ibf.tw/zy5Zs
104.143.10.167302 Moved Temporarily 154 B IP 104.143.10.167:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /zy5Zs HTTP/1.1
Host: ibf.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 24 Mar 2023 19:29:32 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://ibf.tw/zy5Zs
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Fri, 24 Mar 2023 22:16:14 GMT
Date: Fri, 24 Mar 2023 19:29:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14923
Expires: Fri, 24 Mar 2023 23:38:15 GMT
Date: Fri, 24 Mar 2023 19:29:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8614
Expires: Fri, 24 Mar 2023 21:53:06 GMT
Date: Fri, 24 Mar 2023 19:29:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 19:15:17 GMT
content-type: application/json
age: 855
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wwJAlWsrLI00S990VXZF2hRlSW92l6yWjgJLC4NLldv4WeJ8mJnoc2da6Bshg9Q+s6NyjHjsuyE=
x-amz-request-id: Q2AXSVHV26D0M1AB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 19:00:28 GMT
age: 1744
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 19:29:32 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 883bf262f4c754ae3d258776fd3d272d
eae2bba51bbc9e241a4c5d5312806bd7f1d4db35
73255af14153ba25069d0afc1566bc934e41f0dbce0023f238a5b66ee4e048f3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 00:37:46 GMT
Expires: Fri, 31 Mar 2023 00:37:45 GMT
Etag: "eae2bba51bbc9e241a4c5d5312806bd7f1d4db35"
Cache-Control: max-age=536292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad152d38ba60b59-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 19:14:33 GMT
age: 899
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ibf.tw/zy5Zs
104.143.10.167301 Moved Permanently 0 B IP 104.143.10.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zy5Zs HTTP/1.1
Host: ibf.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 24 Mar 2023 19:29:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=c112dde5568470da809cfcb3e56abd43; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://cuti.cc/yYOXg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 65787ce7e279dba04eb25e455d79a64a
0342db8a7c4f968308d02981a6021a4ea5ba7876
b514e5dfce2b422f6426f00cf68b919763fb242fd49cdc79a0f15714c677aa97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B514E5DFCE2B422F6426F00CF68B919763FB242FD49CDC79A0F15714C677AA97"
Last-Modified: Fri, 24 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16901
Expires: Sat, 25 Mar 2023 00:11:14 GMT
Date: Fri, 24 Mar 2023 19:29:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10710
Expires: Fri, 24 Mar 2023 22:28:03 GMT
Date: Fri, 24 Mar 2023 19:29:33 GMT
Connection: keep-alive
cuti.cc/yYOXg
95.217.106.84302 Found 578 B IP 95.217.106.84:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 008ef1ec30de7b7653d5e5699cd1d3c3
79ed120be9a112764dc7d71b85c718dfb82b13b9
774e5063fec997bb2dcc65caebde20b41e9a85c4032828d28e9dd3c65dd07dc0
GET /yYOXg HTTP/1.1
Host: cuti.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 24 Mar 2023 19:29:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: clid=25847328; expires=Sun, 17-Mar-2024 03:29:33 GMT; Max-Age=30960000; path=/
XSRF-TOKEN=eyJpdiI6IlA2c1pvRWJDcTdlK2luQjgvRVEzQXc9PSIsInZhbHVlIjoianZBa3h4R3lIV0ZERHMxSi8zRzhGN2JqTy8rbkdHMzJzVGN2SzAxMFlkd1VqVUVkazBXVUM3MHhub3QvUXdoYWRKdVBQUHhxdVFXSjVjakppOVBzQTg4K2Z1NDdSbHUrZ29zcWtBdVR6U01SV21MNVhFWGt1ZERmYk5TQndFbEgiLCJtYWMiOiJiZmY5ZjUwMjFhMTQ4MmY2ZDMzMGM1ZTMyMzBjYjA5YWFhNGY1MmI2YzZmY2MxNGQ0Mjg1MDA0ZTM1ZjYxYmFlIn0%3D; expires=Mon, 18-Mar-2024 12:49:33 GMT; Max-Age=31080000; path=/; samesite=lax
cuti_session=eyJpdiI6ImsxOEF6NVJINXVXamJKZ09veCt4M0E9PSIsInZhbHVlIjoiNERrS2xhaXBSaEp4QXIvdG9kakFIay9GZklEQUFaTDFGWG5aNG1XNGMramRxVGFFUVJxamN6akRvNS8rMFpvOE54dDZXZVVEK0MxektvcW5FbVhNaXBUVXJKTXhwSkMwYVBOQXlFa25vay9HMXVJMVNxd09Tc3VsT1ZNUnV4K0EiLCJtYWMiOiI2YWY0ZWU0M2QzOWI1ODYzZTVmNDk4Mjc0NzViNzhkYWQwZWE2NDJhZmJiOWJjM2IwNzUyNmYxYTNiNzI1NTRjIn0%3D; expires=Mon, 18-Mar-2024 12:49:33 GMT; Max-Age=31080000; path=/; httponly; samesite=lax
qyHzbgvdzR3kAwK1fzN5efQ97r6aGZ04GM7M590G=eyJpdiI6InU0UXdJaStnSzg5ejVoTUJnalVBWmc9PSIsInZhbHVlIjoiWjRuT1U4Y2lIWjY5blJoclZoeWM5QkxRc0d3TXQ2eTkybGo4WENJMThmVFg0R2xyeFVWZDE4ZXNqcU9QUkJKS2xZWXJDYkdBRnAzUVhHc2lLb2o4aGwzZmJaU1d1TUlaeHdkcXJuNDZDOWZjb0dyem00V1BFRUtIZlJ3SG5tZW05MkZsV1pGeHlhL0l1ZXVuMGF4T29vMUg0bWFBY3ZUUmJkVGRMYnVJZGpRbm1Ba3dJblkyRllNN01WUDdKNHhNN2tSVXVJWCtsS0JrNytta2Q2R0lJNHhIOTV5VnozYlBFS3hob29JUXh1RVE1enh5aWEzY0t1M1p3ZmNVd3B1dm1KMkM2MW1mcXFGN1krNE9iUXdmOGNoNTNUV1R4Qit1UEVkd2I1WFBjY2d6OWpGZm44TDNPU1BaWWVjZVI5L0Jibi9aOXNVVXd5SlRpSWIrMFVWczVDamdGejlaS3oyNXYrYlZrdU4zcThzd0NKWk1vSFRKSE16QSt5WnhLR3RaSm9sQ041R2JKMzFnQkFTSm9ZTHU3dz09IiwibWFjIjoiYjBmMjk5M2Q3NjU2ZjVmZTBmMzgzODBhMWM4YzI4ZGQ3YmEyN2FlOTVmNjRlNWM3ZGQ1MTBjYmQxZGFhY2JlMSJ9; expires=Mon, 18-Mar-2024 12:49:33 GMT; Max-Age=31080000; path=/; httponly; samesite=lax
Location: https://href.li/?https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
Strict-Transport-Security: max-age=31536000;
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a02d56b1b18e383b8096b80924f6e461
85e51394f61c03bcb17892db7b9fed2b8c0a5ab2
87dc0339eedc4692d9d6e6d26bb906b4bd1307d1a7c4467ffd9d88ae336a0994
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87DC0339EEDC4692D9D6E6D26BB906B4BD1307D1A7C4467FFD9D88AE336A0994"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8955
Expires: Fri, 24 Mar 2023 21:58:48 GMT
Date: Fri, 24 Mar 2023 19:29:33 GMT
Connection: keep-alive
push.services.mozilla.com/
54.186.109.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.109.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AiYWCtDGEJJihkhUJpWDJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4b3L1TO8HgZl9Ew8qQCzzyi26oc=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ca3a2cc88f5c8a7669812ec7af0e14bf
fbb85820ada745d1e030c13874f96b14f8544884
d61b12522a039a526703bd7f747ae3614b660f1bc001044585c3c72907568d83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.mediafire.com/images/filetype/file-zip-v3.png
104.16.53.48200 OK 1.9 kB URL HTTP/2 static.mediafire.com/images/filetype/file-zip-v3.png
IP 104.16.53.48:0
File type PNG image data, 43 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash a23b8b7059e953fc1b74bf87a77ebb0c
f23e0ad301389083104f04d4164fa57423387b17
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
GET /images/filetype/file-zip-v3.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/png
content-length: 1872
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-750"
expires: Sun, 23 Apr 2023 14:54:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 13376
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dbdef1b511-OSL
X-Firefox-Spdy: h2
www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
104.16.53.48200 OK 95 kB URL HTTP/2 www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
IP 104.16.53.48:0
Hash 7f0e43ccc5782347ec3fcab9234d201f
cb1bba7778b55739ee636dd40fa0cbdc4f7f01b4
2682628273f4aaa359f11a4a7d3d750e46a1222d14f9c218e55456e9615bbba0
GET /file/bqehunqn1bjfhx7/Fivem_hack.rar/file HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:33 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: 0
pragma: no-cache
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
set-cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; expires=Tue, 24-Mar-2043 19:29:33 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly
ad_count=1; expires=Fri, 24-Mar-2023 19:59:33 GMT; Max-Age=1800; path=/; domain=.mediafire.com; HttpOnly
conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; expires=Sun, 23-Apr-2023 19:29:33 GMT; Max-Age=2592000; path=/; domain=.mediafire.com
__cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=; path=/; expires=Fri, 24-Mar-23 19:59:33 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad152d97bbbb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
104.16.53.48200 OK 181 B URL HTTP/2 static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
IP 104.16.53.48:0
File type PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Hash 78226526732869add09512e9b4be3090
f1ce9c760e17e69509cabe114392a108a6c839bc
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
GET /images/backgrounds/download/social/fb_16x16.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/png
content-length: 181
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-b5"
expires: Sun, 23 Apr 2023 15:02:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2299
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dbef0db511-OSL
X-Firefox-Spdy: h2
static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
104.16.53.48200 OK 583 B URL HTTP/2 static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
IP 104.16.53.48:0
File type PNG image data, 112 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash e0abc4fea89d2c5153b73cd02ac5ba13
00465ef774805c82fb5b8a40b743f7b1a1d1a7d6
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
GET /images/backgrounds/footer/social/footerIcons.png HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/png
content-length: 583
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: "62deda56-247"
expires: Sun, 23 Apr 2023 16:56:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 5791
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dbef0eb511-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-829541-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-829541-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 0e8fb383b6778efb5faea63ab3b627d6
eb33f594728f7cb38eeaffa8971784a96a957d0d
d984273eebfafaa5d15104263e6303afac64c8f73d7a0dc4bb6e3a3ff26900dc
GET /gtag/js?id=UA-829541-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 Mar 2023 19:29:34 GMT
expires: Fri, 24 Mar 2023 19:29:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 24 Mar 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-53LP4T
142.250.74.40200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-53LP4T
IP 142.250.74.40:0
File type ASCII text, with very long lines (26680)
Hash 02b4c238b931c746e1c83a25380bafd0
6a8d4914eb998b3c6abdbc02c7befd3800b59c2d
5540b3ba2be4571300646d88da04373fbe260433c9f226c97755f61e8e460590
GET /gtm.js?id=GTM-53LP4T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 24 Mar 2023 19:29:34 GMT
expires: Fri, 24 Mar 2023 19:29:34 GMT
cache-control: private, max-age=900
last-modified: Fri, 24 Mar 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.mediafire.com/js/prebid5.17.0.js
104.16.53.48200 OK 81 kB URL HTTP/2 www.mediafire.com/js/prebid5.17.0.js
IP 104.16.53.48:0
Hash 17fe306dabbfcc5c5b3fe164cf847c6c
e9647f3264e15d5c291f0d378c9887983a2bf7a4
498be5eed8e903c09977772b3aebb430c541a0f390cc72795cd5ff6c0f5e731b
GET /js/prebid5.17.0.js HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=269036
etag: W/"62deda56-41aec"
expires: Sun, 23 Apr 2023 17:42:54 GMT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3322
server: cloudflare
cf-ray: 7ad152dbbeaab511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.mediafire.com/images/icons/svg_light/icons_sprite.svg
104.16.53.48200 OK 8.4 kB URL HTTP/2 www.mediafire.com/images/icons/svg_light/icons_sprite.svg
IP 104.16.53.48:0
Hash 5fb606be3e57715ec036d249403f754a
231384189cff7c6118fe7858168aa94fd469a58c
859f49f6bb08995bb7a7b911b3e3c5dec60d785e540aa474e7407d176bd1569c
GET /images/icons/svg_light/icons_sprite.svg HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
etag: W/"62deda56-90ab"
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
cf-cache-status: HIT
age: 933
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dbef00b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
104.16.53.48200 OK 1.6 kB URL HTTP/2 static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
IP 104.16.53.48:0
Hash 90e9061fd800453ea171aff9e99455e4
14d04d9fdd6549f2e02dd3ba6aef4fa7fa4d9855
333c2f8bd480430bf0b41d1aa1008a2b6d4d9ce2bf05fcacc9b74dd33922da45
GET /images/backgrounds/header/mf_logo_full_color.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
etag: W/"5813cfb2-d1d"
access-control-allow-origin: *
cf-cache-status: HIT
age: 407
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dbdeebb511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4689
Cache-Control: max-age=119612
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Etag: "641d1809-1d7"
Expires: Sun, 26 Mar 2023 04:43:06 GMT
Last-Modified: Fri, 24 Mar 2023 03:24:57 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: MqraKcX686o8NTK5V8NbeeuQQqqjArvYqqihuwQkgQd+RrBLS6/OROVZR1/U+kSSYyWP+WWO1JovKk9W7m6JnQ==
content-length: 0
date: Fri, 24 Mar 2023 19:29:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash d3ab4f1f98525ae09f1c7d0b314b8824
a8a3cda46cadbceddc9809b77e52f035a567d436
8b718fb9618c87fa36e90072404aae9bca80951fcaa6b606cfb1d82b6b34bf4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5511
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Last-Modified: Fri, 24 Mar 2023 17:57:43 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6487
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Last-Modified: Fri, 24 Mar 2023 17:41:27 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
static.mediafire.com/images/backgrounds/download/additional_content/continent-eu.svg
104.16.53.48200 OK 9.2 kB URL HTTP/2 static.mediafire.com/images/backgrounds/download/additional_content/continent-eu.svg
IP 104.16.53.48:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (14862)
Hash 681051248d85df050096953531cf9f13
02b00873bffb2f20542bd704b3d7cb1a4dfcc2fe
5bee227a56f449d2d198fec7f9370813e209f30cb176dc4f38e6e7ba3a3d6b13
GET /images/backgrounds/download/additional_content/continent-eu.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-5ca3"
access-control-allow-origin: *
cf-cache-status: HIT
age: 3590
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dc6fc7b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10524
Expires: Fri, 24 Mar 2023 22:24:58 GMT
Date: Fri, 24 Mar 2023 19:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10524
Expires: Fri, 24 Mar 2023 22:24:58 GMT
Date: Fri, 24 Mar 2023 19:29:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dec32753be0f9671f98f8a964d40ef96
7bc2243c85aaff70a624eb1405ca4c57d22d86a7
af6efcab4e391eb284faa960961f28544662749e9654efc3e5e0e209d3717797
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 19:45:29 GMT
Expires: Tue, 28 Mar 2023 19:45:28 GMT
Etag: "7bc2243c85aaff70a624eb1405ca4c57d22d86a7"
Cache-Control: max-age=345953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad152dd2d5a0b59-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10524
Expires: Fri, 24 Mar 2023 22:24:58 GMT
Date: Fri, 24 Mar 2023 19:29:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:16:43 GMT
age: 76371
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MOdi4IjE6ooc_bhXhjI2pikpJfBxxg7kS8qHmvDRZD169vLef4FKYw==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 78423
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 60VbucTVJnuo0rLzrTvbdbQOIMQmhDMQT8st-Y49_plnM_akqw_V4w==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:14:47 GMT
age: 44087
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 06:10:34 GMT
age: 47940
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04db6085e8ec938c1385fb33b32ae036
0f173b8971723ec380a9610b3dda8f64890f6f37
873d5942c34057339f7a9c53a9d4cdc3a0b82f01223f851898da0ebbe0a628bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7482
x-amzn-requestid: 843e4bba-1550-44c4-be10-dd333148f83d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHxFuuIAMFvmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-03f5d2675850409e70748490;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i3f56KYdhzWqiBtE9-vSMBC17mWa0qZfxQb3AmHcNvApYKse8O3DdQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:25:14 GMT
age: 75860
etag: "0f173b8971723ec380a9610b3dda8f64890f6f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 7643572ffbf17a5c8956d0a964d6cfe4
ce1ab416a0c50c372379007e024b00b25346538f
7222a93ecc281a8d9a3d1f71222a16a5198cb2a3f68e7f932f22d2df6fdd65aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8385
x-amzn-requestid: 7b1e47a8-7adb-48d9-9b0e-036305a77957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbmGJsoAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-2e4e7a3b14bfce4210def298;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 61beGZuZOIgOsG91c3VjhfcAEk4jwLQ1wyZ8OufNOLMkPwRSCcHo7Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 04:34:28 GMT
age: 53706
etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
54.230.245.107200 OK 22 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
IP 54.230.245.107:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 660c3b546f2a131de50b69b91f26c636
70f80e7f10e1dd9180efe191ce92d28296ec9035
fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9
GET /libs/amplitude-8.5.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 22154
date: Sat, 07 Jan 2023 01:33:03 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
etag: "660c3b546f2a131de50b69b91f26c636"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ec8tcnJJQfbEMsGwqgcTadJsb4vjcgVmXpopAsYKosQDscOBA67XeA==
age: 6630992
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mediafire.com/favicon.ico
104.16.53.48200 OK 1.9 kB URL HTTP/2 www.mediafire.com/favicon.ico
IP 104.16.53.48:0
Hash 59c275b5e70b054d1287f4c2d5ed45d1
d6afa2719227fe446397882d9b8e7dd1c975eb0f
6a93bdbb3e15607440a49f0c92c31570a27c2d0318dd064218dfa18dcc5633bc
GET /favicon.ico HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=2592000
etag: W/"62deda56-2a46"
expires: Wed, 19 Apr 2023 15:33:30 GMT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
cf-cache-status: HIT
age: 359603
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152df4ba8b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.211.6200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.211.6:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 19:26:50 GMT
expires: Sat, 25 Mar 2023 19:26:50 GMT
cache-control: public, max-age=86400
age: 164
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39604)
Hash e47926ec728e7bde0a0ef3cb507cbb07
ba1fb69a811f4a4b6dcbe9ae5f3ef621d88db546
f1e1031625429c03b73f8e1438e26b8a04f69ef678e4a0cec239367eb23989a4
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27476
date: Fri, 24 Mar 2023 19:29:34 GMT
expires: Fri, 24 Mar 2023 19:29:34 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1521 / 586 of 1000 / last-modified: 1679656102"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35cd7a5cd81e754cc3eeee790b256d66
c2a1720c701d6828742ef283bd6ce8ea5a439c68
0f37de80a2984b67ff881ef5dccb772374fc71a33edf041efff64882a626ba3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ac8d4dabc0044d3f9300e6f09b86bc68
331a761e7d051c94831a30254ca3ce25b2e7dd2d
05ef2753d9e9b8cd1f09c88eb1cc42ee88ffd4db561c9a05e069373c24112d60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts
IP 216.58.211.3:0
Hash dcaa07096ead90c9207b0b603cfca9d2
3a135a220ed6678aa567a1790dc1ea841a3d7ac1
aa38ea4f1861ddeb67a50b4884de5d89e50b94bc6f84e2f5b797afe108784b41
POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=
216.58.211.14200 OK 46 kB URL HTTP/2 fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=
IP 216.58.211.14:0
Hash 4962d0c5fac5755d75bbe17c60cd5ec5
93b17d631ed0eb7f6fcdaf4fb109f93876b996ae
0b1b72f5c1a22fd65080443ed2edd91aa38c698d2faac51494a0c8e3c7467417
GET /f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 19:29:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-b7UAyHWknY-izEPYBrDYkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a5974456d5b0e7b60127595d497e7105
301f44b5137d00ec286c36869a5ae233b6da8881
67e273220b1367d1001f870bdefca145c98dbf6cbe4d0c5e8dcb8f184018d5a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
142.250.74.67200 OK 4.2 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP 142.250.74.67:0
File type ASCII text, with very long lines (23228), with no line terminators
Hash 8f89ebd6757f0474347497a9545d3cc2
014d050331fcdbcff8cbf854b4c926286e0c104a
015111236a8db21de30b2af7d2d24221a9f358fe83137f4651707f4728043585
GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 02:39:09 GMT
expires: Fri, 22 Mar 2024 02:39:09 GMT
cache-control: public, max-age=31536000
age: 147025
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUO2689O
34.107.148.139200 OK 1.1 kB URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUO2689O
IP 34.107.148.139:0
Hash 8aa2cc57b95654f9ecd1e8e2ba22bcfd
12781efdeef08a614b904a6919d8830e25e642fb
14ba37be3b92f58146773f379561c6676516ab5391ad491b7e8452a80f4030d4
POST /rtb/prebid?cid=8CUO2689O HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2358
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Fri, 24 Mar 2023 19:29:34 GMT
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=Rj53M1i5M&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbqehunqn1bjfhx7%2FFivem_hack.rar%2Ffile&sid=uDhBGGIbHC&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=Rj53M1i5M&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbqehunqn1bjfhx7%2FFivem_hack.rar%2Ffile&sid=uDhBGGIbHC&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=Rj53M1i5M&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbqehunqn1bjfhx7%2FFivem_hack.rar%2Ffile&sid=uDhBGGIbHC&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Fri, 24 Mar 2023 19:29:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googFooterTranslate
216.58.211.14200 OK 28 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googFooterTranslate
IP 216.58.211.14:0
Hash bf9b3c1d938b9a687d11667449f76f80
356670659751569f4b85e26c5ca120fe64209f2f
f2436aadd8d7e3946a8c984ac500d3b7b96c0fc53a47ae43cd5effd7f4cc94dc
GET /translate_a/element.js?cb=googFooterTranslate HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 19:29:34 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+702; expires=Sun, 23-Mar-2025 19:29:34 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts
IP 216.58.211.3:0
Hash dcaa07096ead90c9207b0b603cfca9d2
3a135a220ed6678aa567a1790dc1ea841a3d7ac1
aa38ea4f1861ddeb67a50b4884de5d89e50b94bc6f84e2f5b797afe108784b41
POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 24 Mar 2023 18:05:11 GMT
expires: Fri, 24 Mar 2023 20:05:11 GMT
cache-control: public, max-age=7200
age: 5064
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main
142.250.74.170200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main
IP 142.250.74.170:0
File type ASCII text, with very long lines (1665)
Hash 028ffa7b57c1fd69787200d635396b46
5276fd8933eb26e281fc0963c7bb6045d76099f0
bbbf2f923f44c50acf39b245c42fc8cd32c387037a1adcbd2eced810c9db23ed
GET /_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75429
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 18:32:04 GMT
expires: Fri, 22 Mar 2024 18:32:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:32:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 89851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ee90ddfbbe80c960f79e4dc02fc0262b
94bce2b76308d2135544dfccf31bd0d9f88af4d9
ed01967238a15bca10092d62913e416eb931674b86469648973caa1d13912274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&gjid=623038980&_gid=431249016.1679686186&_u=YEBAAUAAAAAAACAAI~&z=761881104
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&gjid=623038980&_gid=431249016.1679686186&_u=YEBAAUAAAAAAACAAI~&z=761881104
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&gjid=623038980&_gid=431249016.1679686186&_u=YEBAAUAAAAAAACAAI~&z=761881104 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.mediafire.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 19:29:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 783710fc90ba7228f424eef85201d220
a8d04b8e6fc1c1d1f5e83896c27d7456d784ffa5
e16f2eedc064eaec34545449be5721b1cc3673517342499b29c0d52b93fa38d9
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 19:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 16:47:34 GMT
Expires: Tue, 28 Mar 2023 16:47:33 GMT
Etag: "a8d04b8e6fc1c1d1f5e83896c27d7456d784ffa5"
Cache-Control: max-age=602427,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 682
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad152e3ccde0b51-OSL
fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
172.217.21.170200 OK 5.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
IP 172.217.21.170:0
Hash 45eed8a036f4c6aac4b558f2840c5a1a
7d69f6b9857e967f88e38e424ca90db2b7276428
e74f268608c7db94b66825e77df8ffced73a982dc54d41018995334bad475297
GET /css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 19:29:35 GMT
date: Fri, 24 Mar 2023 19:29:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cf48841270b3c2c701416f889467dd82
16ed2bb81ccd7f4cec1e3977e02ef5a5f243467c
787f503afabac84b90c6573c8860d6bb0150c69f38b8e86825381e08816423aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60
216.58.207.193200 OK 12 kB URL HTTP/2 lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60
IP 216.58.207.193:0
File type PNG image data, 366 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash f232511b689198ef4eac18e967da3040
38d0f3381708819be8db2df251be3e391a5b0ecf
cf7137aae8e21d7b4a5d0a322b25dfc27c7a1e9b1a06bb4d5f813ef9e3459df3
GET /YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 12249
x-xss-protection: 0
date: Fri, 24 Mar 2023 18:47:38 GMT
expires: Sat, 25 Mar 2023 14:47:34 GMT
cache-control: public, max-age=86400, no-transform
age: 2517
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 32573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cf48841270b3c2c701416f889467dd82
16ed2bb81ccd7f4cec1e3977e02ef5a5f243467c
787f503afabac84b90c6573c8860d6bb0150c69f38b8e86825381e08816423aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.35200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
age: 32569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 608321b2d7d9f849b46e7fb22419d291
6d6d7ea8959a3ac466cbb69b5e08547ad1bc6207
da8bf75801fbc541fccc8c44d03b9ceba2f92bddeafe0c54f260072eabb28d81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 608321b2d7d9f849b46e7fb22419d291
6d6d7ea8959a3ac466cbb69b5e08547ad1bc6207
da8bf75801fbc541fccc8c44d03b9ceba2f92bddeafe0c54f260072eabb28d81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 19:29:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=2051406494.1679686186&jid=926296338&_u=YEBAAUAAAAAAACAAI~&z=198050371 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 19:29:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
216.58.207.228200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Fri, 24 Mar 2023 19:29:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b0ed7d316212efa2b3ef7d98d24b9125
2f2078419c164074981bb5451e5c8e0de4fe17ec
99584b096bb7545bb0fdd5f435b4444c7c3ad6c42a86844fb39ea8228bc6a21f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 19:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mediafire.com/cdn-cgi/rum?
104.16.53.48204 No Content 0 B URL HTTP/2 www.mediafire.com/cdn-cgi/rum?
IP 104.16.53.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 17583
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f9NADIJsAzujns0zfXPSsVcBPZxXTlsFghnSrkTUXn8-1679686174-0-AXWewOwIQZD1FzScm7rB8i/FoqybDi+CTzxH68l4poA9zl8C+8L5v3QdSDybxra2Q6uaoT7Dmep+1y8QpB0plU4SrvBoVt/Xp79NGFwatC+00trx3N1fHOdoXvLnWiVGytQTXNZ5jU9SQjvLmvMXlQLS6oP45NqAx7zcLcKt8wdv; amp_28916b=ArxjVkmgoafL8MtKOjC9qz...1gsahid0m.1gsahid0n.0.1.1; _ga=GA1.2.2051406494.1679686186; _gid=GA1.2.431249016.1679686186; _gat_gtag_UA_829541_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 19:29:35 GMT
access-control-allow-origin: https://www.mediafire.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7ad152e60cc4b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.amplitude.com/
44.232.29.10200 OK 7 B IP 44.232.29.10:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1025
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:35 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-641dfa1f-52a8b92635ffc476258782da
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=158936 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=40603
expires: Sat, 25 Mar 2023 06:46:20 GMT
date: Fri, 24 Mar 2023 19:29:37 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
2.18.172.23200 OK 8.3 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash 49f29f28564961999a667428b0179879
cc53102c8ac734e7456fc911599cfa182bac4bb1
3b7810d61d542d1d29bc94f53d94b9427a715b772a1aed16b66a26531fbf34e9
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 26 Mar 2023 19:29:37 GMT
date: Fri, 24 Mar 2023 19:29:37 GMT
content-length: 8256
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.189.115200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.189.115:0
File type ASCII text, with no line terminators
Hash ce4b876188211097479c438ca23e8ceb
e57ef8f5fc6fb7355a3a4481e6b78b08473d3f93
2c30460a96d8489ba635fc68afd827480562f34361dc9a42799ba03cc757b436
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Thu, 22 Jun 2023 12:19:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 24 Mar 2023 19:29:35 GMT
content-length: 60
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=89DBC00F-6560-4F91-B48C-A45F62AE280D&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 1.2 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=89DBC00F-6560-4F91-B48C-A45F62AE280D&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524)
Hash 7c70aea633e18f4d17bc5eb849a4baf5
c19f55c3af52c108f8961a3259fd9b1bb8d7c34e
a5d2ac24ea64c480dc8ad42048a10ef471dcc9fce2089b458e64f656935e0181
GET /AdServer/SPug?o=1&p=158936&sc=1&u=89DBC00F-6560-4F91-B48C-A45F62AE280D&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 19:29:36 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
btloader.com/tag?o=5678961798414336&upapi=true
172.67.70.134200 OK 0 B URL HTTP/2 btloader.com/tag?o=5678961798414336&upapi=true
IP 172.67.70.134:0
GET /tag?o=5678961798414336&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"a7f0de4aab51739f3da1c0e985cfb479"
last-modified: Fri, 24 Mar 2023 18:45:58 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdFLNE71xODej7Hjdm0q79vKXyXcUIrvVMw0yXRtQLcWa28L61NOcJP6lhLJAjeFldT8ynQY7EiYmN2%2FhxZU30emDJJbCL04mDKrhT8T1h74i%2F9EsZRyqNz77S89KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ad152dbbba70afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679673600
104.16.53.48200 OK 0 B URL HTTP/2 www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679673600
IP 104.16.53.48:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679673600 HTTP/1.1
Host: www.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: gzip
server: cloudflare
cf-ray: 7ad152ddb9b2b511-OSL
X-Firefox-Spdy: h2
static.mediafire.com/images/backgrounds/download/additional_content/world.svg
104.16.53.48200 OK 0 B URL HTTP/2 static.mediafire.com/images/backgrounds/download/additional_content/world.svg
IP 104.16.53.48:0
GET /images/backgrounds/download/additional_content/world.svg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Cookie: ukey=voh39tdn6kpndc5an63j89fu2872srqh; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22bqehunqn1bjfhx7%22%2C%22mf_term%22%3A%22c2aa411f4e3aa90a1fb038100555c580%22%7D; __cf_bm=f3buyW2ltK6JF2vFpGXz2Z_FJ4o3VIahEp_1k83zN.c-1679686173-0-ATdXUUVvVuTe2Lv96qHcAqJRuiTToMap1V0YfhDB1SfbmJPQGKnS9gK6W8l3VJT5fvobYLgIhAXIMpGLtP0rD2s=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
etag: W/"62deda56-23ce2"
access-control-allow-origin: *
cf-cache-status: HIT
age: 4435
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dc6fc6b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
IP 104.16.56.101:0
GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mediafire.com
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.3.0
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad152dc3c8db529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
104.19.215.37200 OK 0 B URL HTTP/2 cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
IP 104.19.215.37:0
GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/1.1
Host: cdn.otnolatrnup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mediafire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 19:29:34 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Fri, 24 Mar 2023 19:22:48 GMT
cf-cache-status: HIT
age: 281
server: cloudflare
cf-ray: 7ad152dc4be5069b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
href.li/?https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
192.0.78.27200 OK 0 B URL HTTP/2 href.li/?https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file
IP 192.0.78.27:0
GET /?https://www.mediafire.com/file/bqehunqn1bjfhx7/Fivem_hack.rar/file HTTP/1.1
Host: href.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 19:29:33 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: br
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2