Report - mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html

Report Overview

Submitted URL
mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
IP
67.222.134.147
ASN
#30277 DFW-DATACENTER
Submitted
2024-05-04 23:26:01
Access
public
Website Title
The Donnas American Teenage Rock N Roll Machine
Final URL
mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-04	738 B	423 B	192.243.59.20
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-03	730 B	1.3 kB	74.125.131.84
cdn.onesignal.com	3015	2011-09-10	2015-04-22	2024-05-03	417 B	10 kB	104.17.111.223
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16	2024-04-16	2.9 kB	3.5 kB	192.243.59.20
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-04	417 B	327 B	192.243.59.12
ssl.gstatic.com	unknown	2008-02-11	2012-05-23	2024-05-03	435 B	5.7 kB	142.250.74.67
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-04	1.5 kB	1.0 kB	18.185.9.67
arrearsdecember.com	unknown	unknown	No data	No data	481 B	898 B	192.243.61.225
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	415 B	87 kB	104.21.35.227
mediafiretrend.com	179287	2010-10-04	2013-05-19	2024-03-28	2.7 kB	22 kB	67.222.134.147
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-03	425 B	88 kB	142.250.74.168
questioningtosscontradiction.com	unknown	2021-09-13	2021-09-13	2024-02-05	1.4 kB	54 kB	192.243.59.20
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-04	338 B	942 B	143.204.53.97
plumberwolves.com	unknown	2024-04-29	2024-04-30	2024-05-03	486 B	467 B	172.240.108.68
apis.google.com	105	1997-09-15	2013-05-06	2024-05-04	4.1 kB	147 kB	142.250.74.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	plumberwolves.com	Sinkholed
2024-05-04	medium	arrearsdecember.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	unknown	619 B	2024-02-05	2024-05-05
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-02-05 06:04:40 Last Seen2024-05-05 01:26:08 Times Seen2 Hash 938a22efe8b8946c16d680081cfa3c3e e89fef20555be13fff0d34e670cb6c7c1fedd725 22f8ef5e92c634c53acdd4f4d42c119e3bf946566e81148b8c5b6979b9e40ae4 Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	71 B	2024-05-05	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 01:26:08 Last Seen2024-05-05 01:26:08 Times Seen1 Hash 6ca034d5e43501e730d641668d7d21d7 692c59685c7e3980198bf12b79575bfcb5c8d404 c7b096f65b26f0d43137fec416293ed060bd73103a29a48d755f468d7041b539 Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	125 B	2024-05-05	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 01:26:08 Last Seen2024-05-05 01:26:08 Times Seen1 Hash 7cd4084af6f2335a80f0c24eb0db29ad 00f452a7145666779fd319ebfa8297224a063a5c 6241a2c3a8241b3e0c182b868e7d627b7b0ef7760f33bc52116c1572e3e180f7 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	161 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 01:08:16 Last Seen2024-05-18 09:49:06 Times Seen232 Hash a07a0041143bc11d11c2fe0d37a5ded7 cb14b39ec6f8a362a08d1957af211d81f750d54d 233746b5d7f58579f0d5ea21e4907fdb5be5469f05dd7691633448aead77fc98 Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	465 B	2023-03-17	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-17 10:16:01 Last Seen2024-05-05 01:26:08 Times Seen5 Hash ec12b33bcf8ccdd82176071c29678145 be8fe4ed235317049aaf41f2f591bb13458141a5 a5c5b180cdd09263c78325fe45590fb19b31e6e56e28ed6d53483c0abf46e36f Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	282 B	2023-03-07	2024-05-18
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:42:09 Last Seen2024-05-18 00:34:02 Times Seen530 Hash b5138adee320c7ae47b72dab3167e9e3 7cebb9126c042eb28be7992a1f09e776ed70f9ac 3a8bcec777c30670b3cd623dbfd5682f0906f99bf5a41e84fa6a95856a02ec45 Loading...

	questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js	27 kB	2024-05-05	2024-05-05
Pretty URL questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:26:08 Last Seen2024-05-05 01:26:08 Times Seen2 Hash 753e28158207be761815fdba5a60ab6c 0a2891d091d04189533f45f224ec58f1546b0677 aa448dbd222d8606b132af54c9b18c3e75233700802f9b66b9a1df14f898ec2d Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs	66 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 10:05:23 Last Seen2024-05-18 09:49:07 Times Seen188 Hash 63e5a0b45632b3dde3694ffcaf0e3f7a 923736d0cdc308331d5cfaa0ea159bfedc83d53f 889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js	11 kB	2024-04-19	2024-05-18
Pretty URL ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 09:16:40 Last Seen2024-05-18 09:49:07 Times Seen210 Hash 40aaadf2a7451d276b940cddefb2d0ed b2fc8129a4f5e5a0c8cb631218f40a4230444d9e 4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2 Loading...

	www.googletagmanager.com/gtag/js?id=G-4908KN5GDY	246 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-4908KN5GDY IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:26:08 Last Seen2024-05-05 01:26:08 Times Seen2 Hash 9053af80fe42996d6a434dbf3301d42c ff32860e2999dad78023507d162f18330a2e5694 85d866b35980299f68ccd1cefe5af6ea7d6378947ab9443b638dc0204dc1c041 Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-18
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 10:48:23 Times Seen37781924 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	294 B	2024-02-05	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 06:04:41 Last Seen2024-05-05 01:26:08 Times Seen3 Hash ef6f8b744d1a879fa6edb46982aba9a7 b727a98411d3be247808c473c2b55f0753c919f7 46e9e93ba546000b2b9c2f40ab1fa9db1eb11ab8d0df184065de9542712aaf2c Loading...

	connect.facebook.net/en_US/all.js#xfbml=1	17 kB	2023-05-05	2024-05-18
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-18 10:46:50 Times Seen45632 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js	84 kB	2024-05-05	2024-05-05
Pretty URL questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 01:26:08 Last Seen2024-05-05 01:26:08 Times Seen2 Hash c0672bdad27a9d7d990035d6a8c18aa0 ed663b345b91bc918424d41d22373cf5e31ee644 a53180666401113539b4989a69bf062035fea2b820f016346797b582d54fa37b Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	153 B	2023-09-23	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-23 18:17:52 Last Seen2024-05-05 01:26:08 Times Seen4 Hash e1d2df3ed28a7af7662c7249d52871cc 1845c24938d55351991ac33953f9b9de0eeddd62 6af4c68349a3a326e2d575fa43eb6eca8583eeabde06048cc613893dfdae80da Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.2 kB	2023-11-28	2024-05-18
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.17.111.223 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 20:00:16 Last Seen2024-05-18 08:32:53 Times Seen3740 Hash a87c48d211877c49b878679b2e3cdab8 e75653dd0156806682e39abe8b1323ed40d840ca 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-05-18
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-18 10:46:50 Times Seen46181 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	15 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 10:05:22 Last Seen2024-05-18 09:49:07 Times Seen191 Hash 23a7ab8d8ba33d255e61be9fc36b1d16 042d8431d552c81f4e504644ac88adce7bf2b76f 127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5 Loading...

	questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js	31 kB	2024-05-03	2024-05-05
Pretty URL questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 00:34:36 Last Seen2024-05-05 01:26:08 Times Seen4 Hash 1aa981639ceebfca81a2633b10ce67d7 f2a50294f6cfa4e0bbd4c1d1bb2076a6e725970d c19180e72375358d5681a70f5c5d2f528b64ce9296de43233970c3341df90808 Loading...

	unknown	145 B	2024-02-05	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-05 06:04:40 Last Seen2024-05-05 01:26:08 Times Seen3 Hash 0bc9e035028ab4c49ec8396a213f6ef9 71295e67be3d5992f2bcd1c903ae5a9307f8a221 b75501f71ab07c6db688f961b4bef902cba22d075607943f302f957955425980 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs	102 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 18:10:08 Last Seen2024-05-18 09:49:06 Times Seen88 Hash 2194126651ec918368e1c172f3003494 44cbf3b9bd5ac4f5c95cfcc8ad31844ba9f67c48 f3bed417a7effbce45e190fabd36fba0d906f4d39a893231eaf61c0801d0fbca Loading...

	apis.google.com/js/platform.js	56 kB	2024-04-23	2024-05-18
Pretty URL apis.google.com/js/platform.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 06:22:45 Last Seen2024-05-18 10:28:25 Times Seen1866 Hash e66acfdb2f1dfcff8c6dba736dd4ab6d 36026360b6c8d750488ef2c739e04969f8c5bcd7 742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3 Loading...

	mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html	782 B	2023-09-23	2024-05-05
Pretty URL mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html IP 67.222.134.147 ASN #30277 DFW-DATACENTER Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-23 18:17:52 Last Seen2024-05-05 01:26:08 Times Seen3 Hash f12f67f9ee8d2b960af558d3ee65b177 61499e92007a0688103c7ca6be10d869d2e4eab4 1528956261666d38a18b25eca6709b1c9574093acd7d65b9dd55ea80fb8369f1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 713966641e00724303a5db1d1e9a33a2	124 B	2023-12-01	2024-05-05
Pretty Observations First Seen2023-12-01 13:52:37 Last Seen2024-05-05 01:26:08 Times Seen4 Hash 713966641e00724303a5db1d1e9a33a2 98185bb0ad6de130b590040ddde4114511d63cb9 2ebc218b1f1ec47fa5a07ed6bae975916b10296d59612fac89739fcc2dcae59b Loading...

HTTP Transactions (30)

URL IP Response Size

mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html

67.222.134.147

200 OK

7.4 kB

URL User Request GET HTTP/1.1
mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
IP
67.222.134.147:443
ASN
#30277 DFW-DATACENTER

Certificate
IssuerLet's Encrypt
Subjectmediafiretrend.com
Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA
ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1505)
Size
7.4 kB (7350 bytes)
Hash
76b610012adf3720574eb78160437426
9bbc24588b02fbc5c9ca87c6710dec1c8cae344b
e124eb283e121ae7e8f3d57ea4f001958bf02ba8683d3c956ff68328f10dc579

HTTP Headers

GET /t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

mediafiretrend.com/logo.gif

67.222.134.147

200 OK

5.1 kB

URL GET HTTP/1.1
mediafiretrend.com/logo.gif
IP
67.222.134.147:443
ASN
#30277 DFW-DATACENTER

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectmediafiretrend.com
Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA
ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT

File type
GIF image data, version 89a, 500 x 80
Size
5.1 kB (5126 bytes)
Hash
f586fd0c5e756fe823c92d85701d7362
5ca03518e3342a2577b73642efc736582d488b32
4e1e682b3780cfbc0342dd24a1b4cf06719347699518b732e5e1675b0b70bdf1

HTTP Headers

GET /logo.gif HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/gif
Content-Length: 5126
Last-Modified: Tue, 05 Oct 2010 17:21:52 GMT
Connection: keep-alive
ETag: "4cab5eb0-1406"
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-4908KN5GDY

142.250.74.168

200 OK

88 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-4908KN5GDY
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (87652 bytes)
Hash
9053af80fe42996d6a434dbf3301d42c
ff32860e2999dad78023507d162f18330a2e5694
85d866b35980299f68ccd1cefe5af6ea7d6378947ab9443b638dc0204dc1c041

HTTP Headers

GET /gtag/js?id=G-4908KN5GDY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 23:25:31 GMT
expires: Sat, 04 May 2024 23:25:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediafiretrend.com/images/default.png

67.222.134.147

200 OK

3.8 kB

URL GET HTTP/1.1
mediafiretrend.com/images/default.png
IP
67.222.134.147:443
ASN
#30277 DFW-DATACENTER

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectmediafiretrend.com
Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA
ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3802 bytes)
Hash
13dde164086eff66508817b64bbfcd0f
c8c0492a7a964e65fb3d36bffe701f9c6a138574
3b364ea83e229ed937f79079e8fb8f9fdd3f7199fcee4420357e724044d4c48a

HTTP Headers

GET /images/default.png HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/png
Content-Length: 3802
Last-Modified: Tue, 05 Oct 2010 15:47:39 GMT
Connection: keep-alive
ETag: "4cab489b-eda"
Accept-Ranges: bytes

mediafiretrend.com/images/multimedia.png

67.222.134.147

200 OK

4.5 kB

URL GET HTTP/1.1
mediafiretrend.com/images/multimedia.png
IP
67.222.134.147:443
ASN
#30277 DFW-DATACENTER

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectmediafiretrend.com
Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA
ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4533 bytes)
Hash
fd381d79b978def55cf4595f67a36d90
e67211c4076d3cb2b358dae1ec70a695ff6e55bf
1a4f5f292cdaf41be1429029e3eabe449038c752091dcff866a29946890bbc90

HTTP Headers

GET /images/multimedia.png HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:31 GMT
Content-Type: image/png
Content-Length: 4533
Last-Modified: Tue, 05 Oct 2010 15:47:38 GMT
Connection: keep-alive
ETag: "4cab489a-11b5"
Accept-Ranges: bytes

questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js

192.243.59.20

200 OK

12 kB

URL GET HTTP/1.1
questioningtosscontradiction.com/029df468b29833c6cbf3554e951d7c81/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectquestioningtosscontradiction.com
FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB
ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT

File type
JavaScript source, ASCII text, with very long lines (31299), with no line terminators
Size
12 kB (11818 bytes)
Hash
1aa981639ceebfca81a2633b10ce67d7
f2a50294f6cfa4e0bbd4c1d1bb2076a6e725970d
c19180e72375358d5681a70f5c5d2f528b64ce9296de43233970c3341df90808

HTTP Headers

GET /029df468b29833c6cbf3554e951d7c81/invoke.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 527bdf66fcff0641d1b8252c8790869d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js

192.243.59.20

200 OK

31 kB

URL GET HTTP/1.1
questioningtosscontradiction.com/dd/6a/42/dd6a421db78c65363347d1784b71968c.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectquestioningtosscontradiction.com
FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB
ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30626 bytes)
Hash
c0672bdad27a9d7d990035d6a8c18aa0
ed663b345b91bc918424d41d22373cf5e31ee644
a53180666401113539b4989a69bf062035fea2b820f016346797b582d54fa37b

HTTP Headers

GET /dd/6a/42/dd6a421db78c65363347d1784b71968c.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07e119107c06c6a9a594aaed13442c4b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
691c3f87e4fe41a736328d3c71e2dbdc
fd76f455b38ba18f00a6fb81e3585201eb3c43f6
8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 23:25:32 GMT
Last-Modified: Sat, 04 May 2024 22:02:54 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DrSnYm96zZz7LnTqSOd1iPJNE0zU3X5ZI05xTAQx6dscIphIxhypJA==
Age: 4958

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ee0ff9675a82fd95f7b3e7e45bed5dad
3d27872330abbdeffa7835d0386e0c62ffc2384d
89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1; expires=Tue, 02 May 2034 23:25:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js

192.243.59.20

200 OK

9.8 kB

URL GET HTTP/1.1
questioningtosscontradiction.com/987c5bcd322e84c5759937076ef7c99c/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectquestioningtosscontradiction.com
FingerprintAA:AA:12:97:CC:C1:41:64:82:82:0E:BC:52:92:54:A6:76:18:81:EB
ValidityThu, 02 May 2024 07:45:46 GMT - Wed, 31 Jul 2024 07:45:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26579), with no line terminators
Size
9.8 kB (9786 bytes)
Hash
753e28158207be761815fdba5a60ab6c
0a2891d091d04189533f45f224ec58f1546b0677
aa448dbd222d8606b132af54c9b18c3e75233700802f9b66b9a1df14f898ec2d

HTTP Headers

GET /987c5bcd322e84c5759937076ef7c99c/invoke.js HTTP/1.1
Host: questioningtosscontradiction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec31ccfa3aa714284667f36aaf3152aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ee0ff9675a82fd95f7b3e7e45bed5dad
3d27872330abbdeffa7835d0386e0c62ffc2384d
89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ee0ff9675a82fd95f7b3e7e45bed5dad
3d27872330abbdeffa7835d0386e0c62ffc2384d
89eca98a9f66240a17d665b69962fb7a45a6a3529d4c93feb1d7baa818b331e4

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mediafiretrend.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

plumberwolves.com/pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
plumberwolves.com/pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectplumberwolves.com
Fingerprint6D:DE:01:27:89:8F:15:87:1B:2B:A9:9D:4C:53:F3:86:98:0B:B5:F5
ValidityMon, 29 Apr 2024 13:10:37 GMT - Sun, 28 Jul 2024 13:10:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1999&rd=1999&fd=974&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: plumberwolves.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:25:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.profitabledisplaycontent.com/watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintF4:C1:8B:22:C3:5A:D9:C2:C4:6B:E0:3E:34:96:8E:99:A2:FE:86:0E
ValiditySat, 30 Mar 2024 06:41:06 GMT - Fri, 28 Jun 2024 06:41:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1385259060008.js?key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&tz=0&dev=e&res=14.2071&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1
Set-Cookie: u_pl=29748; expires=Sun, 05 May 2024 23:25:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTc0OCwiayI6IjAyOWRmNDY4YjI5ODMzYzZjYmYzNTU0ZTk1MWQ3YzgxIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjoxMjQ4NCwicGlkIjo2NjM1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsiNDciOiJhNGI5ZjBlNzA3YWVkNWE1MjI0MWQ0NThhMjkxMDcwNSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tZWRpYWZpcmV0cmVuZC5jb20vdC90aGUrZG9ubmFzK2FtZXJpY2FuK3RlZW5hZ2Urcm9jaytuK3JvbGwrbWFjaGluZSttZWRpYWZpcmUuaHRtbCIsImFyIjpbXX19.ZHaHeh4U-tpsMUtdRkB6_zeqtVXX0X4BEl4W1eL77O8; expires=Sat, 04 May 2024 23:26:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6366895feb8aec068c7a68a26469b32
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3779d42114004791a4683756f68257b4
Strict-Transport-Security: max-age=0; includeSubdomains

apis.google.com/js/platform.js

142.250.74.110

200 OK

21 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B
ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2050)
Size
21 kB (21303 bytes)
Hash
e66acfdb2f1dfcff8c6dba736dd4ab6d
36026360b6c8d750488ef2c739e04969f8c5bcd7
742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21303
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:25:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d8cc7aca923e8ade"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediafiretrend.com/favicon.ico

67.222.134.147

200 OK

198 B

URL GET HTTP/1.1
mediafiretrend.com/favicon.ico
IP
67.222.134.147:443
ASN
#30277 DFW-DATACENTER

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectmediafiretrend.com
Fingerprint9F:4E:12:17:E6:7B:EA:32:74:3C:B7:F4:61:67:F0:FC:80:FB:A4:EA
ValidityThu, 28 Mar 2024 10:01:58 GMT - Wed, 26 Jun 2024 10:01:57 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors
Size
198 B (198 bytes)
Hash
7d2fac9ec784802103b07df705aeefc4
d427cc62b7fc793ebc4b0e60cdecc73c462cd74e
5870d4b4a73c45ad0adae8ec77b4b6c129a7197c0462dde29f405f32e6cd5fe1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mediafiretrend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Cookie: _ga_4908KN5GDY=GS1.1.1714865132.1.0.1714865132.0.0.0; _ga=GA1.1.1347204119.1714865133; dom3ic8zudi28v8lr6fgphwffqoz0j6c=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1; pp_main_dd6a421db78c65363347d1784b71968c=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apache
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: image/x-icon
Content-Length: 198
Last-Modified: Fri, 16 Nov 2012 15:35:46 GMT
Connection: keep-alive
ETag: "50a65d52-c6"
Accept-Ranges: bytes

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

142.250.74.110

226 B

URL
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
IP
142.250.74.110:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B
ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:55:33 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

arrearsdecember.com/ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
arrearsdecember.com/ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectarrearsdecember.com
Fingerprint67:4E:90:04:8D:C3:35:EB:EC:61:DC:89:4F:B6:A9:A4:12:DB:B6:44
ValidityMon, 29 Apr 2024 08:44:16 GMT - Sun, 28 Jul 2024 08:44:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=987c5bcd322e84c5759937076ef7c99c&vstc=4 HTTP/1.1
Host: arrearsdecember.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14925896; expires=Sun, 05 May 2024 23:25:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b0ba705121abc99aa36813738abdb58
Strict-Transport-Security: max-age=0; includeSubdomains

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

142.250.74.110

200 OK

35 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (1586)
Size
35 kB (35323 bytes)
Hash
2194126651ec918368e1c172f3003494
44cbf3b9bd5ac4f5c95cfcc8ad31844ba9f67c48
f3bed417a7effbce45e190fabd36fba0d906f4d39a893231eaf61c0801d0fbca

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 35323
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:44:49 GMT
expires: Sat, 03 May 2025 07:44:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 142844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

56 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
56 kB (55813 bytes)
Hash
a07a0041143bc11d11c2fe0d37a5ded7
cb14b39ec6f8a362a08d1957af211d81f750d54d
233746b5d7f58579f0d5ea21e4907fdb5be5469f05dd7691633448aead77fc98

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 55813
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:30:04 GMT
expires: Fri, 02 May 2025 12:30:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 212129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintF4:C1:8B:22:C3:5A:D9:C2:C4:6B:E0:3E:34:96:8E:99:A2:FE:86:0E
ValiditySat, 30 Mar 2024 06:41:06 GMT - Fri, 28 Jun 2024 06:41:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1385259060008.js?dev=e&key=029df468b29833c6cbf3554e951d7c81&kw=%5B%22the%22%2C%22donnas%22%2C%22american%22%2C%22teenage%22%2C%22rock%22%2C%22n%22%2C%22roll%22%2C%22machine%22%5D&pst=1714865193&refer=https%3A%2F%2Fmediafiretrend.com%2Ft%2Fthe%2Bdonnas%2Bamerican%2Bteenage%2Brock%2Bn%2Broll%2Bmachine%2Bmediafire.html&res=14.2071&rmtc=t&shu=9beb541899d16c94db54100500d467705bfef2a63f1bc74227221169fdd45586faba151517bd3bba281548c9f74166e7d545cd7d07e0873f3eaed2b8578537ff8e5d6002ee11e997e7e6161d254e8f3a07ac650b9c29d91ab2061a0bfd4dc1&tz=0&uuid=585027d9-4b83-463b-aa82-82075137f65a%3A1%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mediafiretrend.com
Referer: https://mediafiretrend.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=29748; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTc0OCwiayI6IjAyOWRmNDY4YjI5ODMzYzZjYmYzNTU0ZTk1MWQ3YzgxIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjoxMjQ4NCwicGlkIjo2NjM1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsiNDciOiJhNGI5ZjBlNzA3YWVkNWE1MjI0MWQ0NThhMjkxMDcwNSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tZWRpYWZpcmV0cmVuZC5jb20vdC90aGUrZG9ubmFzK2FtZXJpY2FuK3RlZW5hZ2Urcm9jaytuK3JvbGwrbWFjaGluZSttZWRpYWZpcmUuaHRtbCIsImFyIjpbXX19.ZHaHeh4U-tpsMUtdRkB6_zeqtVXX0X4BEl4W1eL77O8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mediafiretrend.com
Access-Control-Allow-Origin: https://mediafiretrend.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=585027d9-4b83-463b-aa82-82075137f65a:1:1; expires=Sat, 11 May 2024 23:25:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbab678d3c480c9e9815e73febd3474c
Strict-Transport-Security: max-age=0; includeSubdomains

apis.google.com/js/rpc:shindig_random.js?onload=init

142.250.74.110

200 OK

5.9 kB

URL GET HTTP/3
apis.google.com/js/rpc:shindig_random.js?onload=init
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2054)
Size
5.9 kB (5908 bytes)
Hash
23a7ab8d8ba33d255e61be9fc36b1d16
042d8431d552c81f4e504644ac88adce7bf2b76f
127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5

HTTP Headers

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5908
date: Sat, 04 May 2024 23:25:34 GMT
expires: Sat, 04 May 2024 23:25:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9b77125b6924cb07"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

142.250.74.67

200 OK

4.8 kB

URL GET HTTP/2
ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (1915)
Size
4.8 kB (4846 bytes)
Hash
40aaadf2a7451d276b940cddefb2d0ed
b2fc8129a4f5e5a0c8cb631218f40a4230444d9e
4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

HTTP Headers

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:05 GMT
expires: Fri, 02 May 2025 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 12:07:43 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 249029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

24 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#rpctoken=735978027&forcesecure=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2124)
Size
24 kB (23473 bytes)
Hash
63e5a0b45632b3dde3694ffcaf0e3f7a
923736d0cdc308331d5cfaa0ea159bfedc83d53f
889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23473
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:59:06 GMT
expires: Fri, 02 May 2025 01:59:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 249988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unseenreport.com/pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=585027d9-4b83-463b-aa82-82075137f65a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=dd6a421db78c65363347d1784b71968c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 23:25:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 303a54d52c67a7c4a1054c4768a528b1
Strict-Transport-Security: max-age=0; includeSubdomains

accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

74.125.131.84

200 OK

566 B

URL GET HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type
HTML document, ASCII text, with very long lines (586), with no line terminators
Size
566 B (566 bytes)
Hash
68b04272a04aabe507686fa32fe1b59a
32b6f4d13f261040f7154eefc608c9cb07a8f5fb
e56c5305f7d6a1928fe598c4f7cc52bc94ba19e63efec240c23561ca3a5f41ef

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmediafiretrend.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 23:25:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-MYE-oiFog-WLHQZW03lpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.74.110

301 Moved Permanently

0 B

URL GET HTTP/2
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B
ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=Tall&origin=https%3A%2F%2Fmediafiretrend.com&url=https%3A%2F%2Fmediafiretrend.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 23:25:33 GMT
expires: Sat, 04 May 2024 23:55:33 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2a24919f265193e816ded6065556395d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 23:25:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=parFNqA%2Furq23cmPbovvj%2B%2Bx7Lsun7STckpLxFQfVGAhUqbEVRaumy4ZfFoQf2Ir228kuKESCcxHQV5avKFCw3d5mVNGFVKgw0da%2FCSoqPM%2BrLULJqDrwKmEpVHPKLEIHkA%2FNds2R7UCZw%2BAfsSiyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec40267aea56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.17.111.223

200 OK

9.2 kB

URL GET HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.17.111.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mediafiretrend.com/t/the+donnas+american+teenage+rock+n+roll+machine+mediafire.html
Certificate
IssuerGoogle Trust Services LLC
Subjectonesignal.com
Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70
ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT

File type
JavaScript source, ASCII text, with very long lines (9410), with no line terminators
Size
9.2 kB (9204 bytes)
Hash
5eb2adfca36be15c8d4a206576132abd
f507beb2560693723f4b360af70bfe9bd8bed534
6ad1aa44625325d8e975bccee776e9a60ae134d2de1cb8d98852de9f3109aa4a

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mediafiretrend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 23:25:31 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3430
expires: Tue, 07 May 2024 23:25:31 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=GUJHFqJqA0CDodmJYLhmgGOp4Nd1bIBw0.kbbRz268g-1714865131-1.0.1.1-GFbmHDmL_CmxQvcGYaMBfQ8rrNhDPu1ZvGzeE816.6bGuxqvKNf3Y.70pYncJIS.nhYI9jlvLD5Ee_MRVYTlQg; path=/; expires=Sat, 04-May-24 23:55:31 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87ec401ffd4eb4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL