Report - www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file

Report Overview

Visited public
2023-12-05 14:52:01
Tags
URL
www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Finishing URL
www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
IP / ASN
104.16.114.74
#13335 CLOUDFLARENET
Title
ch3@tHUB

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.mediafire.com	47565	2002-08-11	2017-12-11 22:20:42	2023-12-02 20:06:38	9.4 kB	208 kB	104.16.114.74
cdn.otnolatrnup.com	50979	2019-03-06	2019-03-11 16:12:14	2023-12-03 14:18:17	476 B	182 kB	104.19.214.37
btloader.com	169057	2020-10-06	2020-10-22 22:38:52	2023-12-04 21:21:57	434 B	18 kB	172.67.41.60
translate.google.com	1156	1997-09-15	2012-05-30 03:30:32	2023-12-05 05:58:49	951 B	92 kB	216.58.211.14
otnolatrnup.com	23582	2019-03-06	2019-03-06 06:16:29	2023-11-21 05:28:23	997 B	2.0 kB	0.0.0.0
www.ezojs.com	41202	2017-10-23	2017-11-17 08:37:11	2023-12-04 04:37:56	419 B	125 kB	104.21.63.106
api.btloader.com	1320	2020-10-06	2020-10-14 17:25:59	2023-12-05 05:10:31	1.6 kB	797 B	130.211.23.194
ad-delivery.net	1341	2017-05-03	2017-06-22 07:33:30	2023-12-04 18:14:06	893 B	2.5 kB	104.26.3.70
g.ezoic.net	20898	2012-01-10	2017-10-23 09:44:46	2023-11-20 03:23:43	4.7 kB	16 kB	3.69.213.60
privacy.gatekeeperconsent.com	unknown	2023-03-07	2023-03-14 10:53:28	2023-12-03 13:26:04	901 B	85 kB	172.67.144.62
the.gatekeeperconsent.com	unknown	2023-03-07	2023-03-10 22:46:24	2023-12-04 19:26:26	2.9 kB	685 kB	104.21.28.48
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-05 05:55:22	592 B	578 B	142.250.74.67
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-05 05:10:23	873 B	448 B	216.239.34.36
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-12-05 08:16:24	512 B	20 kB	104.16.57.101
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	1.3 kB	390 kB	142.250.74.136
www.mediafire.com	30109	2002-08-11	2012-05-22 04:29:38	2023-12-04 22:37:11	9.9 kB	647 kB	104.16.114.74
translate.googleapis.com	1005	2005-01-25	2012-05-31 09:21:21	2023-12-05 14:35:07	1.8 kB	236 kB	142.250.74.138
go.ezodn.com	8380	2020-04-22	2020-04-24 07:32:57	2023-12-04 22:47:29	4.4 kB	52 kB	172.64.136.15
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	468 B	7.1 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-05 08:08:22	2.2 kB	14 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 14:51:45	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:45	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:45	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:46	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:46	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:46	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:46	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:46	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:47	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:47	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-12-05 14:51:47	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	thub.zip	Sinkholed

ThreatFox

No alerts detected

JavaScript (55)

	URL	From	Size	First Seen	Last Seen
	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	50 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1292 Hash 2a3e0cf1eb9a605784a92569cf894f8c 10e7021ec5823da40f0916471956088fe86473da baeead41095f1450cfb9f5bc75df542fcc953f28f0455499e308407e72ad4b0d Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	478 B	2023-08-02	2024-08-21
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2024-08-21 09:41 Times Seen414 Hash 908707a4b025ea65df294eb31604a222 6dfc2aadbb6a0294f625add71f61ca2989d10c26 c93d4c15987da6ec966bd23a91515f7e8f132197ba3acaac98526a91505a3663 Loading...

	privacy.gatekeeperconsent.com/tcf2_stub.js	ScriptElement	1.1 kB	2023-04-01	2024-10-30
Pretty URL privacy.gatekeeperconsent.com/tcf2_stub.js IP 104.21.28.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:19 Last Seen2024-10-30 18:47 Times Seen1324 Hash 2077ac96432bf99cc1ea7ca15161d605 ea356f246f2255a9ad45d96df40a6ee21dafb4f5 86e721bb96c71af08a282151a6246606d325447fc603947cffb628265d7509be Loading...

	www.googletagmanager.com/gtm.js?id=GTM-53LP4T	ScriptElement	266 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 10:45 Last Seen2023-12-05 22:06 Times Seen5 Hash 69e0b9b4b8de1a990ffd7bbd69822a72 ceb1c4c8ab070f70484a98b1523b39b2bae3d800 eac5cbc070c285d2baa6df2ebb0e45577ac8685b8f09b6d6255980af9b515507 Loading...

	the.gatekeeperconsent.com/cmp.min.js	ScriptElement	1.1 kB	2023-11-21	2024-11-03
Pretty URL the.gatekeeperconsent.com/cmp.min.js IP 104.21.28.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 03:05 Last Seen2024-11-03 02:09 Times Seen296 Hash fbe92038aa9b8d58fc93cfe47e2987af eef8bd2a46f667ba964cb865285ec57502b894e8 66f8ecd359ccf9d79ae9c4ad10312de1a65db446344b2667e54d604f25d3165b Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	16 kB	2023-11-30	2024-08-20
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 00:50 Last Seen2024-08-20 17:24 Times Seen53 Hash 4d12b3cc096521ef7f83b2fb96194352 4d62891d0c95f949c939e2c63d28cb05e32f0b0b 383e467ef00e41d8c72b016558a7b2552ffeb88f70495876bed5f7264fed562e Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash c7a58c3c625f1660c0d6b223714a5741 29d16e9595dd14888285565def294f02c736a511 85f98a8691547db3a25f112ad5817dd0ae4d701d32faa4dda8b145a955b67b9e Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	367 B	2023-08-02	2024-08-21
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2024-08-21 09:39 Times Seen112 Hash 59e409004e86bdeae3c8e20491964458 aa68898d391bb42fbfc2fd20a78bdd9b3103fc86 167ab74309a835b4fa7bc3c51c4ab5ab44743c90c8fb5ad0fa7b856b1c877288 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	2.0 kB	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1989 Hash e48418f18355925eaea03355309b2e00 c51214ad93526b8c02f9624b7ef0dda8c7dfe9a5 2fd1cae6706b4ee934c5c6f90d0aee52851d2310a9a4a413dca147cf907906e1 Loading...

	btloader.com/tag?o=5678961798414336&upapi=true	ScriptElement	54 kB	2023-12-05	2023-12-07
Pretty URL btloader.com/tag?o=5678961798414336&upapi=true IP 172.67.41.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:52 Last Seen2023-12-07 15:20 Times Seen11 Hash 819b923a9f106cf6d8f2fec2237854ad 6eef02ce010acf131afbb798f0332b5984004013 55096808ce5a5c7d4aea2fdd142ccd9280e1c203abb4038c5f7af17f9622ab9b Loading...

	www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-12-05	2023-12-05
Pretty URL www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:52 Last Seen2023-12-05 15:59 Times Seen2 Hash 3c37f165528210e7b23652267427e197 764dd9f9860ea1b9764761e2817a90f660be04d4 4a4771fc3b49a781eb58df423e356aa7d3b2913c39b6a0d78ed8d14c24e6e51d Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	340 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1989 Hash 7b0298352717334914068ec708c9513a faf49acfb2d927211e20a345a4f6d77b31fbb539 16d9425c57376be8131894bb4b01fea2547be2fbbed0f3587cba20af9dae4190 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	658 B	2023-03-07	2025-03-18
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-03-18 16:47 Times Seen1411 Hash 3d9dd3dfd08271e8e67d096e4e43db5c 973cda2469d945e79930c96089eff05ee619294c 2c6a061a66c76e6a96530d6190e183aa6d17932f0d76778bba8bd9a6d80e09cf Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	1.4 kB	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1285 Hash ac28d3adfc51fa961f442efde7c10ce6 faed185c2f5dea63f1140b033f7d6e8c02c29295 c78d75016d77016fa0ef5cd7ee429bb10974397b970ef6eb975bce72099c29c6 Loading...

	go.ezodn.com/tardisrocinante/vitals.js?gcb=195-3&cb=3	ScriptElement	7.9 kB	2023-10-26	2024-08-21
Pretty URL go.ezodn.com/tardisrocinante/vitals.js?gcb=195-3&cb=3 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 22:18 Last Seen2024-08-21 03:15 Times Seen476 Hash 61ac8c9f56d5dcefcee51c0156b674d2 53883e1e0d4570f3587b484af4243a415336d159 549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-05-11
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-05-11 09:27 Times Seen39459 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	805 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1133 Hash f9aec3b48bec0e276b5ebbf90dd111e7 7da6fbeab0b7d5f3b4207a632ac672ecca0f2aa7 50dc7f84488cec37c774f2d47c05b549ffd9fb71baaf5d46d34b313e1c18e3ef Loading...

	cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0	ScriptElement	182 kB	2023-12-05	2023-12-05
Pretty URL cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 IP 104.19.214.37 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:52 Last Seen2023-12-05 15:52 Times Seen1 Hash 944fed72afa60d4269114503ee704123 b6e9a3ca92f7495a45bf0c0a5c8ff563fe7876b7 ff03d5ce38b0ea00296c0bf2c1c70b872a33c3dea8bde15942fd2da0d0d34166 Loading...

	www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c	ScriptElement	240 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:49 Last Seen2023-12-05 15:52 Times Seen2 Hash e363e47d6b35627c27a46079e191f64b 2f780afe39a9893d13738ba1a1cafad612e4c652 2254fa102d601ec63c8de14b934dc1adf65f3015904474fa3a05080eb2c5dbb1 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	249 B	2023-08-02	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2025-05-04 13:12 Times Seen546 Hash 55beab5d67bdc80ae6449f76912999d5 33b064eb382a33fcd2632f113e1f143da0637b2d eb5e5b77405c539594823cf2501c77088c1de9ba478ecd2d3e6e67057e1965d2 Loading...

	go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=30	ScriptElement	6.3 kB	2023-10-27	2023-12-06
Pretty URL go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=30 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 03:20 Last Seen2023-12-06 23:09 Times Seen348 Hash dc9fb855e1810a69b7012791bbc5409f 9c24e0df4a2bc5a94703d5d3c339a60b894f00a9 b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d Loading...

	go.ezodn.com/detroitchicago/tampa.js?gcb=195-3&cb=5	ScriptElement	976 B	2023-09-02	2024-08-21
Pretty URL go.ezodn.com/detroitchicago/tampa.js?gcb=195-3&cb=5 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-02 15:52 Last Seen2024-08-21 07:36 Times Seen490 Hash 1cc8f6676b659b180458d516866c84c9 50f3ac9edf56668f955d180e3001991d5979e169 7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	249 B	2023-08-02	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2025-05-04 13:12 Times Seen546 Hash 963421106495827fcf9fe217420f8a06 0b6ce350b71ab1f8f732076c5faaf470d6db2e41 8b8165b5ff1fc9eecfaea3b5b2bdb3d2a9542fcd820e7e9620ed6a3e33e74331 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	249 B	2023-08-02	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2025-05-04 13:12 Times Seen546 Hash dbe5aea1add1f579eb3452173018b0b9 29526575d2f45a89ed8c424ce50cff9c5fd7ca4f c35f2fff95a4ce45b9ff5aafb3e7c94f530f6a7d8096b72e23082208abb11f12 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	249 B	2023-08-02	2024-08-21
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2024-08-21 09:41 Times Seen410 Hash 38e4fd9528125cf4a66d7bf30ed04089 d18ed8e47a28e59cec40677642bf31c172acc28e 9ec52af9e37ec584416f8ad0388609117560b6f3b9a41bbb569b0e575577ef98 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	99 B	2023-03-07	2024-08-21
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:41 Times Seen410 Hash a11fb74027afaefcf2078d2c17739163 416b8adf94667a3552b37c4dbc93bf4e36b6cb6e 02bd4f056189f10d506c63fb2dbd6879896654fdbe64ea8f927745e00510ab20 Loading...

	go.ezodn.com/porpoiseant/et.js?gcb=195-3&cb=2	ScriptElement	1.1 kB	2023-08-29	2024-08-21
Pretty URL go.ezodn.com/porpoiseant/et.js?gcb=195-3&cb=2 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-29 20:13 Last Seen2024-08-21 07:49 Times Seen959 Hash 008399b5bf32f666787fb5e562f32e18 165110d142f2e2d00d6f41ed206c5f3fc0ccd9d3 2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487 Loading...

	go.ezodn.com/parsonsmaize/olathe.js?gcb=195-3&cb=23	ScriptElement	2.3 kB	2023-10-27	2024-08-20
Pretty URL go.ezodn.com/parsonsmaize/olathe.js?gcb=195-3&cb=23 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-27 16:08 Last Seen2024-08-20 22:12 Times Seen554 Hash 1b1672a9d5e37fe31ce5b7974a4c652c bd60e7afea4266ab3f9c728c41f9b158a4c9d53b cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	249 B	2023-08-02	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 10:56 Last Seen2025-05-04 13:12 Times Seen546 Hash 0d96dcc5a7fa47fa4c332ee297e9a150 62eec818e727952b7152b9e3aabbd7729d23bfac 954313e07c9c2b954e494025e8a0bde44bddcf0bff878f3b4a8169d1b61ca085 Loading...

	www.mediafire.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/am=AAM/d=1/rs=AN8SPfqTarZ7CfwZuRZ6kojPhk2UtLhMeg/m=el_conf	ScriptElement	90 kB	2023-12-05	2023-12-05
Pretty URL www.mediafire.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/am=AAM/d=1/rs=AN8SPfqTarZ7CfwZuRZ6kojPhk2UtLhMeg/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:52 Last Seen2023-12-05 15:52 Times Seen1 Hash 3d8b6d70ecaccd06935d9ec8b50b34fb 8676f529ed2578848ea12f1ae1e97f99e37657da 51d3cff43e6690f89b72d450224db830ee5da8211c6cf71af89dc2c8eaf54bdb Loading...

	www.mediafire.com/js/prebid8.10.0.js	ScriptElement	264 kB	2023-08-29	2024-08-21
Pretty URL www.mediafire.com/js/prebid8.10.0.js IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-29 20:13 Last Seen2024-08-21 07:49 Times Seen335 Hash 300988fb5c87dfcb8cf9356182bb199f d869ab0371069f5f308b925597489adeec4185bb 864909edb64a3e6dd9d7fde79f064c6a23727f1a0cf6a10eee863a97bd3689c6 Loading...

	otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=27462&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=1024&res=1280x1024&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone	ScriptElement	2.0 kB	2024-08-20	2024-08-20
Pretty URL otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=27462&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=1024&res=1280x1024&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash 5f7ae8284fd29c15e972fd48bc6a7eac 1539a43bb6411b3e1e45f2f5884eae10e34807d5 70eaa8f8373982a6cd3337de58ee43f0ce559afeaad66d5d4627bfd7c7329903 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	99 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen546 Hash f669d6bf5c7ad4dc205ba9ceeb629791 e5401d4cd8dea04b0f707db35451ae3944152a01 9fe4e69552905c408b9c2cead95f2f5c314e83a91b72af6ff284e46f16a5af49 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	543 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen877 Hash 9d139d72e2571ec8b88f2b08f79efb25 adb7b37f804197f726caf37ae6cd6e7becb2a549 f41723d29915e771a79001b062c73b94ccfcb9bda5a1ba30aa5f29bda7c0faf4 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	140 kB	2023-06-13	2025-01-21
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-13 05:54 Last Seen2025-01-21 15:40 Times Seen857 Hash fd9acedc52a133a2951fb9be07c3856d 28ab2449aceed6a8570024767bd6cf0dba3009c6 33579e4a20b555241e04cb38876a97e642f2f1be93cab29c5fa8516fb3c183f2 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash 32abb4d98576ff231aed6663d6a42d02 aabe9e7970b6093cf079fc56e1298171e961254a 50618ceb5e9a1ba3fda7d001266792dd5bcc2262a09e3389811a85f1fbc89325 Loading...

	www.ezojs.com/ezoic/sa.min.js	ScriptElement	124 kB	2023-12-01	2023-12-11
Pretty URL www.ezojs.com/ezoic/sa.min.js IP 104.21.63.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:57 Last Seen2023-12-11 23:58 Times Seen39 Hash e028a91506dc47ab502e5ed4faddf4ef 17fb55466dc7d5c90ca5dd6d28ab56851816ee67 5887ea0717fc39d653a3453200bea15c7aa04dc6d97ef19905f3dac89f7262ea Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/sandbox%20eval%20code		136 B	2023-04-11	2025-05-11
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-11 09:27 Times Seen41635 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	www.googletagmanager.com/gtag/js?id=UA-829541-1	ScriptElement	178 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 10:45 Last Seen2023-12-05 19:18 Times Seen4 Hash 6aec4fc9ac395060f6d5cef04e9106e7 f3dd55670cc21ed70f6c1d7730d5d2fb8c4efb58 084526a2b87efd2c79725625f3fbd3f4005473ca0a2de2074c9fb26cbaa99854 Loading...

	go.ezodn.com/detroitchicago/boise.js?gcb=195-3&cb=2	ScriptElement	926 B	2023-09-02	2024-08-21
Pretty URL go.ezodn.com/detroitchicago/boise.js?gcb=195-3&cb=2 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-02 15:53 Last Seen2024-08-21 07:36 Times Seen477 Hash edb8b12570b9800e149db7f709d37caf 707afd04a118faa66bcc6d44550ac78025bf6860 b0dc9f241ec7f0549db655a6d4aaa8c5540e5c82a1c908b8b83750e6853cd2cf Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:13 Times Seen341073 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	244 B	2023-03-07	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 13:12 Times Seen1296 Hash 3d3cc144a4263f35a45be0ce301a7765 d4f9599219bcf86d846eaf65ebd8833fa67ddcae 9ee897df84988e54e3816800f2fd31ea5c2157dff7f21ab50fdb1eff4f1e3fde Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 13:23 Times Seen17152 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	go.ezodn.com/detroitchicago/vista.js?gcb=195-3&cb=5	ScriptElement	821 B	2023-08-29	2024-08-21
Pretty URL go.ezodn.com/detroitchicago/vista.js?gcb=195-3&cb=5 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-29 20:13 Last Seen2024-08-21 07:49 Times Seen247 Hash f31cd55082a74b892bdaaf4f95663f98 84c4e88b3d8615afe74e407430a6734c18c877d8 f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main	ScriptElement	233 kB	2023-12-04	2023-12-08
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 22:08 Last Seen2023-12-08 02:08 Times Seen133 Hash 45498924419212780ef341b346f83f38 407175bd46e2ac2ccd073473131c06da6c8cc9a5 1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	14 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash 0a7b2e2bf7807a46b407f1d659edd77f 0fed6bffd32cb6a3fb70c86eb8cfa4d2575c9fbf 18164dc645a99ffa0c50538778ad30f2e90929d23b7eea2890812a09a613dd29 Loading...

	go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-3&cb=5	ScriptElement	1.0 kB	2023-09-02	2024-08-21
Pretty URL go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-3&cb=5 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-02 15:52 Last Seen2024-08-21 07:36 Times Seen561 Hash 790c83e6484dd64b8612881b0c82a082 49a82863d426b01a519cf2731c93ea1229141743 f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64 Loading...

	go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-3&shcb=34	ScriptElement	22 kB	2023-10-13	2024-08-21
Pretty URL go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-3&shcb=34 IP 172.64.136.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 00:15 Last Seen2024-08-21 04:57 Times Seen527 Hash 2b26d008d1fb83f7c5e1d1271a5a3517 b6ef4fd8f3d51450b7f50e8a27243a1908e5bf14 2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9 Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	116 B	2023-04-26	2025-05-04
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-26 19:54 Last Seen2025-05-04 13:12 Times Seen1074 Hash f73495320c5339bf6dd20bdf8abd421e 00e3250f052eab322ae032f1afaa658ac5dda9ee 1f67e0d37ab8f1187d91e7e315f3a3b0938ddcb4291c68bc60d89e883dbe6a9c Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file IP 104.16.114.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash 7f6836ecb639cc0ddcb52708a5037bf2 efdfa37f830b64ca11417d593c4949d40d032b78 e84e0a0920ed4cfdd4088e26ee77476416b8d69ae19feb12704eb18cad36dc96 Loading...

	the.gatekeeperconsent.com/v2/cmp.js?v=145	ScriptElement	188 kB	2023-12-05	2024-08-20
Pretty URL the.gatekeeperconsent.com/v2/cmp.js?v=145 IP 104.21.28.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 15:52 Last Seen2024-08-20 16:40 Times Seen110 Hash a24a6693b656a4eafa43889fba64f08e b4f0c4d551eef058d85a8ce7b8f6d2cb8f9ac0dd ce71fdffe7d88f7ee13cfdcdca04ea39d74ebb29aa54ab120c7895af4016160d Loading...

	www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:13 Times Seen341875 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

		Size	First Seen	Last Seen
	#1 Eval - cf16e3f8477f0c6c6a03715b29401bf1	12 kB	2024-08-20 16:40	2024-08-20 16:40
Pretty Observations First Seen2024-08-20 16:40 Last Seen2024-08-20 16:40 Times Seen1 Hash cf16e3f8477f0c6c6a03715b29401bf1 a1cdedc76adce4df695acc33ba25de27738e54d9 d2f9def916b3a4c7dc9036edd5b2d00bbf8465a7fae2cbdf53a0ea3d66b24f65 Loading...

	#2 Eval - 5f343fad532ff15e8c66d1a205844105	14 kB	2023-12-05 15:52	2023-12-05 15:52
Pretty Observations First Seen2023-12-05 15:52 Last Seen2023-12-05 15:52 Times Seen1 Hash 5f343fad532ff15e8c66d1a205844105 643f52c51b8350d1f91de1dfab80085bc353abfb a36471e16f7ec14491493d2fa365eebe7158f1e633e42a202d421db879345a29 Loading...

		Size	First Seen	Last Seen
	#1 Write - 257d49463eeec3d54ec1746b4c93362e	3.0 kB	2023-12-04 22:37	2024-08-20 16:46
Pretty Observations First Seen2023-12-04 22:37 Last Seen2024-08-20 16:46 Times Seen297 Hash 257d49463eeec3d54ec1746b4c93362e 96149ec43996ef38de4cb2f0501d1a2f8e2834c3 e79ec683492f3ada142c6dda65bfe1eee30b29eb2c8fd7baf00fcca3afc79f71 Loading...

HTTP Transactions (67)

URL IP Response Size

btloader.com/tag?o=5678961798414336&upapi=true

172.67.41.60

200 OK

18 kB

URL GET HTTP/2
btloader.com/tag?o=5678961798414336&upapi=true
IP
172.67.41.60:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectbtloader.com
FingerprintCA:53:B2:07:58:99:D9:F5:8D:2A:FB:76:F6:B4:9F:6B:09:17:7F:40
ValidityThu, 19 Oct 2023 20:28:18 GMT - Wed, 17 Jan 2024 20:28:17 GMT

File type
C source, ASCII text, with very long lines (53564)
Size
18 kB (18023 bytes)
Hash
819b923a9f106cf6d8f2fec2237854ad
6eef02ce010acf131afbb798f0332b5984004013
55096808ce5a5c7d4aea2fdd142ccd9280e1c203abb4038c5f7af17f9622ab9b

HTTP Headers

GET /tag?o=5678961798414336&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript
content-length: 18023
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "d16a68ccf8729bef603a7260799b98e2"
last-modified: Tue, 05 Dec 2023 14:12:15 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2243
accept-ranges: bytes
server: cloudflare
cf-ray: 830d1bc87fe4b51e-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-829541-1

142.250.74.136

200 OK

65 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-829541-1
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
65 kB (64913 bytes)
Hash
6aec4fc9ac395060f6d5cef04e9106e7
f3dd55670cc21ed70f6c1d7730d5d2fb8c4efb58
084526a2b87efd2c79725625f3fbd3f4005473ca0a2de2074c9fb26cbaa99854

HTTP Headers

GET /gtag/js?id=UA-829541-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 14:51:40 GMT
expires: Tue, 05 Dec 2023 14:51:40 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64913
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.mediafire.com/images/filetype/file-zip-v3.png

104.16.114.74

200 OK

1.9 kB

URL GET HTTP/2
static.mediafire.com/images/filetype/file-zip-v3.png
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 43 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1872 bytes)
Hash
a23b8b7059e953fc1b74bf87a77ebb0c
f23e0ad301389083104f04d4164fa57423387b17
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

HTTP Headers

GET /images/filetype/file-zip-v3.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/png
content-length: 1872
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-750"
expires: Thu, 04 Jan 2024 11:32:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1672
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca3e720afa-OSL
X-Firefox-Spdy: h2

static.mediafire.com/images/backgrounds/download/social/fb_16x16.png

104.16.114.74

200 OK

181 B

URL GET HTTP/2
static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Size
181 B (181 bytes)
Hash
78226526732869add09512e9b4be3090
f1ce9c760e17e69509cabe114392a108a6c839bc
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

HTTP Headers

GET /images/backgrounds/download/social/fb_16x16.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/png
content-length: 181
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-b5"
expires: Thu, 04 Jan 2024 11:59:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 924
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca4e7b0afa-OSL
X-Firefox-Spdy: h2

static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png

104.16.114.74

200 OK

8.1 kB

URL GET HTTP/2
static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 36 x 828, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8145 bytes)
Hash
d3df203853c4482e8753a856e13b0b07
bcee90ce0ef36a1aecdfc64596fee107b5a07a3a
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738

HTTP Headers

GET /images/backgrounds/download/apps_list_sprite-v6.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/png
content-length: 8145
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-1fd1"
expires: Thu, 04 Jan 2024 13:50:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 924
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca3e750afa-OSL
X-Firefox-Spdy: h2

static.mediafire.com/images/backgrounds/footer/social/footerIcons.png

104.16.114.74

200 OK

583 B

URL GET HTTP/2
static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 112 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
583 B (583 bytes)
Hash
e0abc4fea89d2c5153b73cd02ac5ba13
00465ef774805c82fb5b8a40b743f7b1a1d1a7d6
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

HTTP Headers

GET /images/backgrounds/footer/social/footerIcons.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/png
content-length: 583
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-247"
expires: Thu, 04 Jan 2024 11:33:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1721
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca4e820afa-OSL
X-Firefox-Spdy: h2

ad-delivery.net/px.gif?ch=2

104.26.3.70

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=2
IP
104.26.3.70:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPp0wgCF-V8nWRRFweDLkLlZ59B9_HaB5uMb_BoI2XEvFDluZgJZMS-L6RsjtVqwyDwhSyI
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Nov 2023 04:40:57 GMT
cache-control: public, max-age=86400
age: 1076586
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzJnrCvFNjEnl3SG717V7tz3StQ3IXBul%2BN5QIh5b8N3o%2FaMGCB39oIhdNfWK%2BWupqOHK4PVP6fSPxDwonXXxIyFuoyFU6dO29WWLeK8ajIvASS0bTaPgkSNwA%2B3yGiU7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bcad8be56c3-OSL
X-Firefox-Spdy: h2

ad-delivery.net/px.gif?ch=1&e=0.9129388925603653

104.26.3.70

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=1&e=0.9129388925603653
IP
104.26.3.70:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=1&e=0.9129388925603653 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPp0wgCF-V8nWRRFweDLkLlZ59B9_HaB5uMb_BoI2XEvFDluZgJZMS-L6RsjtVqwyDwhSyI
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Nov 2023 04:40:57 GMT
cache-control: public, max-age=86400
age: 1076586
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coidz08DjUG4tctsfevTnjM9GeBA9rjJWsyY52CQSTEIvl9sIkDkVrWpaEZuNZRwWTODkHXVupMhYUII4n6WgZq5UYp2AWwzRyH7Wjc%2B5riBCKHLCBUQVEWw60pFlCtqYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bcad8c456c3-OSL
X-Firefox-Spdy: h2

api.btloader.com/mw/state?bt_env=prod

130.211.23.194

204 No Content

0 B

URL GET HTTP/2
api.btloader.com/mw/state?bt_env=prod
IP
130.211.23.194:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
FingerprintE3:DF:8E:52:D3:DB:3D:FB:A3:E9:88:5C:1C:A4:25:E5:21:14:71:2A
ValidityTue, 10 Oct 2023 05:09:40 GMT - Mon, 08 Jan 2024 06:03:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mediafire.com/
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Tue, 05 Dec 2023 14:51:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-53LP4T

142.250.74.136

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-53LP4T
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (30556)
Size
84 kB (83460 bytes)
Hash
69e0b9b4b8de1a990ffd7bbd69822a72
ceb1c4c8ab070f70484a98b1523b39b2bae3d800
eac5cbc070c285d2baa6df2ebb0e45577ac8685b8f09b6d6255980af9b515507

HTTP Headers

GET /gtm.js?id=GTM-53LP4T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 14:51:40 GMT
expires: Tue, 05 Dec 2023 14:51:40 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 18:39:49 GMT
expires: Tue, 03 Dec 2024 18:39:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 72712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.btloader.com/pv?tid=ibnc2JTCHI&w=5115845767331840&o=5678961798414336&cv=2.1.26&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&sid=kI4jYrqR&pm=true&upapi=true

130.211.23.194

204 No Content

0 B

URL GET HTTP/2
api.btloader.com/pv?tid=ibnc2JTCHI&w=5115845767331840&o=5678961798414336&cv=2.1.26&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&sid=kI4jYrqR&pm=true&upapi=true
IP
130.211.23.194:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
FingerprintE3:DF:8E:52:D3:DB:3D:FB:A3:E9:88:5C:1C:A4:25:E5:21:14:71:2A
ValidityTue, 10 Oct 2023 05:09:40 GMT - Mon, 08 Jan 2024 06:03:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pv?tid=ibnc2JTCHI&w=5115845767331840&o=5678961798414336&cv=2.1.26&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&sid=kI4jYrqR&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Tue, 05 Dec 2023 14:51:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.btloader.com/country

130.211.23.194

200 OK

16 B

URL GET HTTP/2
api.btloader.com/country
IP
130.211.23.194:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
FingerprintE3:DF:8E:52:D3:DB:3D:FB:A3:E9:88:5C:1C:A4:25:E5:21:14:71:2A
ValidityTue, 10 Oct 2023 05:09:40 GMT - Mon, 08 Jan 2024 06:03:14 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d

HTTP Headers

GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mediafire.com/
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Tue, 05 Dec 2023 14:51:41 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.mediafire.com/images/backgrounds/download/additional_content/world.svg

104.16.114.74

200 OK

136 kB

URL GET HTTP/2
static.mediafire.com/images/backgrounds/download/additional_content/world.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
136 kB (136506 bytes)
Hash
53c60ea763fca73cc79895a1ce9dcd78
b5fc4f0c2a972b50d95cbcb1d425e0c1cf5bcbaf
624d6e7601e929708a844ee9f4ae7a01da411c49ad9020912a54508beb5fb398

HTTP Headers

GET /images/backgrounds/download/additional_content/world.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-23ce2"
access-control-allow-origin: *
cf-cache-status: HIT
age: 1710
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca5e970afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

g.ezoic.net/detroitchicago/imp.gif?ez_orig=1

3.69.213.60

47 B

URL POST
g.ezoic.net/detroitchicago/imp.gif?ez_orig=1
IP
3.69.213.60:0
ASN
#16509 AMAZON-02

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezoic.net
FingerprintC5:5C:03:87:DA:02:2A:B8:43:92:80:C4:58:89:2B:A5:BA:E9:7E:D9
ValidityThu, 16 Nov 2023 23:25:59 GMT - Wed, 14 Feb 2024 23:25:58 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
47 B (47 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

POST /detroitchicago/imp.gif?ez_orig=1 HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1206
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: image/gif
date: Tue, 05 Dec 2023 14:51:41 GMT
expires: Mon, 04 Dec 2023 14:51:41 GMT
vary: Accept-Encoding
x-middleton-display: imp_sol
content-length: 47
X-Firefox-Spdy: h2

privacy.gatekeeperconsent.com/consent_modules.json

172.67.144.62

200 OK

83 kB

URL GET HTTP/2
privacy.gatekeeperconsent.com/consent_modules.json
IP
172.67.144.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
83 kB (82996 bytes)
Hash
345df1a7769e18d6fe908c35d9ccd53d
216a58d5a6901d8b57bf19e4dda7bd52f83b4795
4ff8b1cd88dbbaff581565c11d71c4dcfc1530d18aff219a9479af06373a0e90

HTTP Headers

GET /consent_modules.json HTTP/1.1
Host: privacy.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=15780000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxmP%2B%2B0xuAWjyBVdGTs%2F35An24ElmZeEXiB8kAX4iDSE0Fn%2Br4f3a74AZPadR9xONW7c3wsizaiiPxDLViuPPSHpdqdY24xCOFO1KZJtHF%2BP5DfEua7c5y3MRgxf3AzHOrE0S9qTbr1aLhbG4HXTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca6d12b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.35

200 OK

910 B

URL GET HTTP/3
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 13:40:04 GMT
expires: Tue, 03 Dec 2024 13:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
age: 90697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:20:13 GMT
expires: Fri, 29 Nov 2024 05:20:13 GMT
cache-control: public, max-age=31536000
age: 466288
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

the.gatekeeperconsent.com/v2/cmp.js?v=145

104.21.28.48

200 OK

48 kB

URL GET HTTP/3
the.gatekeeperconsent.com/v2/cmp.js?v=145
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (47765 bytes)
Hash
a24a6693b656a4eafa43889fba64f08e
b4f0c4d551eef058d85a8ce7b8f6d2cb8f9ac0dd
ce71fdffe7d88f7ee13cfdcdca04ea39d74ebb29aa54ab120c7895af4016160d

HTTP Headers

GET /v2/cmp.js?v=145 HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-bgj: minify
last-modified: Mon, 04 Dec 2023 15:48:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 81918
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1PcvcL4x5mE4GpIibTuNI4DdWEzBWD5TE%2FFSdOrpgAIt2zN6pplhf51t3Oq6XOeEUV2z69G%2FB91KaNx5ArgLtbC65Zfkd9bB2AEtEDuNHxgbXAUwhLcSf1JXeL%2FceI3aqN5RjXf1s43OLAO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcbccf3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mediafire.com/cdn-cgi/rum?

104.16.114.74

204 No Content

0 B

URL POST HTTP/2
www.mediafire.com/cdn-cgi/rum?
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 14981
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=; ezoadgid_484470=-1; ezoref_484470=; ezosuibasgeneris-1=6f0d57f1-bfc6-4fd5-40cc-5b5e38a1a3bf; ezoab_484470=mod245-c; lp_484470=https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file; ezovuuidtime_484470=1701787900; ezovuuid_484470=e86ce677-3d4f-467e-715c-a7fa8504fa55; active_template::484470=orig_site.1701787900; ezopvc_484470=1; ezepvv=0; ezstandaloneuser=false; cf_clearance=UrqTzrO0S5tRK6OvThoFkRwSQPxjox87NoB4HRRPUD4-1701787901-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701787901; ezux_lpl_484470=1701787907822|9d14b5ca-98d5-49eb-7b8f-b32245ff7193|false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 05 Dec 2023 14:51:41 GMT
access-control-allow-origin: https://www.mediafire.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 830d1bd348840afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

the.gatekeeperconsent.com/cmp.min.js

104.21.28.48

200 OK

2.0 kB

URL GET HTTP/2
the.gatekeeperconsent.com/cmp.min.js
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type
ASCII text, with very long lines (997)
Size
2.0 kB (1965 bytes)
Hash
fbe92038aa9b8d58fc93cfe47e2987af
eef8bd2a46f667ba964cb865285ec57502b894e8
66f8ecd359ccf9d79ae9c4ad10312de1a65db446344b2667e54d604f25d3165b

HTTP Headers

GET /cmp.min.js HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript
cache-control: public, max-age=14400
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Tue, 05 Dec 2023 14:48:45 GMT
cf-cache-status: HIT
age: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndiYUQQtwGgnJCuc9mU7seXgf2Nle8NOxRugw7EO%2FQ25ZM3vplrqfS3Z4FsaJ4wIlrXdbI%2BvIR5Vsvf3mNWBUoh1vw6c05VO8fULe4DDiYzb4LuXVTj8KJYwpQJoekTxijMJgwvbpl9ttTY7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bc86b4cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domainId=484470&region=default&lang=en&cb=145&changeLogId=593543

104.21.28.48

200 OK

0 B

URL GET HTTP/3
the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domainId=484470&region=default&lang=en&cb=145&changeLogId=593543
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /cmp/v2/main_modal_firstpage?domainId=484470&region=default&lang=en&cb=145&changeLogId=593543 HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.mediafire.com/
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:42 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7vtsgxoCYoa7YIcDnFhjifRY5IkFQLJB9gmr0Av%2Flg7PqZXU5%2BoRPpZghqZpoW0jQYIaCvSAvgurjDQ6Wc3UEgJfQWrKnXWi9OfzNwRt9xZSoJYcW1Yv3gItUzkvAndSWsBy0fOFlT5u41N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bd3cf68b4ee-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 18:39:49 GMT
expires: Tue, 03 Dec 2024 18:39:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 72713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20231203 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 14:51:42 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-RUNb7I1R2J6sI6z0OOCplA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=16.SE=kbZDl-_WotyRAW-Uo_r_DkToCcHQs3g9DMguDiMX67XUQTCRB77aXJPRNgO14mVh576-yg2t3P6eGYpi8vX3ldq3-kv-BRwS1iJbzRmo1kcIaxQ2hyctybjjHw4V1rNtoQD51rQWhhWu-8ia-Y2b23U4JZzDIp7xU0nF-goYX-c; expires=Sat, 04-Jan-2025 07:10:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1486098917.1701787908&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1726978146

142.250.74.67

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1486098917.1701787908&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1726978146
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=1486098917.1701787908&gtm=45je3bt0v887485693z86304663&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1726978146 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 14:51:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701787906186&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1486098917.1701787908&ul=en-us&sr=1280x1024&_s=1&sid=1701787907&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&dt=ch3%40tHUB&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&tfd=2514

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701787906186&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1486098917.1701787908&ul=en-us&sr=1280x1024&_s=1&sid=1701787907&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&dt=ch3%40tHUB&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&tfd=2514
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3bt0v887485693z86304663&_p=1701787906186&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1486098917.1701787908&ul=en-us&sr=1280x1024&_s=1&sid=1701787907&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&dt=ch3%40tHUB&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&tfd=2514 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.mediafire.com
date: Tue, 05 Dec 2023 14:51:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

0 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://www.mediafire.com/
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.mediafire.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 14:51:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+162; expires=Thu, 04-Dec-2025 14:51:51 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 14:51:51 GMT
cache-control: private

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

131 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 312
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.mediafire.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 05 Dec 2023 14:51:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+245; expires=Thu, 04-Dec-2025 14:51:51 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 14:51:51 GMT

g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWQxNGI1Y2EtOThkNS00OWViLTdiOGYtYjMyMjQ1ZmY3MTkzIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMTc4NzkwMCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTItMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkMTRiNWNhLTk4ZDUtNDllYi03YjhmLWIzMjI0NWZmNzE5MyIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MDE3ODc5MDAsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=

3.69.213.60

0 B

URL
g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWQxNGI1Y2EtOThkNS00OWViLTdiOGYtYjMyMjQ1ZmY3MTkzIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMTc4NzkwMCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTItMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkMTRiNWNhLTk4ZDUtNDllYi03YjhmLWIzMjI0NWZmNzE5MyIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MDE3ODc5MDAsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
IP
3.69.213.60:0
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectezoic.net
FingerprintC5:5C:03:87:DA:02:2A:B8:43:92:80:C4:58:89:2B:A5:BA:E9:7E:D9
ValidityThu, 16 Nov 2023 23:25:59 GMT - Wed, 14 Feb 2024 23:25:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWQxNGI1Y2EtOThkNS00OWViLTdiOGYtYjMyMjQ1ZmY3MTkzIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMTc4NzkwMCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTItMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjlkMTRiNWNhLTk4ZDUtNDllYi03YjhmLWIzMjI0NWZmNzE5MyIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MDE3ODc5MDAsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0= HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Tue, 05 Dec 2023 14:51:56 GMT
expires: Mon, 04 Dec 2023 14:51:56 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2

3.69.213.60

0 B

URL
g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxMjAifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjM0OCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTE2In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjM3MiJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjQ3MCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxOTE4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWQxNGI1Y2EtOThkNS00OWViLTdiOGYtYjMyMjQ1ZmY3MTkzIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMTc4NzkwMCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI4NTEifV19XQ==
IP
3.69.213.60:0
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectezoic.net
FingerprintC5:5C:03:87:DA:02:2A:B8:43:92:80:C4:58:89:2B:A5:BA:E9:7E:D9
ValidityThu, 16 Nov 2023 23:25:59 GMT - Wed, 14 Feb 2024 23:25:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxMjAifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjM0OCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMTE2In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjM3MiJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjQ3MCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxOTE4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWQxNGI1Y2EtOThkNS00OWViLTdiOGYtYjMyMjQ1ZmY3MTkzIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcwMTc4NzkwMCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI4NTEifV19XQ== HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Tue, 05 Dec 2023 14:51:56 GMT
expires: Mon, 04 Dec 2023 14:51:56 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2

3.69.213.60

0 B

URL
g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzAxNzg3OTIzOTkzIn1dfV0=
IP
3.69.213.60:0
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectezoic.net
FingerprintC5:5C:03:87:DA:02:2A:B8:43:92:80:C4:58:89:2B:A5:BA:E9:7E:D9
ValidityThu, 16 Nov 2023 23:25:59 GMT - Wed, 14 Feb 2024 23:25:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5ZDE0YjVjYS05OGQ1LTQ5ZWItN2I4Zi1iMzIyNDVmZjcxOTMiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzAxNzg3OTAwLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzAxNzg3OTIzOTkzIn1dfV0= HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Tue, 05 Dec 2023 14:51:58 GMT
expires: Mon, 04 Dec 2023 14:51:58 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2

www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.16.114.74

302 Found

7.4 kB

URL GET HTTP/2
www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type

Size
7.4 kB (7432 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 14:51:40 GMT
access-control-allow-origin: *
vary: accept-encoding
cache-control: max-age=300, public
content-encoding: gzip
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
server: cloudflare
cf-ray: 830d1bcabedc0afa-OSL
X-Firefox-Spdy: h2

privacy.gatekeeperconsent.com/tcf2_stub.js

104.21.28.48

200 OK

1.1 kB

URL GET HTTP/3
privacy.gatekeeperconsent.com/tcf2_stub.js
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1157), with no line terminators
Size
1.1 kB (1127 bytes)
Hash
d6cc308b77a4bb6f98c5a07e03a7694a
5ecf1eda60c7fca293330dfac0b1b5153d318a54
9f1532f17ac7e587162829778383145bea53311983ff85a2aed1f6b60fef6a9e

HTTP Headers

GET /tcf2_stub.js HTTP/1.1
Host: privacy.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15780000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ4yhSQe6lPyyx0GayH6qC8MaZWjPliMFyUka1SOQy%2Bvwm%2BGnXpHFmEgZgzcE1MqVyFXBjtuDhGvjgxOn1htZz8PHIj%2BZl7AAdFU3hlfWO20VCaO2H1Ywn7k2VE1Ss4a%2F3NtQrKWXYVgccShBLXCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bcbccf1b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mediafire.com/js/prebid8.10.0.js

104.16.114.74

200 OK

264 kB

URL GET HTTP/2
www.mediafire.com/js/prebid8.10.0.js
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
264 kB (264514 bytes)
Hash
300988fb5c87dfcb8cf9356182bb199f
d869ab0371069f5f308b925597489adeec4185bb
864909edb64a3e6dd9d7fde79f064c6a23727f1a0cf6a10eee863a97bd3689c6

HTTP Headers

GET /js/prebid8.10.0.js HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=; ezoadgid_484470=-1; ezoref_484470=; ezosuibasgeneris-1=6f0d57f1-bfc6-4fd5-40cc-5b5e38a1a3bf; ezoab_484470=mod245-c; lp_484470=https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file; ezovuuidtime_484470=1701787900; ezovuuid_484470=e86ce677-3d4f-467e-715c-a7fa8504fa55; active_template::484470=orig_site.1701787900; ezopvc_484470=1; ezepvv=0; ezstandaloneuser=false; cf_clearance=UrqTzrO0S5tRK6OvThoFkRwSQPxjox87NoB4HRRPUD4-1701787901-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701787901
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/x-javascript
cf-ray: 830d1bcf3bb10afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 2902
cache-control: max-age=2592000
etag: W/"64ecb639-40a99"
expires: Thu, 04 Jan 2024 13:58:23 GMT
last-modified: Mon, 28 Aug 2023 14:59:05 GMT
vary: Accept-Encoding
cf-bgj: minify
cf-polished: origSize=264857
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

go.ezodn.com/tardisrocinante/vitals.js?gcb=195-3&cb=3

172.64.136.15

200 OK

7.9 kB

URL GET HTTP/3
go.ezodn.com/tardisrocinante/vitals.js?gcb=195-3&cb=3
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (8097), with no line terminators
Size
7.9 kB (7941 bytes)
Hash
93c42b65547846f04812b4aa97193ba9
81f94f20be8b15aae7b161e69709d89d1540ee18
d167aec6855e7a22863667b325ad3b3e448c135ec7edd11aaebaf57c2454241a

HTTP Headers

GET /tardisrocinante/vitals.js?gcb=195-3&cb=3 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Wed, 01 Nov 2023 07:20:16 GMT
cf-cache-status: HIT
age: 2274639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHsYL75R6gr5Mu9%2B3SEvirw3RMS6vLDvbycQ29%2FLbjnn3%2BnVlv8oNj1sm8o1PFFQSfSUY4xkzLy0qxiVYkULJDr6xK8%2F%2FFDrqG90JmQDtIyqfLw6Q2dyRYfn4MuTGQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcffd2863de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

6.2 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6445), with no line terminators
Size
6.2 kB (6225 bytes)
Hash
a1a4ffbc52fa4bd18e2f9f7c45ba71fc
0df81f908c859204ae9748c21ad2a4219381b2e4
151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:23:19 GMT
expires: Fri, 29 Nov 2024 23:23:19 GMT
cache-control: public, max-age=31536000
age: 401302
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

the.gatekeeperconsent.com/cmp/gvl.json?v=4&lang=en

104.21.28.48

200 OK

563 kB

URL GET HTTP/3
the.gatekeeperconsent.com/cmp/gvl.json?v=4&lang=en
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type

Size
563 kB (562592 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cmp/gvl.json?v=4&lang=en HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=345600
last-modified: Thu, 30 Nov 2023 01:53:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fupQ6FrEa9MQBro%2B0seQV8YlC453mj6ffrny89Z6%2BRUq5zUp77giJzzOCnLoIG64kg4YBKS8t5UONFH4qOKm6Sl5Qxdb1pJv2fQuxsb70yqAkTaZyeLLddxaOrXwEady3OS39S%2Bu7TY7q6aH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bd34ee5b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file

104.16.114.74

200 OK

315 kB

URL User Request GET HTTP/2
www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type

Size
315 kB (314960 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:39 GMT
content-type: text/html; charset=UTF-8
cf-ray: 830d1bc4f9950afa-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: 0
strict-transport-security: max-age=0
vary: Accept-Encoding
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; expires=Sat, 05-Dec-2043 14:51:39 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly
conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; expires=Thu, 04-Jan-2024 14:51:39 GMT; Max-Age=2592000; path=/; domain=.mediafire.com
__cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=; path=/; expires=Tue, 05-Dec-23 15:21:39 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

the.gatekeeperconsent.com/v2/loadLanguages.json

104.21.28.48

200 OK

51 kB

URL GET HTTP/3
the.gatekeeperconsent.com/v2/loadLanguages.json
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type

Size
51 kB (51365 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/loadLanguages.json HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:42 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw3biDDXZ1pgL0vOlBfA6ayhtn7GBhj9uXXe64IhAH95AZiHBHsdFddpQkzSy0u1blzjpOdMsXDUwaZESxF66fiDys3Q3xD8jhLu5bEX7XkC80FH1w1Cz1RU86b8lpa5NhaimrjYH8aF4b69"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bd3cf62b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg

104.16.114.74

200 OK

3.4 kB

URL GET HTTP/2
static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3431), with no line terminators
Size
3.4 kB (3357 bytes)
Hash
dcdfa60ac03cdc6d20a6f5387d8e8bc1
44eb0cadc59e09b469ebe80f5e8daa08d171bd4a
c51b0ebbdbc3f553f727d7b29c9390260ffc62f0fd67356081e6ac03cf0e3155

HTTP Headers

GET /images/backgrounds/header/mf_logo_full_color.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
etag: W/"5813cfb2-d1d"
access-control-allow-origin: *
cf-cache-status: HIT
age: 1722
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca3e710afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-3&shcb=34

172.64.136.15

200 OK

22 kB

URL GET HTTP/3
go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-3&shcb=34
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (2921)
Size
22 kB (21681 bytes)
Hash
2b26d008d1fb83f7c5e1d1271a5a3517
b6ef4fd8f3d51450b7f50e8a27243a1908e5bf14
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9

HTTP Headers

GET /parsonsmaize/chanute.js?a=a&cb=7&dcb=195-3&shcb=34 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Wed, 08 Nov 2023 02:21:42 GMT
cf-cache-status: HIT
age: 1586676
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1vurmB9LxMxu8l45tAUlSENH5MJ1EOt46mgc8gODATMzH4wWd6HJpGa2QEGMndQ0OLHxPFI%2BcD0vsug3bJ6GjlPEF2UoRGdrBXA6SoC%2FEpo3ma%2BzrpnKKltoWgk%2FF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcffd2663de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main

142.250.74.138

200 OK

233 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2193)
Size
233 kB (233382 bytes)
Hash
45498924419212780ef341b346f83f38
407175bd46e2ac2ccd073473131c06da6c8cc9a5
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.F6iRVDW95aA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq9pmT7tJkFFvUkid-e-0Wpomm2EQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 81976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 18:19:43 GMT
expires: Tue, 03 Dec 2024 18:19:43 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 02 Dec 2023 00:18:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

go.ezodn.com/detroitchicago/boise.js?gcb=195-3&cb=2

172.64.136.15

200 OK

926 B

URL GET HTTP/2
go.ezodn.com/detroitchicago/boise.js?gcb=195-3&cb=2
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (958), with no line terminators
Size
926 B (926 bytes)
Hash
e4d7ea061c0c5d4705de2818c48a8dd2
f47ae0df59a27573cce5be785a0fd9a2c41fb395
c56549cbcdf53ec4ea3367aaaab511ef1696b138fe271841ff825ec234739434

HTTP Headers

GET /detroitchicago/boise.js?gcb=195-3&cb=2 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Fri, 08 Sep 2023 05:39:36 GMT
cf-cache-status: HIT
age: 560625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJVyO1rXKiTltpUtAzBFyMeEoX3sm6sMMpiSB0LAm47Lvo0pdl8gu058YwOvO3IUVy%2FBOpwvenMwjz4MkgI3LuPk%2Fo7umBI4pFPAhK8UU7giosSeNl%2FBoYeDe%2FAelV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcd38c56101-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.ezodn.com/detroitchicago/vista.js?gcb=195-3&cb=5

172.64.136.15

200 OK

821 B

URL GET HTTP/3
go.ezodn.com/detroitchicago/vista.js?gcb=195-3&cb=5
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (831), with no line terminators
Size
821 B (821 bytes)
Hash
2f9aafd42f9160c0f719d11bfce4e0c5
14a8873942f3ac42dfc776f2d868d532890fe45b
3489ef0822cff34a20a8207557aaeb3f0061aff641e1710f1fb080a13c202674

HTTP Headers

GET /detroitchicago/vista.js?gcb=195-3&cb=5 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Tue, 29 Aug 2023 18:02:21 GMT
cf-cache-status: HIT
age: 3053036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iWaaoZVHSwLndzPwA0fAOhm%2BW%2BAY7GsX5OX9DwLHqAXeCeYzFxYkHUYJ6Trs10TWVS%2BWscVqiQ1OOWgo91cCJ7lK4RphbNcJS69XaxWxo54hPDbwp2LwLPoJpN2nQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcf1bf263de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.57.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
20 kB (19986 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bc84d3ab515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

g.ezoic.net/saa.go

3.69.213.60

200 OK

14 kB

URL POST HTTP/2
g.ezoic.net/saa.go
IP
3.69.213.60:443
ASN
#16509 AMAZON-02

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezoic.net
FingerprintC5:5C:03:87:DA:02:2A:B8:43:92:80:C4:58:89:2B:A5:BA:E9:7E:D9
ValidityThu, 16 Nov 2023 23:25:59 GMT - Wed, 14 Feb 2024 23:25:58 GMT

File type
ASCII text, with very long lines (13521), with no line terminators
Size
14 kB (13521 bytes)
Hash
5f343fad532ff15e8c66d1a205844105
643f52c51b8350d1f91de1dfab80085bc353abfb
a36471e16f7ec14491493d2fa365eebe7158f1e633e42a202d421db879345a29

HTTP Headers

POST /saa.go HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2532
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/javascript
date: Tue, 05 Dec 2023 14:51:40 GMT
expires: Mon, 04 Dec 2023 14:51:40 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag: noindex
X-Firefox-Spdy: h2

go.ezodn.com/porpoiseant/et.js?gcb=195-3&cb=2

172.64.136.15

200 OK

1.1 kB

URL GET HTTP/2
go.ezodn.com/porpoiseant/et.js?gcb=195-3&cb=2
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (1089), with no line terminators
Size
1.1 kB (1078 bytes)
Hash
4d41383db566e0b6e6d0abe17c4a6325
3ae9f1bd821fb2dddd7af931d271556a434ceb1d
4199899b0b57b693dbaaae6144d79989b9562793873d748092ebf796171a6f2a

HTTP Headers

GET /porpoiseant/et.js?gcb=195-3&cb=2 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Wed, 01 Nov 2023 07:20:15 GMT
cf-cache-status: HIT
age: 648176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A13AdUoc7QM9AVmRnTReQYq%2FzfuwhYbYw7SwciM1i8CfUeb%2BC%2BRs%2FYj7sVm%2Bt1fez0a1JjRPNsZcesqw%2BXMyR%2FFCYCLirvEdlXBW8L8MqxdK1qsYWWy6I79oq9iZBQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcd38c46101-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=27462&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=1024&res=1280x1024&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

0.0.0.0

0 B

URL GET
otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=27462&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=1024&res=1280x1024&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:54:CC:DA:89:30:52:99:19:9D:4A:7B:76:AB:4D:06:B5:AD:1D:49
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=27462&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=1024&res=1280x1024&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs6c8uxqo4es5e6w%2Fch3%40tHUB.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone HTTP/1.1
Host: otnolatrnup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
__INF_CC=; expires=Sat, 25-Nov-2023 14:51:41 GMT; path=/
INF_DFL8=false; path=/; SameSite=None; secure
IUID=40f1be2c-d303-4c0e-8ba2-325ed807ef2a; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure
ISSH=6FC25B; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
CHN=#[]; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 05-Dec-2023 18:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{"101":[{"SId":"6FC25B","D":"23/12/5T6:51:41"}]}; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[101]; expires=Mon, 05-Dec-2033 14:51:41 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 830d1bced86e56cb-OSL
alt-svc: h3=":443"; ma=86400

the.gatekeeperconsent.com/v2/config.json

104.21.28.48

200 OK

17 kB

URL GET HTTP/3
the.gatekeeperconsent.com/v2/config.json
IP
104.21.28.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectgatekeeperconsent.com
FingerprintAE:8A:F3:FE:39:C6:63:FD:D0:60:E3:53:D6:46:26:E7:50:E1:D2:87
ValidityTue, 31 Oct 2023 09:45:54 GMT - Mon, 29 Jan 2024 09:45:53 GMT

File type
JSON data\012- , ASCII text, with very long lines (16821)
Size
17 kB (16822 bytes)
Hash
e3551cd355a77b6e16b6ef457ec65eec
aace22d6a7652fa0b64d7212689e2b74b0eaeee6
27907c2a7fb153f5a79d575f5f6541d9043885ec376a0bf93be6fd7c1809a311

HTTP Headers

GET /v2/config.json HTTP/1.1
Host: the.gatekeeperconsent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaWVaAlrnjhacynb4w0HXStKUx30NHVqklNQsFE1wdmFzKXsXDPdzBXg691gE%2FTLlU4RNosSb7iu6QnFmwOedmy9B%2B0O%2BVIExmoD2xWBkHx0J65FnbnGyy17L%2FkTU2zZ3BjgX0LMec2g0b6l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bceb8f2b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-3&cb=5

172.64.136.15

200 OK

1.0 kB

URL GET HTTP/3
go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-3&cb=5
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (1022), with no line terminators
Size
1.0 kB (1002 bytes)
Hash
411c59341edaa4aeb94564fa1d8e6d1e
4de057f8ea94101f762ed338dc19f04792755fc3
e6e01edd75c02a475e62d921c0b855ba1cca72009e44d1fae08bfdd564415925

HTTP Headers

GET /parsonsmaize/mulvane.js?gcb=195-3&cb=5 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Tue, 31 Oct 2023 04:14:45 GMT
cf-cache-status: HIT
age: 2970820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EbuxG56p%2BytRB7GJ91L%2BWXAXWFw7vibx%2BFI6vGEs7BP%2F2%2FvCu8jUMhoxUQ05GmwbuKsmOybfzFUSbIpf9X7NPugEpdAGiu9Gdv0%2FD%2Ff9PdfpgYEXqU8N%2B6TY0HWzjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcf1beb63de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.mediafire.com/images/icons/svg_light/icons_sprite.svg

104.16.114.74

200 OK

37 kB

URL GET HTTP/2
www.mediafire.com/images/icons/svg_light/icons_sprite.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (1204)
Size
37 kB (37035 bytes)
Hash
78ba220259933f24dc696a3b1e085444
39c72d416a8564f5c2d9cfee8c9ddd17cea17807
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

HTTP Headers

GET /images/icons/svg_light/icons_sprite.svg HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
cf-ray: 830d1bca3e730afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 923
etag: W/"62deda56-90ab"
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

static.mediafire.com/images/backgrounds/download/additional_content/flag.svg

104.16.114.74

200 OK

234 B

URL GET HTTP/2
static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
d6654db89e4e8dbd4a0110a5faaffe15
272182829f6121ecf7d2fb16dbb0eeaa6c7468d7
8ce6098bef550b1d04ed81897c945afb2952ea6ca558d06aa3318f478b7abe4c

HTTP Headers

GET /images/backgrounds/download/additional_content/flag.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-ea"
access-control-allow-origin: *
cf-cache-status: HIT
age: 1605
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca5ea20afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.ezojs.com/ezoic/sa.min.js

104.21.63.106

200 OK

124 kB

URL GET HTTP/2
www.ezojs.com/ezoic/sa.min.js
IP
104.21.63.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.ezojs.com
Fingerprint1E:09:AE:00:88:A0:CE:57:C6:01:3C:40:25:7D:BD:1F:38:CE:18:14
ValidityWed, 08 Nov 2023 03:49:27 GMT - Tue, 06 Feb 2024 03:49:26 GMT

File type

Size
124 kB (123952 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ezoic/sa.min.js HTTP/1.1
Host: www.ezojs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript
cache-control: public, max-age=86400
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Mon, 04 Dec 2023 16:48:35 GMT
cf-cache-status: HIT
age: 79378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQWFkXkxutyIHuvmt2N4ROSssuJioqJOgvmZjTyNTYttJAzTO4p2g%2BZGwb1u45qLu6P%2FI8ia4WIBBA4sxlJNFyAxzbtZmLm2W7Fm%2BSOG7SBES1WJb4JtxGUXsKmFdXvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bc898ef1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

104.19.214.37

200 OK

182 kB

URL GET HTTP/2
cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
IP
104.19.214.37:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:54:CC:DA:89:30:52:99:19:9D:4A:7B:76:AB:4D:06:B5:AD:1D:49
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52471), with CRLF, LF line terminators
Size
182 kB (181837 bytes)
Hash
944fed72afa60d4269114503ee704123
b6e9a3ca92f7495a45bf0c0a5c8ff563fe7876b7
ff03d5ce38b0ea00296c0bf2c1c70b872a33c3dea8bde15942fd2da0d0d34166

HTTP Headers

GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/1.1
Host: cdn.otnolatrnup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Tue, 05 Dec 2023 14:43:46 GMT
cf-cache-status: HIT
age: 37
server: cloudflare
cf-ray: 830d1bca9a2056c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.mediafire.com/images/flags_svg/usa.svg

104.16.114.74

200 OK

1.5 kB

URL GET HTTP/2
static.mediafire.com/images/flags_svg/usa.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (1638), with no line terminators
Size
1.5 kB (1479 bytes)
Hash
fd3f3d86fa6eeac3db8abfe8768598fb
2d76f41e4b1d2f47edbad7a0dafe9a79f9f52585
a280253fcf4a58c0a287f4cc654cd049845ba0bcfc7b3a984bd41358bf1e4ead

HTTP Headers

GET /images/flags_svg/usa.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-5c7"
access-control-allow-origin: *
cf-cache-status: HIT
age: 9209
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca5e9b0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.mediafire.com/favicon.ico

104.16.114.74

200 OK

11 kB

URL GET HTTP/2
www.mediafire.com/favicon.ico
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 8 bits/pixel\012- data
Size
11 kB (10822 bytes)
Hash
a301c91c118c9e041739ad0c85dfe8c5
039962373b35960ef2bb5fbbe3856c0859306bf7
cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=; ezoadgid_484470=-1; ezoref_484470=; ezosuibasgeneris-1=6f0d57f1-bfc6-4fd5-40cc-5b5e38a1a3bf; ezoab_484470=mod245-c; lp_484470=https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file; ezovuuidtime_484470=1701787900; ezovuuid_484470=e86ce677-3d4f-467e-715c-a7fa8504fa55; active_template::484470=orig_site.1701787900; ezopvc_484470=1; ezepvv=0; ezstandaloneuser=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/x-icon
cf-ray: 830d1bcc58830afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 549443
cache-control: max-age=2592000
etag: W/"62deda56-2a46"
expires: Wed, 27 Dec 2023 15:31:04 GMT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg

104.16.114.74

200 OK

315 B

URL GET HTTP/2
www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (337), with no line terminators
Size
315 B (315 bytes)
Hash
2d4f26013518ae1caff6316729090324
7e9ad2ad4aa736d6a3d6250461e18ea97f0055b6
882da7616f65fd0c80462d47d5d8954f80c5c688c9e9db28164b704b53d2fb3c

HTTP Headers

GET /images/icons/svg_dark/arrow_dropdown.svg HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
cf-ray: 830d1bca3e770afa-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 933
etag: W/"62deda56-13b"
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

104.16.114.74

200 OK

7.4 kB

URL GET HTTP/2
www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7432), with no line terminators
Size
7.4 kB (7432 bytes)
Hash
3c37f165528210e7b23652267427e197
764dd9f9860ea1b9764761e2817a90f660be04d4
4a4771fc3b49a781eb58df423e356aa7d3b2913c39b6a0d78ed8d14c24e6e51d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
vary: accept-encoding
cache-control: max-age=14400, public
server: cloudflare
cf-ray: 830d1bcbcfcb0afa-OSL
X-Firefox-Spdy: h2

go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=30

172.64.136.15

200 OK

6.3 kB

URL GET HTTP/2
go.ezodn.com/parsonsmaize/abilene.js?gcb=195-3&cb=30
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (6449), with no line terminators
Size
6.3 kB (6323 bytes)
Hash
4b6deece5acd159ec2b76d96f82976d7
5b41a98a03f14464816df8b970c481529c2aab23
5a3b2f36e5baac2e3aef0ef5f7584d2848fd2ecfca12dc476c3d7eb7970faa95

HTTP Headers

GET /parsonsmaize/abilene.js?gcb=195-3&cb=30 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Thu, 02 Nov 2023 02:38:12 GMT
cf-cache-status: HIT
age: 2350187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVYGP%2FwwFIfVkGpCzkK1bBvZMvBknbvR8DpBSoHyf8p%2FUGdAd%2F9ra48r6r369Vopn9wrCzjo8ICWWygiTNnJPo6c4oCets%2FCwoEOOozd4%2FBOnFeUVCC8yUYjhYrrOxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcd48da6101-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.ezodn.com/detroitchicago/tampa.js?gcb=195-3&cb=5

172.64.136.15

200 OK

976 B

URL GET HTTP/3
go.ezodn.com/detroitchicago/tampa.js?gcb=195-3&cb=5
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (994), with no line terminators
Size
976 B (976 bytes)
Hash
13719da55048e80ce68e4602f1e8eb67
146d1c030cad4d40a539955c8a89d64ab0a6da09
22331335ec41b0f167e358147ecda6eda4a20a02a5f92bac490be31d9145fef1

HTTP Headers

GET /detroitchicago/tampa.js?gcb=195-3&cb=5 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Thu, 02 Nov 2023 02:14:35 GMT
cf-cache-status: HIT
age: 1841767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpCnUJRsk7TEXCHuTzoicYct11wT%2B4d37aE0qT0ANXzKiiFo5LToEm4Nkt7qDfghKoOjGt9%2FeQEJOdCiZw%2BSj8w7a1NsAe%2FR2NyNRcFF%2BAkVidEmQUF%2BWIjwI%2FmCWTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcf1bf463de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

go.ezodn.com/parsonsmaize/olathe.js?gcb=195-3&cb=23

172.64.136.15

200 OK

2.3 kB

URL GET HTTP/3
go.ezodn.com/parsonsmaize/olathe.js?gcb=195-3&cb=23
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (2329), with no line terminators
Size
2.3 kB (2255 bytes)
Hash
8d5abee3682afa8a424e0d39def3e899
e96fd9db87b8b444e3a804e257b025354af0e4c0
0a9e538228d8a3491f1032595c6a36c974f6a856700b7cb30817357a8389a5f1

HTTP Headers

GET /parsonsmaize/olathe.js?gcb=195-3&cb=23 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Fri, 27 Oct 2023 21:36:32 GMT
cf-cache-status: HIT
age: 2350078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kBXlTOcJFGF6oHrbzfQVS2YRAC%2FBPPe5xOs2J11HSAZJzyzrCOMd9j7Qn8yGoKPFlgc8dUzZHSE2ozVu0%2Bd7dRQ%2BmRaiitreo9quhld2JPwtKjpCv9COyGQTsKfjN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcffd2563de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.mediafire.com/images/icons/svg_dark/check_circle_green.svg

104.16.114.74

200 OK

444 B

URL GET HTTP/2
static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (468), with no line terminators
Size
444 B (444 bytes)
Hash
2a37354dd0164f536ea3ba32da2b9ad9
c2eef6193cb66e8dae4be9db8444a8f4e918d5db
123a827694b569700831a715fc0d06002f1eeee93b40c116033e65b0590ae17f

HTTP Headers

GET /images/icons/svg_dark/check_circle_green.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-1bc"
access-control-allow-origin: *
cf-cache-status: HIT
age: 924
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca3e780afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

142.250.74.136

200 OK

240 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (7711)
Size
240 kB (240017 bytes)
Hash
e363e47d6b35627c27a46079e191f64b
2f780afe39a9893d13738ba1a1cafad612e4c652
2254fa102d601ec63c8de14b934dc1adf65f3015904474fa3a05080eb2c5dbb1

HTTP Headers

GET /gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 14:51:41 GMT
expires: Tue, 05 Dec 2023 14:51:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.mediafire.com/images/backgrounds/download/additional_content/continent-na.svg

104.16.114.74

200 OK

51 kB

URL GET HTTP/2
static.mediafire.com/images/backgrounds/download/additional_content/continent-na.svg
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (36058)
Size
51 kB (51223 bytes)
Hash
8a6bb43720e9c07a6e5b74dcc7d78158
1ae8cd3e377442ed336b7df216370e91dc5d1360
05cfe92d9794a54258a19bfec7ae0faa73f61b66416983136594b4f95bb114dd

HTTP Headers

GET /images/backgrounds/download/additional_content/continent-na.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:40 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-c817"
access-control-allow-origin: *
cf-cache-status: HIT
age: 13606
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d1bca5e9a0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googFooterTranslate

216.58.211.14

200 OK

90 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googFooterTranslate
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with very long lines (2462)
Size
90 kB (90223 bytes)
Hash
3d8b6d70ecaccd06935d9ec8b50b34fb
8676f529ed2578848ea12f1ae1e97f99e37657da
51d3cff43e6690f89b72d450224db830ee5da8211c6cf71af89dc2c8eaf54bdb

HTTP Headers

GET /translate_a/element.js?cb=googFooterTranslate HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 14:51:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+828; expires=Thu, 04-Dec-2025 14:51:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/830d1bc4f9950afa

104.16.114.74

200 OK

0 B

URL POST HTTP/2
www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/830d1bc4f9950afa
IP
104.16.114.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerSectigo Limited
Subject*.mediafire.com
Fingerprint8B:FA:81:04:17:18:84:C4:3E:8E:D5:89:AD:D6:5D:BD:9A:DF:84:DA
ValidityMon, 18 Sep 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/830d1bc4f9950afa HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12238
Origin: https://www.mediafire.com
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Cookie: ukey=7r8fcgxhq0a43j5km86vwbp4fnh9xdvm; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-51%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22s6c8uxqo4es5e6w%22%2C%22mf_term%22%3A%221b7932a44994834384b10c5650eb2a7b%22%7D; __cf_bm=fZ.dr0_iaK6hbqTM3Cpjqa48LyefHjkGuG51ZOL.hxc-1701787899-0-ASZKYPggVYBOAmimkyxdg9iLamM4RZ2xT1epcg4gK6RyN1J7+70XAS6ZEKBCrTxgkCo7sDNzrrE8AJ+L+uOH8tw=; ezoadgid_484470=-1; ezoref_484470=; ezosuibasgeneris-1=6f0d57f1-bfc6-4fd5-40cc-5b5e38a1a3bf; ezoab_484470=mod245-c; lp_484470=https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file; ezovuuidtime_484470=1701787900; ezovuuid_484470=e86ce677-3d4f-467e-715c-a7fa8504fa55; active_template::484470=orig_site.1701787900; ezopvc_484470=1; ezepvv=0; ezstandaloneuser=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=UrqTzrO0S5tRK6OvThoFkRwSQPxjox87NoB4HRRPUD4-1701787901-0-1-730ca2d2.57dbd4fb.240dfd32-0.2.1701787901; path=/; expires=Wed, 04-Dec-24 14:51:41 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 830d1bce5adc0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

go.ezodn.com/detroitchicago/raleigh.js?gcb=195-3&cb=6

172.64.136.15

200 OK

1.4 kB

URL GET HTTP/3
go.ezodn.com/detroitchicago/raleigh.js?gcb=195-3&cb=6
IP
172.64.136.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mediafire.com/file/s6c8uxqo4es5e6w/ch3@tHUB.zip/file
Certificate
IssuerLet's Encrypt
Subjectezodn.com
Fingerprint7D:0C:FB:EF:D5:25:9B:14:0C:BE:C7:71:E6:72:F5:C8:00:34:D7:CB
ValiditySat, 28 Oct 2023 15:00:44 GMT - Fri, 26 Jan 2024 15:00:43 GMT

File type
ASCII text, with very long lines (1426), with no line terminators
Size
1.4 kB (1404 bytes)
Hash
65a3ec6f8a1a6f92e5fc5ee16dfb62bd
31e624fbd5e5ff7fdfebe52f628244ee8ab8acc1
b996dfc253749d85b478e6e0f72fce92b0d66867f717e47a01a81be20070764b

HTTP Headers

GET /detroitchicago/raleigh.js?gcb=195-3&cb=6 HTTP/1.1
Host: go.ezodn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 14:51:41 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Fri, 27 Jan 2023 13:11:08 GMT
cf-cache-status: HIT
age: 3055333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umh4HBAygrb2hpLFYMEf4g7aH9ATROdspMck8LdFTSlbabsvEdfHhlhOxjznvY3GBBmMNIF%2BbAKhj0ivPYwgm%2B5L247O2d1AVP%2FUrUWajnV8UNNXAx9TwWh91men8WM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d1bcf1bed63de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (55)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash