OK

43 B

URL HTTP/2
ad-delivery.net/px.gif?ch=2
IP
104.26.3.70:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:46 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 310734
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TfVCGaHjASdMHmBCNOQNPwy%2BLcQo64nx7B3ARy%2F4snlKnCkrk74i0PkSbwiors4LMr1zMtEpiz9SsF7nrJVIZDnFM5fow%2Bri3wqHiBCq5i24aBU1E5cy04rCEpATiP7bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a23fff8d60b41-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
819ca65b2665fcb4e172f3f02f546cdd
29ab9324398492aac3787eafe9755c6110010a71
488f4c4fc5fc9eb1a4a5b840172033ef37e97f5c946c85efacb602be9d46f9e5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 426
Cache-Control: max-age=151388
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Etag: "63d75fe0-118"
Expires: Wed, 01 Feb 2023 06:19:54 GMT
Last-Modified: Mon, 30 Jan 2023 06:12:48 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 280

static.mediafire.com/images/backgrounds/download/additional_content/country-tr.svg

104.16.54.48

200 OK

7.5 kB

URL HTTP/1.1
static.mediafire.com/images/backgrounds/download/additional_content/country-tr.svg
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (16928), with no line terminators
Size
7.5 kB (7506 bytes)
Hash
1a00b248a902a378fc8938f829c024f2
5bb5bfd9d45e3369c1427256710e631737a18955
5ab0867bffd1c932b47fc08d1a77abb4bc60e8259e49afed2b6fe756d846ba6a

HTTP Headers

GET /images/backgrounds/download/additional_content/country-tr.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
ETag: W/"62deda56-4220"
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=woYIVoN9zPTmT5mIPp0_VngOE4.Usy7WTju3Pna3Au8-1675081006-0-AQc3VG8U3Kwuv4iMM6/LMPDZx83MvdrqZuNc+QXi4wg6QLP036dAKswgj1ISimXgijZJx9Xn8Klrra7yltWPyRI=; path=/; expires=Mon, 30-Jan-23 12:46:46 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a23ff1febb4ee-OSL
Content-Encoding: gzip

ad-delivery.net/px.gif?ch=1&e=0.07930839041381998

104.26.3.70

200 OK

43 B

URL HTTP/2
ad-delivery.net/px.gif?ch=1&e=0.07930839041381998
IP
104.26.3.70:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=1&e=0.07930839041381998 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:46 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 310734
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rg75iOxvW4nefzxRac69DYtJ3k7d8ySscOEac0%2FgpNyhOdP0b4xGzDau7NctncpLSpAAPMDjcBMKFx7nyIHJWg%2BnA8%2FoBE0jhOfF4xL2iGsDlTPlq1KK20SrkUIvIphCgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a240008d80b41-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5476
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Last-Modified: Mon, 30 Jan 2023 10:45:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

btloader.com/tag?o=5678961798414336&upapi=true

104.26.7.139

200 OK

78 kB

URL HTTP/2
btloader.com/tag?o=5678961798414336&upapi=true
IP
104.26.7.139:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14135)
Size
78 kB (78524 bytes)
Hash
80fa3da14dbede4e056cefe34d4ad238
348227d3fbd201fae8deb77537869b0f28d44f35
2c645d5bc258d974eb018e718a943c65ee87e6be1b2484824e50ea8654e8e847

HTTP Headers

GET /tag?o=5678961798414336&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:45 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"9fd3984f50a9ad17a154050ebe7ab35c"
last-modified: Mon, 30 Jan 2023 11:51:28 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mcoq%2BjMTmt6tr%2B4fM5mDBHTqvTK0XlASvA4JtA8xdAGyPj8XczftS0raYKHty4GFD6yfRAPwcbk%2Fcjlh7CQiQWJWI8IKlu8egejMHIPhVRd%2B0reGhmEqCTsT1rpiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791a23fec953b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.mediafire.com/js/prebid5.17.0.js

104.16.54.48

200 OK

80 kB

URL HTTP/1.1
www.mediafire.com/js/prebid5.17.0.js
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
80 kB (79852 bytes)
Hash
57054ccba30c2dedde9b6139f72bf37e
04d436872be1c702db70b33b56b97b9daa17ec48
c4808b176fc686e19da8d088b99f9e607ea2a9040f736397343f8b35e0fc6511

HTTP Headers

GET /js/prebid5.17.0.js HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:46 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Cf-Bgj: minify
Cf-Polished: origSize=269036
Etag: W/"62deda56-41aec"
Expires: Wed, 01 Mar 2023 11:52:28 GMT
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=5Fa8a_PutYU.eWH5nyokfphbZrTcUEBQLrWk838w8CA-1675081006-0-AWP0mc82bVVPUjyo8V97Kx+Yo0YsTNRZ5CFHqMErrbi4+zi9XrweZjCClC11EMSgApSzIZ8hMsaMZEz6s1pfu10=; path=/; expires=Mon, 30-Jan-23 12:46:46 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 791a23fe3e5ab524-OSL
Content-Encoding: gzip

www.mediafire.com/favicon.ico

104.16.54.48

200 OK

1.5 kB

URL HTTP/1.1
www.mediafire.com/favicon.ico
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 8 bits/pixel\012- data
Size
1.5 kB (1459 bytes)
Hash
6b472b0c8ab8d2274a51755ff936a0f7
de4c3b0b30ff224d77da7a948920f2f26d1b2f91
9b449aabaaa0d0700a85bcd5ed84bd8a179553495846152d690b81807ba11f8b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:46 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Etag: W/"62deda56-2a46"
Expires: Sat, 18 Feb 2023 17:29:08 GMT
Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT
CF-Cache-Status: HIT
Age: 503595
Set-Cookie: __cf_bm=8Dck4.BD2U70xNRhjtps53GSzlEhxT1zNOEsnb24R8w-1675081006-0-AZZFk5iZ3XDGGON9WsZ6za1X2ZTJ4nHPpUrOJ7B/2oM61Nw3QDOFjrQLvG1+Li/BKIfr1C6vV+0CSRLhZGPO5ak=; path=/; expires=Mon, 30-Jan-23 12:46:46 GMT; domain=.mediafire.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a2401bb65b50f-OSL
Content-Encoding: gzip

cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

104.19.215.37

200 OK

77 kB

URL HTTP/2
cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
IP
104.19.215.37:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (47261), with CRLF, LF line terminators
Size
77 kB (77072 bytes)
Hash
fe03cefec16defd0c2ad16bfbe24c6cf
c13a85b10b40fd2638fa69869ae83039acd3ad51
978ae1a7c06a8c49191d08045ecc984e4f02501d34b29291758d7917ebeb8838

HTTP Headers

GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/1.1
Host: cdn.otnolatrnup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 30 Jan 2023 12:14:49 GMT
cf-cache-status: HIT
age: 103
server: cloudflare
cf-ray: 791a23ff6f81b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 11:41:41 GMT
age: 2105
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 11:46:59 GMT
expires: Mon, 30 Jan 2023 13:46:59 GMT
cache-control: public, max-age=7200
age: 1787
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googFooterTranslate

216.58.211.14

301 Moved Permanently

0 B

URL HTTP/1.1
translate.google.com/translate_a/element.js?cb=googFooterTranslate
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /translate_a/element.js?cb=googFooterTranslate HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.mediafire.com/

HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 30 Jan 2023 12:16:46 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googFooterTranslate
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

216.58.207.230

200 OK

104 B

URL HTTP/2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP
216.58.207.230:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Size
104 B (104 bytes)
Hash
32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2

HTTP Headers

GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 15:55:01 GMT
expires: Mon, 30 Jan 2023 15:55:01 GMT
cache-control: public, max-age=86400
age: 73305
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

securepubads.g.doubleclick.net/tag/js/gpt.js

142.250.74.130

200 OK

28 kB

URL HTTP/2
securepubads.g.doubleclick.net/tag/js/gpt.js
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39375)
Size
28 kB (27595 bytes)
Hash
a3feef25b2dff6e633459104463bda32
9f9fb3c4ee6edc17ca280210a72630c31f9c1648
fddd004f78a8f7e8995606dcbc7e9ba3aaabc6125cd62a55342e0ae06bdf10f1

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27595
date: Mon, 30 Jan 2023 12:16:46 GMT
expires: Mon, 30 Jan 2023 12:16:46 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1467 / 526 of 1000 / last-modified: 1675071961"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
14e4670813164b6608c41315c32d3bee
5c7e029c375b5265230c02880fc2ecce1c3d117e
eb1e3d7d07de142b66256d265b3b9d3dd0dccdbbc2674ba51dfd00182be452ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 07:45:27 GMT
Expires: Sat, 04 Feb 2023 07:45:26 GMT
Etag: "5c7e029c375b5265230c02880fc2ecce1c3d117e"
Cache-Control: max-age=415119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791a2402cf46b4f1-OSL

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e316e200ed2e86777100f75769eb3b9
150393b9b4db97b18a785b55c0926b63a89532f8
c0f454cbf583566f50537b3e07871fc89f663e6537833567901ced5fb6cbcfe8

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e316e200ed2e86777100f75769eb3b9
150393b9b4db97b18a785b55c0926b63a89532f8
c0f454cbf583566f50537b3e07871fc89f663e6537833567901ced5fb6cbcfe8

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16003
Expires: Mon, 30 Jan 2023 16:43:29 GMT
Date: Mon, 30 Jan 2023 12:16:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bb443b9bfa0561d232977c3efc56c18b
356bc89d228a0db33272118105f1290fd2563af7
984f8cb4f169b1f32c2d06abf86d77e985f0d27ef6eaa57be681574b97d3bbe4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1974
Cache-Control: max-age=165156
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Etag: "63d78f9c-1d7"
Expires: Wed, 01 Feb 2023 10:09:22 GMT
Last-Modified: Mon, 30 Jan 2023 09:36:28 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

hbopenbid.pubmatic.com/translator?source=prebid-client

185.64.190.77

204 No Content

0 B

URL HTTP/2
hbopenbid.pubmatic.com/translator?source=prebid-client
IP
185.64.190.77:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1986
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 12:16:45 GMT
X-Firefox-Spdy: h2

api.btloader.com/country

130.211.23.194

200 OK

16 B

URL HTTP/2
api.btloader.com/country
IP
130.211.23.194:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d

HTTP Headers

GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.mediafire.com/
Origin: http://www.mediafire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Mon, 30 Jan 2023 12:16:46 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.btloader.com/pv?tid=oydY4NGfwQ&w=5115845767331840&o=5678961798414336&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2F7kk4w1sx6iislww%2F360%25C2%25B0%2BA%25C4%25B0MBOT%2BYoutube%40iceconfigv3.zip%2Ffile&sid=ZaFb73is4n&upapi=true

130.211.23.194

204 No Content

0 B

URL HTTP/2
api.btloader.com/pv?tid=oydY4NGfwQ&w=5115845767331840&o=5678961798414336&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2F7kk4w1sx6iislww%2F360%25C2%25B0%2BA%25C4%25B0MBOT%2BYoutube%40iceconfigv3.zip%2Ffile&sid=ZaFb73is4n&upapi=true
IP
130.211.23.194:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pv?tid=oydY4NGfwQ&w=5115845767331840&o=5678961798414336&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2F7kk4w1sx6iislww%2F360%25C2%25B0%2BA%25C4%25B0MBOT%2BYoutube%40iceconfigv3.zip%2Ffile&sid=ZaFb73is4n&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Mon, 30 Jan 2023 12:16:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/-vVKdY11C3E

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e316e200ed2e86777100f75769eb3b9
150393b9b4db97b18a785b55c0926b63a89532f8
c0f454cbf583566f50537b3e07871fc89f663e6537833567901ced5fb6cbcfe8

HTTP Headers

POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

prebid.media.net/rtb/prebid?cid=8CUO2689O

34.107.148.139

200 OK

56 B

URL HTTP/2
prebid.media.net/rtb/prebid?cid=8CUO2689O
IP
34.107.148.139:0
ASN
#15169 GOOGLE

File type
data
Size
56 B (56 bytes)
Hash
47ae1b3592184d62fa9165dba72a8b72
b8ab25b1769c66bddec9395a461623d62fbcf012
0f68dae48c0c9efd45011a0e628ee72a7a107290a48983250a0868ef324962dc

HTTP Headers

POST /rtb/prebid?cid=8CUO2689O HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2477
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:16:46 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 30 Jan 2023 12:16:46 GMT
access-control-allow-origin: http://www.mediafire.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

1.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
1.4 kB (1414 bytes)
Hash
46820563c41c8e7063a8bd1f0ef53987
3f49548354a0f17e1ea957f5b943a93d85e5d2a6
09bf647dcd84ffcaa331274d367cd3c2e8ceb42fc9fbb0adcbb590ac6335bcf6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.106

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22967)
Size
3.6 kB (3632 bytes)
Hash
f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 11:45:12 GMT
expires: Mon, 30 Jan 2023 12:45:12 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 1894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.168.122

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.168.122:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hDYhKzRCgzhoUNhmsRd3rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kCwwqYJlBGplTKsxQQVZlcRbXF0=

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main

142.250.74.106

200 OK

75 kB

URL HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1613)
Size
75 kB (75142 bytes)
Hash
0f0e3e9339289919d5212410d8cc4f18
0986fcb1393eae5413d06ba9bdfd59d2711473f7
eedf1aa3f15700add44120461da7e816fcd2bcea3c9f9c54e7d6cec5aff14643

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.c2_H6h0zvYw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfraNL4hBUxcHD1JwUr3OofpEUwLhQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75142
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 21:39:34 GMT
expires: Tue, 23 Jan 2024 21:39:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
content-type: text/javascript; charset=UTF-8
age: 571032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:16:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=307463184.1675081018&jid=666910973&_u=YEBAAUAAAAAAACAAI~&z=821347122 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:16:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60

142.250.74.97

200 OK

12 kB

URL HTTP/2
lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 366 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12249 bytes)
Hash
f232511b689198ef4eac18e967da3040
38d0f3381708819be8db2df251be3e391a5b0ecf
cf7137aae8e21d7b4a5d0a322b25dfc27c7a1e9b1a06bb4d5f813ef9e3459df3

HTTP Headers

GET /YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 12249
x-xss-protection: 0
date: Mon, 30 Jan 2023 10:40:00 GMT
expires: Wed, 25 Jan 2023 13:10:14 GMT
cache-control: public, max-age=86400, no-transform
age: 5807
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.74.106

200 OK

4.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
4.1 kB (4063 bytes)
Hash
426cf312b55da9e2b167800b28093070
ac11369cccf0abe1218482848107cc119562c8aa
3122b709a5663827dfaa7cfa09a322326142cc371486b9645809a1e6bb38b3c0

HTTP Headers

GET /css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 12:16:46 GMT
date: Mon, 30 Jan 2023 12:16:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/1x/translate_24dp.png

216.58.211.3

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 12:53:47 GMT
expires: Tue, 23 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
age: 602580
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.comodoca.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4d2529e0c0c6f7146a3e0b4cf87c3c5b
8b270c03a3644bd040783f2d341c47c6e0fc0ddb
c1c0a900b85b2b671f52cb27ff581e1b60f8ecc87446580d2191f2b39b31ba00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:16:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:38:21 GMT
Expires: Sat, 04 Feb 2023 15:38:20 GMT
Etag: "8b270c03a3644bd040783f2d341c47c6e0fc0ddb"
Cache-Control: max-age=602986,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 207
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791a24067d701c16-OSL

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:24:40 GMT
expires: Mon, 29 Jan 2024 10:24:40 GMT
cache-control: public, max-age=31536000
age: 93127
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.35

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 12:51:13 GMT
expires: Sat, 27 Jan 2024 12:51:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
age: 257134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 581046
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

216.58.211.3

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 16:07:41 GMT
expires: Tue, 23 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
age: 590946
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 12:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mediafire.com/cdn-cgi/rum?

104.16.54.48

204 No Content

0 B

URL HTTP/1.1
www.mediafire.com/cdn-cgi/rum?
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/json
Content-Length: 17240
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D; amp_28916b=D5uw8aVfotILTNhw1yPMU8...1go19nr1h.1go19nr1i.0.1.1; _ga=GA1.2.307463184.1675081018; _gid=GA1.2.2105044583.1675081018; _gat_gtag_UA_829541_1=1

HTTP/1.1 204 No Content
Date: Mon, 30 Jan 2023 12:16:47 GMT
Connection: keep-alive
access-control-allow-origin: http://www.mediafire.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
Server: cloudflare
CF-RAY: 791a24074b86b50f-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

api.amplitude.com/

52.38.101.246

200 OK

7 B

URL HTTP/2
api.amplitude.com/
IP
52.38.101.246:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

HTTP Headers

POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1025
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:47 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63d7b52f-6d2b9f087614c6c44c28420d
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9739
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:16:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9739
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:16:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9739
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:16:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 51926
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -npeyE-5ETAaI6cs7oewWxVe4ZUrtmhvCNC4tMWT_3ab3hZ3tw060w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 51926
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9700 bytes)
Hash
6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WdAuArY0X2z4d6i17ZJ0521rzGRJS8FtaN-Kqvzg0fqW3F-HptEvNA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:10:01 GMT
age: 50807
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 51441
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 50211
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7538 bytes)
Hash
131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 74242
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936

23.38.200.201

200 OK

5.6 kB

URL HTTP/2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
IP
23.38.200.201:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Size
5.6 kB (5554 bytes)
Hash
18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b

HTTP Headers

GET /AdServer/js/user_sync.html?kdntuid=1&p=158936 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=153316
expires: Wed, 01 Feb 2023 06:52:05 GMT
date: Mon, 30 Jan 2023 12:16:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB

185.64.190.78

200 OK

60 B

URL HTTP/2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
185.64.190.78:0
ASN
#62713 AS-PUBMATIC

File type
ASCII text, with no line terminators
Size
60 B (60 bytes)
Hash
85e5ff4c1b926cd40a983e5c11f0b727
eb79c03752737ad7611ab48a00af3f5921da1c50
c7bcb062c4a73c067f9ea08e529602dbedf7f957b0a036c1d3f775210a3f695a

HTTP Headers

GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sun, 30 Apr 2023 04:21:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 30 Jan 2023 12:16:48 GMT
content-length: 60
X-Firefox-Spdy: h2

ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D71F4B6F0-E054-4B7C-8772-473BA0FAA1CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID

23.38.200.201

200 OK

953 B

URL HTTP/2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D71F4B6F0-E054-4B7C-8772-473BA0FAA1CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP
23.38.200.201:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Size
953 B (953 bytes)
Hash
499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4

HTTP Headers

GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D71F4B6F0-E054-4B7C-8772-473BA0FAA1CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=118807
expires: Tue, 31 Jan 2023 21:16:57 GMT
date: Mon, 30 Jan 2023 12:16:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.mediafire.com/cdn-cgi/rum?

104.16.54.48

204 No Content

0 B

URL HTTP/1.1
www.mediafire.com/cdn-cgi/rum?
IP
104.16.54.48:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 974
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/file/7kk4w1sx6iislww/360%C2%B0+A%C4%B0MBOT+Youtube@iceconfigv3.zip/file
Cookie: ukey=cets34gzp9vx67ivuz9rwykxdhb4u3d2; 7kom=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%227kk4w1sx6iislww%22%2C%22mf_term%22%3A%2203c9565a6f2e8dcfb49a3f39cc418eb3%22%7D; amp_28916b=D5uw8aVfotILTNhw1yPMU8...1go19nr1h.1go19nr1i.0.1.1; _ga=GA1.2.307463184.1675081018; _gid=GA1.2.2105044583.1675081018; _gat_gtag_UA_829541_1=1

HTTP/1.1 204 No Content
Date: Mon, 30 Jan 2023 12:16:54 GMT
Connection: keep-alive
access-control-allow-origin: http://www.mediafire.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
Server: cloudflare
CF-RAY: 791a24336fa3b50f-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

216.58.211.14

200 OK

0 B

URL HTTP/2
fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 12:16:46 GMT
content-security-policy: script-src 'nonce-eJ5U7EjZQxLSa3HqGBC-vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.56.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.mediafire.com
Connection: keep-alive
Referer: http://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 12:16:45 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a23ff4bfbb505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=71F4B6F0-E054-4B7C-8772-473BA0FAA1CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=

198.47.127.20

200 OK

0 B

URL HTTP/2
simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=71F4B6F0-E054-4B7C-8772-473BA0FAA1CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
198.47.127.20:0
ASN
#62713 AS-PUBMATIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /AdServer/SPug?o=1&p=158936&sc=1&u=71F4B6F0-E054-4B7C-8772-473BA0FAA1CA&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:16:49 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML