Report - www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90

Report Overview

Submitted URL
www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file
IP
104.16.53.48
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-27 13:03:58
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	623 B	2.4 kB	31.13.72.36
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-29T07:32:24Z	670 B	1.7 kB	142.250.74.142
api.amplitude.com	1242	2019-01-27T16:02:28Z	2023-03-29T08:11:03Z	471 B	307 B	52.35.248.242
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	1.0 kB	2.3 kB	192.229.221.95
lh3.googleusercontent.com	66	2012-05-22T09:35:05Z	2023-03-29T05:20:57Z	505 B	13 kB	216.58.207.193
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	764 B	120 kB	142.250.74.40
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	58 kB	34.120.237.76
hbopenbid.pubmatic.com	455	2018-01-08T13:15:02Z	2023-03-29T07:14:59Z	469 B	227 B	185.64.189.112
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-29T08:59:28Z	340 B	964 B	172.64.155.188
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-29T06:01:47Z	373 B	21 kB	142.250.74.78
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	515 B	578 B	142.250.74.132
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	1.0 kB	175 kB	142.250.74.35
ads.pubmatic.com	469	2012-05-21T05:56:35Z	2023-03-29T10:35:49Z	511 B	6.1 kB	2.18.172.200
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	6.9 kB	59 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	745 B	630 B	142.250.74.138
cdn.otnolatrnup.com	50979	2019-03-11T16:12:14Z	2023-03-29T15:32:13Z	422 B	594 B	104.19.215.37
prebid.media.net	1256	2018-02-14T18:41:07Z	2023-03-29T12:48:36Z	456 B	558 B	34.107.148.139
static.mediafire.com	47565	2017-12-11T22:20:42Z	2023-03-29T16:52:40Z	5.3 kB	72 kB	104.16.53.48
cdn.amplitude.com	2911	2017-11-18T18:13:36Z	2023-03-29T08:27:19Z	415 B	23 kB	54.230.245.120
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	604 B	595 B	142.250.150.157
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
www.mediafire.com	30109	2012-05-22T04:29:38Z	2023-03-29T12:29:53Z	3.4 kB	184 kB	104.16.53.48
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-29T14:58:50Z	488 B	76 kB	142.250.74.170
image6.pubmatic.com	637	2015-10-14T12:06:42Z	2023-03-29T06:15:43Z	402 B	381 B	198.47.127.19
api.btloader.com	1320	2020-10-14T17:25:59Z	2023-03-29T11:20:30Z	1.0 kB	597 B	130.211.23.194
fundingchoicesmessages.google.com	2397	2019-01-16T16:59:52Z	2023-03-29T05:20:57Z	464 B	47 kB	142.250.74.142
securepubads.g.doubleclick.net	190	2013-05-31T06:19:39Z	2023-03-29T08:51:48Z	380 B	28 kB	142.250.74.130
contextual.media.net	513	2012-05-21T09:20:31Z	2023-03-29T13:38:36Z	955 B	8.6 kB	2.18.172.23
ad-delivery.net	1341	2017-06-22T07:33:30Z	2023-03-29T12:40:43Z	789 B	2.6 kB	104.26.2.70
btloader.com	169057	2020-10-22T22:38:52Z	2023-03-29T14:27:06Z	382 B	7.0 kB	188.114.99.234
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-29T10:47:08Z	457 B	7.9 kB	104.16.56.101
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-29T09:13:03Z	482 B	5.1 kB	142.250.74.67
simage4.pubmatic.com	1129	2013-08-22T15:21:53Z	2023-03-29T11:38:26Z	577 B	1.5 kB	198.47.127.20
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	514 B	578 B	142.250.74.163
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-29T10:52:11Z	341 B	1.0 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-27 13:04:05	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-03-27 13:04:05	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup
2023-03-27 13:04:07	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain in DNS Lookup (download .mediafire .com)
2023-03-27 13:04:07	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain in DNS Lookup (download .mediafire .com)
2023-03-27 13:04:07	medium	Client IP	Internal IP	ET HUNTING File Sharing Related Domain (www .mediafire .com) in DNS Lookup

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=	136 kB	2023-03-29	2023-03-29
Pretty URL fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash b2684f638b922b33de21ec67ab10e618 7799167102222395c563cd7e5fc7afe5ff3d1b85 6fd248c6b75fce43917694f5aea697abd5fef5623ef75a9aa90ad762c1bb0ed9 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-05-10
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 23:57:07 Times Seen14393 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	80 kB	2023-03-29	2023-03-29
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:17:54 Last Seen2023-03-29 23:24:55 Times Seen9 Hash f384e99f3fe9113b327823e58c8ddcfe 4e885c2f0ff0ff014e1c982053208dded7e9cc18 3a627c5ac9d5fb21b18a47ac92eb6e4679dab0dd88fed3662f3f8abcf7a8669e Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	145 kB	2023-03-07	2023-06-12
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2023-06-12 19:20:47 Times Seen214 Hash 2c9be7bc36453e859df3528df961f246 82274c02baaa12d208c1fb99115e1761c24e332c 489031021eb6f032a2674ed1acaa65e67f724c6271f60c22305bbdd56ba74ba2 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	244 B	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:09 Times Seen1278 Hash 3d3cc144a4263f35a45be0ce301a7765 d4f9599219bcf86d846eaf65ebd8833fa67ddcae 9ee897df84988e54e3816800f2fd31ea5c2157dff7f21ab50fdb1eff4f1e3fde Loading...

	btloader.com/tag?o=5678961798414336&upapi=true	14 kB	2023-03-26	2023-04-03
Pretty URL btloader.com/tag?o=5678961798414336&upapi=true IP 188.114.99.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:01:48 Last Seen2023-04-03 23:57:12 Times Seen29 Hash 297bbb989e3ecaa253c2e2ae6c545c6e 7944b0cdc7087a0ea438bbb8097dfaf77b6e2665 b83335e9eb56804d3b1470c39a02ad0a94d57bb925d2dc6e915a91306612de75 Loading...

	http:blank	664 B	2023-03-29	2023-03-29
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 9bcdeebf292d200864b1593ef83cafeb a8e299036ac5072ed93822687864c77a6023e561 17be129f9c961e17d90e47925fc5e028c97100717e0c5d796cb0e4bfd5b2a7f6 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	371 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 01:57:47 Times Seen55 Hash 38bb61876f4c2f47533c9c0636abce11 46cb34322485c10325c776ff07663bfdfb11a64e ef85cd74a1852a00660234e02fbbe22a9d374623a2a2cea15f9273c90023ecee Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 01:41:42 Times Seen37532901 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash 25b1cf26c97255912ad392a889e66a07 c934c0f0d64eeb228cdc0f3491516281f8374d38 01caddfe898aea02b6d55a3c52683b46ac27c921d03f17804a5fbe7f462676ba Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash bd154b3d8a8e6cd2d00aed789067724c e5b3ffec82f7e987e002d278e9f1a71d579c2209 964ed903f0f240fa1ada1d7274afb52279e544088550b21512c012c6953311da Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	99 B	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:09 Times Seen836 Hash f669d6bf5c7ad4dc205ba9ceeb629791 e5401d4cd8dea04b0f707db35451ae3944152a01 9fe4e69552905c408b9c2cead95f2f5c314e83a91b72af6ff284e46f16a5af49 Loading...

	www.googletagmanager.com/gtag/js?id=UA-829541-1	115 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash ca48678436eb433160525b1bb7fad2c7 728796b7301f6a4ad5fcdc4ed259dc1bf91b48e2 db90fb0bad8d87aa53f1662d918ec6cfe33968facfcec960c1962f132d5ec617 Loading...

	static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114	17 kB	2023-03-26	2023-04-17
Pretty URL static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:20:50 Last Seen2023-04-17 23:16:21 Times Seen1248 Hash f23fdce5f9fc681a13ca76353818ffac 6779cba0c60c1e89ab3ec72c90a952268b2ba37d a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542 Loading...

	otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=17924&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=939&res=1280x1024&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Ff9jbx2obmzm0dgq%2FCoser%40rioko%25E5%2587%2589%25E5%2587%2589%25E5%25AD%2590_Vol.089.rar%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone	1.9 kB	2023-03-29	2023-03-29
Pretty URL otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=17924&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=939&res=1280x1024&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Ff9jbx2obmzm0dgq%2FCoser%40rioko%25E5%2587%2589%25E5%2587%2589%25E5%25AD%2590_Vol.089.rar%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 52b535010607041bc2b524b139aed353 ad8ac5a1377f756b096625ed5e88125ac9c3c87c c10e18301bdf6368ce2f2afd5096fd03b33d6cea376e0fa5497ca21c99a7d239 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	50 B	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:08 Times Seen1137 Hash 2a3e0cf1eb9a605784a92569cf894f8c 10e7021ec5823da40f0916471956088fe86473da baeead41095f1450cfb9f5bc75df542fcc953f28f0455499e308407e72ad4b0d Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	658 B	2023-03-07	2024-05-03
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-03 06:08:19 Times Seen1257 Hash 3d9dd3dfd08271e8e67d096e4e43db5c 973cda2469d945e79930c96089eff05ee619294c 2c6a061a66c76e6a96530d6190e183aa6d17932f0d76778bba8bd9a6d80e09cf Loading...

	translate.google.com/translate_a/element.js?cb=googFooterTranslate	80 kB	2023-03-29	2023-03-29
Pretty URL translate.google.com/translate_a/element.js?cb=googFooterTranslate IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 507ced5caac0d8bd0d61c0d0f0710d13 a5aad33cc0e6c0ea4940cffe2daf0637a8653587 b9a8574392028c58e360793fd06ccc5d20a6d727054b13f7583f74933a4102f4 Loading...

	image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB	60 B	2023-03-29	2023-03-29
Pretty URL image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB IP 198.47.127.19 ASN #62713 AS-PUBMATIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 1f196c67e4fb4ff72857a6db77d78527 520b9478cd66532bbab7efc2afefff54dcf62253 b8041ede2760d289a790f6322c24ca7f95d20333d0b7079589ae47b28c76c67c Loading...

	fundingchoicesmessages.google.com/i/183096492?ers=3	136 kB	2023-03-29	2023-03-29
Pretty URL fundingchoicesmessages.google.com/i/183096492?ers=3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 37e441f69826afb4ea093dbc65c0a0b9 dce32668ae550d5b4581f37efe3e111556651229 6954a7ad389bbabb9c3be0062fb1e30fa0adcffbb78e7dca059c1cd1619008e8 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash 11fce363f5710df0dc32f152e58637f2 9443280608b104eb972669677bbb0bcfa7c1231a b04d0f6b5f781241052b16100d61256d99798ada635d2eaa93fd3d2d2ac7998e Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	1.5 kB	2023-03-29	2023-03-29
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 1d1e95d88e0e2b3e39d50b3b88d752ed 7f8cd094ee5a8d998b8379162ccbdec030d76ae2 36a484a70d0bf16d6628f1856fe74684b48ced9c953225be747ed4eaabdca5a8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-53LP4T	230 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash 532ed1e8d79fd240fe06d263f6d01a8e c13a987c858688490f900d003a50ae72db3ecc20 f190a6f6d61cd4f67b660a88fa88c778b03939754730b959273fd4ec2f31f35a Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main	213 kB	2023-03-26	2023-03-29
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:33:16 Last Seen2023-03-29 23:21:53 Times Seen262 Hash eb4de699f982b58566d347e082612029 ef00a7927d743226fe2019012d73b03056096ccd d09010a6e49fb978fc61354afe205e2aa269ebe9669f7dc3faf7cfe96e74b344 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	805 B	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:09 Times Seen1123 Hash f9aec3b48bec0e276b5ebbf90dd111e7 7da6fbeab0b7d5f3b4207a632ac672ecca0f2aa7 50dc7f84488cec37c774f2d47c05b549ffd9fb71baaf5d46d34b313e1c18e3ef Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	114 B	2023-03-14	2023-04-23
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 02:32:26 Last Seen2023-04-23 22:08:55 Times Seen99 Hash 5cdb72fc2dce51bdc6a933eb13dd9f51 dd56267ac14aabfc23969efb9b0386fbf19117e1 e8b8feacac9fad4bc6071a1888eed84e93bdb1af5aec888b5e5550268702b3b5 Loading...

	contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1	23 kB	2023-03-29	2023-04-01
Pretty URL contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 IP 2.18.172.23 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:18:20 Last Seen2023-04-01 10:36:49 Times Seen8 Hash 7fca26d2fa700d2d83625ca147911869 5825de1269e89a0366532472e9238af80b80f9d5 e095f0d237464f7a7e964272c1c251b6ab0b16fb31701faa9f3c69ab609b2bba Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	9.7 kB	2023-03-07	2024-02-01
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-02-01 00:53:44 Times Seen843 Hash fb3ef70a9c3427141a42ff7b9973a5a5 8c6981aa075b2be7874badea20646ebd9273c1bc ff901e96d202c77a3dafe7a0a381bdf49269979c8b54497b1044729cd133f869 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	1.4 kB	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:08 Times Seen1258 Hash ac28d3adfc51fa961f442efde7c10ce6 faed185c2f5dea63f1140b033f7d6e8c02c29295 c78d75016d77016fa0ef5cd7ee429bb10974397b970ef6eb975bce72099c29c6 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	14 kB	2023-03-29	2023-03-29
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:19:35 Last Seen2023-03-29 23:19:35 Times Seen1 Hash c6c89d6df58f1229be62fff11516b385 9ab61da47f8cb46eb9170c295bf871e0a4f76a08 b6772fd76eaaf0acadf749c6ba9659cf4655b7b7265e0b2229b7f26fa625fd0a Loading...

	ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936	16 kB	2023-03-09	2023-07-05
Pretty URL ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 IP 2.18.172.200 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:00:59 Last Seen2023-07-05 20:40:24 Times Seen661 Hash 5cdd86112f9012cc5bf30638358c2cd6 1606237627472651a62088a0b668c9df589abb90 b0e303d3a406110aae76a4c7f052d15c49ebf703db0f0185875a3532cb3b3f44 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	2.1 kB	2023-03-07	2024-02-20
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-02-20 22:13:21 Times Seen867 Hash 93aa8e871ebf303daab6f0b0093d879d cd91630b93ddd892e3e910d42f44f1f5836e7aa9 7f824ad0e56ad94ae36acd4b9ac580ae8e6fb262b8eb5443d66653c1cdad4bc2 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	340 B	2023-03-07	2024-05-08
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-08 15:51:46 Times Seen1822 Hash 7b0298352717334914068ec708c9513a faf49acfb2d927211e20a345a4f6d77b31fbb539 16d9425c57376be8131894bb4b01fea2547be2fbbed0f3587cba20af9dae4190 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash f941f76ccee1ae706eedd6add8c7d3b3 5d4c4a5d7f5fb030dc6e01b656fcc393423cd5b5 c40fd0b9a7e6d6ab90cf21f10aafe06639f1e6735bed9068e893b0ffd0d07c76 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	166 B	2023-03-07	2023-07-31
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-07-31 12:46:10 Times Seen369 Hash cfdc30831a0b3c68f6e25651e0337060 0294ded30901cc2effefa6916ad438c3d3f43d8a 7069594ae3cf7da34743de2228eee51ded6510ac80a13ce08571bc195d4ed8d2 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	99 B	2023-03-07	2024-01-16
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-01-16 05:47:01 Times Seen793 Hash a11fb74027afaefcf2078d2c17739163 416b8adf94667a3552b37c4dbc93bf4e36b6cb6e 02bd4f056189f10d506c63fb2dbd6879896654fdbe64ea8f927745e00510ab20 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	543 B	2023-03-07	2024-05-06
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-06 09:02:09 Times Seen840 Hash 9d139d72e2571ec8b88f2b08f79efb25 adb7b37f804197f726caf37ae6cd6e7becb2a549 f41723d29915e771a79001b062c73b94ccfcb9bda5a1ba30aa5f29bda7c0faf4 Loading...

	cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js	70 kB	2023-03-07	2023-05-06
Pretty URL cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js IP 54.230.245.120 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2023-05-06 01:23:33 Times Seen337 Hash c43d9f000a09bd500ed8728606a09de3 36ad6b0fa2c6bcd116fb642f25789fc2d08a68e6 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4 Loading...

	ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D7B68C3B0-E092-4585-AD30-329461AA7630%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID	1.5 kB	2023-03-13	2023-04-05
Pretty URL ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D7B68C3B0-E092-4585-AD30-329461AA7630%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:32:22 Last Seen2023-04-05 02:10:55 Times Seen235 Hash 6f052d5d2ceebe843f032370c1665a13 1a3ac741ab565d1dce7ab3a642d12f6afec4fba8 b06a55b24f86c5a6e4a67bc46a08bf117565cc02ce30e64ea0845622c3380ee5 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	14 kB	2023-03-14	2023-04-23
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:55:56 Last Seen2023-04-23 22:08:55 Times Seen81 Hash e3b8c4a58fe746828d0ffe391076a8c5 ab4088211031476e2a9acf70664e7c24eb21a40d e3bdb894a9fb7a6b852e19ca13b3b067152f3cee42f26578021e7f5b8116cfc7 Loading...

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	2.0 kB	2023-03-07	2024-05-08
Pretty URL www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-05-08 15:51:46 Times Seen1821 Hash e48418f18355925eaea03355309b2e00 c51214ad93526b8c02f9624b7ef0dda8c7dfe9a5 2fd1cae6706b4ee934c5c6f90d0aee52851d2310a9a4a413dca147cf907906e1 Loading...

		Size	First Seen	Last Seen
	#1 Write - cc0117e2635c5de2aaae45eb443ea85b	3.0 kB	2023-03-26	2023-07-17
Pretty Observations First Seen2023-03-26 05:25:58 Last Seen2023-07-17 20:39:17 Times Seen1924 Hash cc0117e2635c5de2aaae45eb443ea85b 35c65e803b2d2d356d7ab7ad427f927a0a0b4094 16177f86176d09e885c44b3de4abd0c997deab2f0f6205f77d69813384076b17 Loading...

	#2 Write - 5362136a0d34039afcce4ae3647fa3bb	462 B	2023-03-26	2023-07-17
Pretty Observations First Seen2023-03-26 05:25:58 Last Seen2023-07-17 20:39:17 Times Seen1190 Hash 5362136a0d34039afcce4ae3647fa3bb 3f42644510b9f4dc6b74db0c20064f4d7a6a36aa b63ebd7e5028f94f073bf2d0a29f822712ff947ce4be073596197a6604d78c8e Loading...

	#3 Write - 75116078c56deef4c70ae28e7ac5d035	462 B	2023-03-26	2023-07-17
Pretty Observations First Seen2023-03-26 05:25:58 Last Seen2023-07-17 20:39:17 Times Seen1601 Hash 75116078c56deef4c70ae28e7ac5d035 9279ec2b1ee56270231db421bf227ac1079b22b8 ee4f481d2e363866525e9087f56041bb1044e6ffe1c6ef45e3dad01c7965a53b Loading...

HTTP Transactions (89)

	URL	IP	Response	Size
	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084" Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14089 Expires: Mon, 27 Mar 2023 16:58:36 GMT Date: Mon, 27 Mar 2023 13:03:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7255 Expires: Mon, 27 Mar 2023 15:04:42 GMT Date: Mon, 27 Mar 2023 13:03:47 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5966 Expires: Mon, 27 Mar 2023 14:43:13 GMT Date: Mon, 27 Mar 2023 13:03:47 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 27 Mar 2023 12:27:57 GMT content-type: application/json age: 2150 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: oL0YznkcuYvuUiwd+KxOwq18Lsw4c6KPbRgCgvy9XZ8feVSz7IrU3wXf5bJ23V3H3TxbkHyMKCo= x-amz-request-id: 91FFZJQYX04Z2CQ9 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 27 Mar 2023 12:55:47 GMT age: 480 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 13:03:47 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a3242c27d5e1454c4ed0224a21b99fde d14f94d30b766f1e11284fb333529903e116718c e9f38284fdd9e5d9c19f16fe29db0d58bc68bd71c35aebfbcb80580417feefae HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E9F38284FDD9E5D9C19F16FE29DB0D58BC68BD71C35AEBFBCB80580417FEEFAE" Last-Modified: Sun, 26 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3057 Expires: Mon, 27 Mar 2023 13:54:44 GMT Date: Mon, 27 Mar 2023 13:03:47 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 27 Mar 2023 12:17:24 GMT age: 2783 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: /OIv9G8cli/pK1fAl9uu/g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: xjUYA04uTIn202HpHyMUXMzXl0E= Date: Mon, 27 Mar 2023 13:03:47 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	www.mediafire.com/js/prebid5.17.0.js	104.16.53.48	200 OK	80 kB
URL HTTP/1.1 www.mediafire.com/js/prebid5.17.0.js IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65536), with no line terminators Size 80 kB (79852 bytes) Hash 57054ccba30c2dedde9b6139f72bf37e 04d436872be1c702db70b33b56b97b9daa17ec48 c4808b176fc686e19da8d088b99f9e607ea2a9040f736397343f8b35e0fc6511 HTTP Headers GET /js/prebid5.17.0.js HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Cache-Control: max-age=2592000 Cf-Bgj: minify Cf-Polished: origSize=269036 Etag: W/"62deda56-41aec" Expires: Wed, 26 Apr 2023 11:27:20 GMT Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Age: 2218 Set-Cookie: __cf_bm=JDvCn16GFtTtxBdGCjEp2wBoZ5NifLr_0z__mEZhAyg-1679922228-0-ASOs8EcyFuWEXFmrllSZRJ/uWNZNutz+0t7gjaN8dKF/p8FqpNk88VdGqDN5sN6BCtlhhZYMZgaqEDm+HpwG5KQ=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 7ae7d5e67fa9b529-OSL Content-Encoding: gzip

	www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file	104.16.53.48	200 OK	87 kB
URL HTTP/1.1 www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62925) Size 87 kB (87429 bytes) Hash e454c75f995cdb1d4daf43ba18e5657c 14ac0d6858b9eadd5c411a1f197d75033400aeca 16118d39c88d2a40bf948288db45e12dd7e214709342c55d25f8ee97c11d0ed3 HTTP Headers `GET /file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http://www.mediafire.com Cache-Control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 Expires: 0 Pragma: no-cache Vary: Accept-Encoding X-Frame-Options: SAMEORIGIN X-Robots-Tag: noindex, nofollow CF-Cache-Status: DYNAMIC Set-Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; expires=Fri, 27-Mar-2043 13:03:47 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly f9pk=1; expires=Thu, 30-Mar-2023 13:03:48 GMT; Max-Age=259200; path=/; domain=.mediafire.com; HttpOnly ad_count=1; expires=Mon, 27-Mar-2023 13:33:48 GMT; Max-Age=1800; path=/; domain=.mediafire.com; HttpOnly conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D; expires=Wed, 26-Apr-2023 13:03:48 GMT; Max-Age=2592000; path=/; domain=.mediafire.com __cf_bm=jP2tgzAkAWhjZdX4__hZLgwoRYX2dJP7LmWlfCI3pus-1679922228-0-AVkrVpSrN6nLC2xkEKZollPp3JVphHhnJ/CjZMnQfwKL89K+8u3leTV2KMeZ6r3bvPBua/Fstm4jJs88HX/w2rg=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 7ae7d5df3bc7b4ed-OSL Content-Encoding: gzip

	www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg	104.16.53.48	200 OK	244 B
URL HTTP/1.1 www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (315), with no line terminators Size 244 B (244 bytes) Hash 438c74ce96fb46c379506f9a1a4b9882 0449a026abfda3ef8498ea612951d167202e44c8 3529bb7eb84889386b8b3dfaf3cb475fecbd83e1912d80fd43b790ca90aadb1f HTTP Headers GET /images/icons/svg_dark/arrow_dropdown.svg HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Etag: W/"62deda56-13b" Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT CF-Cache-Status: HIT Age: 12089 Set-Cookie: __cf_bm=ujnQ5dL.skmP0CkssqoD9Jpk960uzguLC_VM91RM4U4-1679922228-0-ASk0XhMljJZNtwX5999555H73+COkVnMik9Ib040w2+eYJdhwAxSaL8LJnGlPmJhKu7VzZe20C4UPdSML/GFzN8=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e69f0cb51b-OSL Content-Encoding: gzip

	static.mediafire.com/images/filetype/file-zip-v3.png	104.16.53.48	200 OK	1.9 kB
URL HTTP/1.1 static.mediafire.com/images/filetype/file-zip-v3.png IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type PNG image data, 43 x 58, 8-bit/color RGBA, non-interlaced\012- data Size 1.9 kB (1872 bytes) Hash a23b8b7059e953fc1b74bf87a77ebb0c f23e0ad301389083104f04d4164fa57423387b17 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e HTTP Headers GET /images/filetype/file-zip-v3.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/png Content-Length: 1872 Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: "62deda56-750" Expires: Wed, 26 Apr 2023 08:48:59 GMT Cache-Control: max-age=2592000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 9477 Accept-Ranges: bytes Set-Cookie: __cf_bm=QY1hdhsiQtl.XTLdTpIDSaOqP9NXlAyig3Z2CygbX3A-1679922228-0-AUowDCo5z5fS8NDVVxFZnc6awigzuToPUge2aX8CWkCEPE85EwKXsAF9rgUanx1/z38MNdil7VpdIO91C1xTSII=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6fcddb524-OSL

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 1eebd93ef4ace8f93b306d6a46d47288 e968b59494a1ec170444176e4a45733e34289be0 ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	static.mediafire.com/images/icons/svg_dark/check_circle_green.svg	104.16.53.48	200 OK	300 B
URL HTTP/1.1 static.mediafire.com/images/icons/svg_dark/check_circle_green.svg IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (444), with no line terminators Size 300 B (300 bytes) Hash 748ded416c9ac6cf3e6bf71899654ef4 f4c9e5092d30f4c19acb2150f58cd5829e0bdeed 2e81ec62e6a56b57437ae015adff93fb3e729e441755d3f58ebe3e39003aa487 HTTP Headers GET /images/icons/svg_dark/check_circle_green.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: W/"62deda56-1bc" Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 9477 Set-Cookie: __cf_bm=B9E7nNiy1ykWbrFefMZwRCbCCjUBnlw.I6JxPPuQZfs-1679922228-0-AWxeK2sWHJbsIPGwKUx4MNzRhS3Yb4wf2TuEZmlWMVelA5vyycAiXQU/+5v0z6kMlia3Ydn9LYyoGuinQtY+K6A=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6fe77b51d-OSL Content-Encoding: gzip

	static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png	104.16.53.48	200 OK	8.1 kB
URL HTTP/1.1 static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type PNG image data, 36 x 828, 8-bit colormap, non-interlaced\012- data Size 8.1 kB (8145 bytes) Hash d3df203853c4482e8753a856e13b0b07 bcee90ce0ef36a1aecdfc64596fee107b5a07a3a dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738 HTTP Headers GET /images/backgrounds/download/apps_list_sprite-v6.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/png Content-Length: 8145 Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: "62deda56-1fd1" Expires: Wed, 26 Apr 2023 09:24:40 GMT Cache-Control: max-age=2592000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 318 Accept-Ranges: bytes Set-Cookie: __cf_bm=Hu_Nllx.suPp10xQZ7wMy5YzyEEryytJDkXK7AsSfBY-1679922228-0-AS0AXNX5ft64AMzEgNzahCYY2qRDsqpwnEZd9kIzGgaENq+TvxsyUMjuzQkyarEfAnrc1Jg0ZbAqy1jYQ3bgiuU=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6fa321bfe-OSL

	static.mediafire.com/images/backgrounds/footer/social/footerIcons.png	104.16.53.48	200 OK	583 B
URL HTTP/1.1 static.mediafire.com/images/backgrounds/footer/social/footerIcons.png IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type PNG image data, 112 x 28, 8-bit/color RGBA, non-interlaced\012- data Size 583 B (583 bytes) Hash e0abc4fea89d2c5153b73cd02ac5ba13 00465ef774805c82fb5b8a40b743f7b1a1d1a7d6 f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061 HTTP Headers GET /images/backgrounds/footer/social/footerIcons.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/png Content-Length: 583 Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: "62deda56-247" Expires: Wed, 26 Apr 2023 09:51:53 GMT Cache-Control: max-age=2592000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 9477 Accept-Ranges: bytes Set-Cookie: __cf_bm=NbaM1QaqPn5CKQ2t56ECQpvw9pVRgwLCvHLbnd4yBBM-1679922228-0-AaVSgX4nyvkaQz9gxYtLIOflNygDUcKrAq6yLEvfH5ni80snWt+Prmt/EWBB87fi/7IqhnP9mtkJ6g9FRLxGNTk=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6f8c4b512-OSL

	static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg	104.16.53.48	200 OK	1.5 kB
URL HTTP/1.1 static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3357), with no line terminators Size 1.5 kB (1549 bytes) Hash cd8619bb27c40ac285ca7ca5cc0e12c6 71a679f2e69914390e27de9b12fbebd6740b420d 348ca0cfaec31819e81ec29c3ea7808a7f9142d8448ba06edfca37e5363f967b HTTP Headers GET /images/backgrounds/header/mf_logo_full_color.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Fri, 28 Oct 2016 22:22:42 GMT ETag: W/"5813cfb2-d1d" Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 9477 Set-Cookie: __cf_bm=ShcvRsZKpctUX_I1eXz.C2nmoP9kvjmIm6HkutghM98-1679922228-0-AYzDHJ9J0mUdF9TB0hSr8T8TUkVNyW0RzEtC42XqQJ2ehcpk22E0TbmzS4DbDYXyiSd6Qcg7d9uL9AjUqWAWGzs=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6fc3c1c12-OSL Content-Encoding: gzip

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 1eebd93ef4ace8f93b306d6a46d47288 e968b59494a1ec170444176e4a45733e34289be0 ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	static.mediafire.com/images/backgrounds/download/social/fb_16x16.png	104.16.53.48	200 OK	181 B
URL HTTP/1.1 static.mediafire.com/images/backgrounds/download/social/fb_16x16.png IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data Size 181 B (181 bytes) Hash 78226526732869add09512e9b4be3090 f1ce9c760e17e69509cabe114392a108a6c839bc 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142 HTTP Headers GET /images/backgrounds/download/social/fb_16x16.png HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/png Content-Length: 181 Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: "62deda56-b5" Expires: Wed, 26 Apr 2023 08:56:05 GMT Cache-Control: max-age=2592000 Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 9477 Accept-Ranges: bytes Set-Cookie: __cf_bm=oof6XNp5n6i7LsAB2hhw6azduJAG1t7yM0_y6Y6kCNU-1679922228-0-AdD5c9SdM/YQCCATfMffl/6p0VdNwUpL9Qoi3XpyzCkgJcZ74qzg1eJtdU+C37frcCvun2T3HjlzXFVrl9lS7JQ=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e6f95b0b39-OSL

	www.googletagmanager.com/gtag/js?id=UA-829541-1	142.250.74.40	200 OK	45 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-829541-1 IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2206) Size 45 kB (44791 bytes) Hash 03726497f16f3646eee8a382fac27a2a 1cc06d6db21a262019d43b2fb86ed654839ffe98 2f84a02b971c472cf84765b0f3dc3ffb6030353ff58a7c624297e1183270360d HTTP Headers `GET /gtag/js?id=UA-829541-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 27 Mar 2023 13:03:48 GMT expires: Mon, 27 Mar 2023 13:03:48 GMT cache-control: private, max-age=900 last-modified: Mon, 27 Mar 2023 12:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44791 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	static.mediafire.com/images/backgrounds/download/additional_content/flag.svg	104.16.53.48	200 OK	204 B
URL HTTP/1.1 static.mediafire.com/images/backgrounds/download/additional_content/flag.svg IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators Size 204 B (204 bytes) Hash 47d7d3db93bf1c6d312c0a1eea858eae 3add4272aec9039a339d1a1c8ab0a296d2e0f714 0571284e5e17e3e8108d921ccd12926cd2a5783bace1f254289cdd67e275e976 HTTP Headers GET /images/backgrounds/download/additional_content/flag.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: W/"62deda56-ea" Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 11475 Set-Cookie: __cf_bm=3TtR0uJ_KvecUyAyH41ifo8bqmEdgjmLrCkB3ZlHZbc-1679922228-0-AQ1Wha1spG1U99bfFsqfdrrLWPi9DMdreMyTtx1LBYTEzOMCFOSNkeTKw6sxTmoIiQ1ZDEcc7n9Q1f8257XKWPU=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e76cd91c12-OSL Content-Encoding: gzip

	www.googletagmanager.com/gtm.js?id=GTM-53LP4T	142.250.74.40	200 OK	74 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-53LP4T IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (26680) Size 74 kB (73677 bytes) Hash 7e7e2ddf3f0f95c65f7bb8fde1cfcc38 6678692cda5677215ce981d602469ae621c7acdc 5cf7676873b282fa2ae18cd6f3ecc95b8323880236cd2fa17b3ab8e56c13aae7 HTTP Headers `GET /gtm.js?id=GTM-53LP4T HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 27 Mar 2023 13:03:48 GMT expires: Mon, 27 Mar 2023 13:03:48 GMT cache-control: private, max-age=900 last-modified: Mon, 27 Mar 2023 12:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 73677 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	static.mediafire.com/images/backgrounds/download/additional_content/world.svg	104.16.53.48	200 OK	54 kB
URL HTTP/1.1 static.mediafire.com/images/backgrounds/download/additional_content/world.svg IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (25749) Size 54 kB (53619 bytes) Hash 39420d41720521a11d7702874b0f049d 03ea3f6b14b69be89446f623ef575b82ab51f941 05c7adadf096e46886f288b977e2905a49d9cae8ba5c15ebcc11a30aa5d67579 HTTP Headers GET /images/backgrounds/download/additional_content/world.svg HTTP/1.1 Host: static.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/ Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Mon, 25 Jul 2022 18:00:54 GMT ETag: W/"62deda56-23ce2" Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 5333 Set-Cookie: __cf_bm=VLHys93EE17AeHz8foGgO4ijDtPHjwsh0_27KODC1ns-1679922228-0-Ad0ZDhvECVvyMfVrcAmz3f9lLmEb15AWVV6zCFWnhLSi3eb4DCtl+wQHpBUYZWqulS46W0VZF00IKeZN3yDi3o4=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5e76ae21bfe-OSL Content-Encoding: gzip

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 1eebd93ef4ace8f93b306d6a46d47288 e968b59494a1ec170444176e4a45733e34289be0 ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 06953cb94ffd45b8c9cb07fe3e8836bd 90fa44e15c64a9529f024064e2b8c366d9942c15 d1f3d202380d47f1b6b6a993ca3efa0837df4e73fe0bdaa58f9a92d4184e42f5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3657 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Last-Modified: Mon, 27 Mar 2023 12:02:51 GMT Server: ECAcc (ska/F756) X-Cache: HIT Content-Length: 471`

	ad-delivery.net/px.gif?ch=1&e=0.6609088507766179	104.26.2.70	200 OK	43 B
URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.6609088507766179 IP 104.26.2.70:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `GET /px.gif?ch=1&e=0.6609088507766179 HTTP/1.1 Host: ad-delivery.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:48 GMT content-type: image/gif content-length: 43 x-guploader-uploadid: ADPycdtPGT2o0xjtSTj_l2to0_qmbbQ--3HuvenaYCxOjBSNMCRoWSPRIwFpDCq4Ey1CrfJIH6woC9yKxU5Xs5esPckX x-goog-generation: 1620242732037093 x-goog-metageneration: 5 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 43 x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace expires: Thu, 09 Mar 2023 20:05:42 GMT cache-control: public, max-age=86400 age: 1530582 last-modified: Wed, 05 May 2021 19:25:32 GMT etag: "ad4b0f606e0f8465bc4c4c170b37e1a3" cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynner9EcNW3jWjDWO8VyhiM%2BsMEBFI00d%2B0J1F%2Bv%2BuCPzOKs8MRszJTk5QEYfJcBODK2EZickdiNJbiN1IuXfe07yj2v%2BnG08HTO%2FzvbIlIohX8Ym0abJx4ODfVH8JtSQQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7ae7d5e8182bb517-OSL X-Firefox-Spdy: h2

	ad-delivery.net/px.gif?ch=2	104.26.2.70	200 OK	43 B
URL HTTP/2 ad-delivery.net/px.gif?ch=2 IP 104.26.2.70:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `GET /px.gif?ch=2 HTTP/1.1 Host: ad-delivery.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:48 GMT content-type: image/gif content-length: 43 x-guploader-uploadid: ADPycdtPGT2o0xjtSTj_l2to0_qmbbQ--3HuvenaYCxOjBSNMCRoWSPRIwFpDCq4Ey1CrfJIH6woC9yKxU5Xs5esPckX x-goog-generation: 1620242732037093 x-goog-metageneration: 5 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 43 x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace expires: Thu, 09 Mar 2023 20:05:42 GMT cache-control: public, max-age=86400 age: 1530582 last-modified: Wed, 05 May 2021 19:25:32 GMT etag: "ad4b0f606e0f8465bc4c4c170b37e1a3" cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew658rj%2BzCcm4H0JFOOREEkq3L47K0Po8x9%2F8fHxDuzGRVWqKgkPnS4mbGedABBt36%2B18FPmQxkJ06tmIjyPXW45SqAZfqNeV3WLEsPJk3aIYL9cHOMPuMqnkXMt6FHnGQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7ae7d5e82835b517-OSL X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 08f522f33a24a4deadedaaa5bbb2d86f 1a80ddce273ea4a48690d85e674f7aea15a152bb 793e6995d2ff1496b5ad676f1063f20738f3827cb4e6b17dd5f55d3cbb56e7a4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4418 Cache-Control: max-age=161178 Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Etag: "6421558c-1d7" Expires: Wed, 29 Mar 2023 09:50:06 GMT Last-Modified: Mon, 27 Mar 2023 08:36:28 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471`

	www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575	31.13.72.36	200 OK	0 B
URL HTTP/2 www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 IP 31.13.72.36:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: tNpMuj4WWfUskISb1x5mEmib9tgqz/7eSZbnmR4C2Q9Zhso8Nqi53Gc1yBMbJfR2xVO9vX5XArRjg5oom5lqcg== content-length: 0 date: Mon, 27 Mar 2023 13:03:48 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400	104.16.53.48	200 OK	13 kB
URL HTTP/1.1 www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400 IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (25864), with no line terminators Size 13 kB (12597 bytes) Hash e24861cae847ebac80fa8506c1269b09 dc273cb28fd3e348c65ecd2bd1559ab22a2132e9 547e4872e17e421e66dcb5d2f5e21b3150c55ebca873d16e9e666595a48f4a25 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400 HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive content-encoding: gzip x-control-type-options: nosniff vary: accept-encoding cache-control: max-age=14400, public Set-Cookie: __cf_bm=PJ3U8ihRbb6Btly.yqIQFpimcVST0l6LI61JQQZCyVQ-1679922228-0-AX8QgWu+v3LvTAVexpb4f2iZ8217rupuYlDTyt4GYw797ATs87RTL1+wmpE+KlNlwcTvY+zKkQ08dIv5pBoRU38=; path=/; expires=Mon, 27-Mar-23 13:33:48 GMT; domain=.mediafire.com; HttpOnly; SameSite=None Server: cloudflare CF-RAY: 7ae7d5e87adfb529-OSL

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 06953cb94ffd45b8c9cb07fe3e8836bd 90fa44e15c64a9529f024064e2b8c366d9942c15 d1f3d202380d47f1b6b6a993ca3efa0837df4e73fe0bdaa58f9a92d4184e42f5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3657 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Last-Modified: Mon, 27 Mar 2023 12:02:51 GMT Server: ECAcc (ska/F7A5) X-Cache: HIT Content-Length: 471`

	hbopenbid.pubmatic.com/translator?source=prebid-client	185.64.189.112	204 No Content	0 B
URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client IP 185.64.189.112:0 ASN #62713 AS-PUBMATIC File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /translator?source=prebid-client HTTP/1.1 Host: hbopenbid.pubmatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 1994 Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 204 No Content access-control-allow-credentials: true access-control-allow-origin: http://www.mediafire.com cache-control: no-cache, no-store, must-revalidate date: Mon, 27 Mar 2023 13:03:47 GMT X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash f93d820dcdbcbe50f8196fdd8abb9d75 85ebe02bbc653434d4867eda0916dcee8bc0e043 b8e19706bdeaaa3e73c2cb8b642f427b4b5fe53d06bba70ccb2e32069e1ec1fb HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:48 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 25 Mar 2023 07:45:29 GMT Expires: Sat, 01 Apr 2023 07:45:28 GMT Etag: "85ebe02bbc653434d4867eda0916dcee8bc0e043" Cache-Control: max-age=412299,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7ae7d5e819710b41-OSL`

	static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114	104.16.56.101	200 OK	7.5 kB
URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 IP 104.16.56.101:0 ASN #13335 CLOUDFLARENET File type data Size 7.5 kB (7496 bytes) Hash ae0b903dfef2404860d80347aeb78f66 60d64f7bf8945b53267ae4f0e1d73c19ba9b4920 0a0d723379f18ba1a34f06789d67bdc7f425dcbcd0ca0c54b4d7b2d68a338a3b HTTP Headers `GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:48 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/2023.3.0 last-modified: Mon, 20 Mar 2023 17:58:49 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 7ae7d5e71bda1c0a-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js	54.230.245.120	200 OK	22 kB
URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js IP 54.230.245.120:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 22 kB (22154 bytes) Hash 660c3b546f2a131de50b69b91f26c636 70f80e7f10e1dd9180efe191ce92d28296ec9035 fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9 HTTP Headers `GET /libs/amplitude-8.5.0-min.gz.js HTTP/1.1 Host: cdn.amplitude.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript content-length: 22154 date: Tue, 06 Sep 2022 00:40:16 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 last-modified: Fri, 13 Aug 2021 22:37:42 GMT etag: "660c3b546f2a131de50b69b91f26c636" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 content-encoding: gzip x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3 accept-ranges: bytes server: AmazonS3 vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 8roGBTv6KG5W9JJiVhH9kwUzk0opeLIZ1I-skomipSMFMzRUOYhF_A== age: 17497412 X-Firefox-Spdy: h2

	translate.google.com/translate_a/element.js?cb=googFooterTranslate	142.250.74.142	301 Moved Permanently	0 B
URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googFooterTranslate IP 142.250.74.142:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /translate_a/element.js?cb=googFooterTranslate HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/` `HTTP/1.1 301 Moved Permanently Content-Type: application/binary Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 27 Mar 2023 13:03:48 GMT Location: https://translate.google.com/translate_a/element.js?cb=googFooterTranslate Cross-Origin-Opener-Policy: same-origin-allow-popups Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aee967595d5b11fc508d102c6c93dd93 1b51ae5b5f9a4b7e3c51bb4307c9eacd4ea2a85e 3cbc3af47f5b1e142bb6cb5fed8154476b773f1b9a95623b5bb5ba94957ff309 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	142.250.74.78	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.78:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Mon, 27 Mar 2023 12:05:11 GMT expires: Mon, 27 Mar 2023 14:05:11 GMT cache-control: public, max-age=7200 age: 3517 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash b50726fcf63dc2a413d062eecac1e7c6 a5d32e8ed0099d8502141ce1696e61ccf3a0bff5 e0ac38764545d1dade860bb61c891b8c601ed05f241128c9463f11af0396e0f7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7f589a72ab0e3ceb789eec4838d09db5 df1112c32a41bae5630dcd131b2b4c2d15fcdee4 2751e53954ec7e46ba57c1095408154e639059066f5e5d5cc492e0ff96f2b5b0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	btloader.com/tag?o=5678961798414336&upapi=true	188.114.99.234	200 OK	6.3 kB
URL HTTP/2 btloader.com/tag?o=5678961798414336&upapi=true IP 188.114.99.234:0 ASN #0 File type ASCII text, with very long lines (14194) Size 6.3 kB (6273 bytes) Hash 678e1bbd6c959c2a440574b343f59910 15acb286ba099a5055edc497547f3c0e389002cf dea94512bd9b22279b11c3a0e09e324fd16188061e1d7725a7fcd4deeee56aa0 HTTP Headers `GET /tag?o=5678961798414336&upapi=true HTTP/1.1 Host: btloader.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:48 GMT content-type: application/javascript cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 etag: W/"a7f0de4aab51739f3da1c0e985cfb479" last-modified: Mon, 27 Mar 2023 12:04:13 GMT vary: Origin, Accept-Encoding via: 1.1 google cf-cache-status: HIT age: 3480 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rreGDILhtXvIyCw2XbePFraeSE8E57FjoPgFnRnQkgWciwrxETwh37ydj5DeOUiWqRcDYRaQHLipvjdh2cl7rlNWsA0bvaByWJ6ZcWPDTzby2ndUWIxqQRacUpKqpg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7ae7d5e6ea0d0b3d-OSL content-encoding: br X-Firefox-Spdy: h2

	securepubads.g.doubleclick.net/tag/js/gpt.js	142.250.74.130	200 OK	27 kB
URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js IP 142.250.74.130:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (39604) Size 27 kB (27445 bytes) Hash 41ebe93fb276f39a44fcbfd3f79c70a2 0a8c52dae2f52944689d0f41fad12ba7c87b9a62 21600022d874ac1f6c7c0ad2d51154857dd7b8fddcff3bb542116190a35df4c4 HTTP Headers `GET /tag/js/gpt.js HTTP/1.1 Host: securepubads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs" report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin: * content-length: 27445 date: Mon, 27 Mar 2023 13:03:48 GMT expires: Mon, 27 Mar 2023 13:03:48 GMT cache-control: private, max-age=900, stale-while-revalidate=3600 etag: "1523 / 975 of 1000 / last-modified: 1679915402" x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 7f589a72ab0e3ceb789eec4838d09db5 df1112c32a41bae5630dcd131b2b4c2d15fcdee4 2751e53954ec7e46ba57c1095408154e639059066f5e5d5cc492e0ff96f2b5b0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash b50726fcf63dc2a413d062eecac1e7c6 a5d32e8ed0099d8502141ce1696e61ccf3a0bff5 e0ac38764545d1dade860bb61c891b8c601ed05f241128c9463f11af0396e0f7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf HTTP Headers `POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf HTTP Headers `POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash aee967595d5b11fc508d102c6c93dd93 1b51ae5b5f9a4b7e3c51bb4307c9eacd4ea2a85e 3cbc3af47f5b1e142bb6cb5fed8154476b773f1b9a95623b5bb5ba94957ff309 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:48 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	api.btloader.com/pv?tid=Sgzux0aCxb&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Ff9jbx2obmzm0dgq%2FCoser%40rioko%25E5%2587%2589%25E5%2587%2589%25E5%25AD%2590_Vol.089.rar%2Ffile&sid=hK00EIYRD&upapi=true	130.211.23.194	204 No Content	0 B
URL HTTP/2 api.btloader.com/pv?tid=Sgzux0aCxb&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Ff9jbx2obmzm0dgq%2FCoser%40rioko%25E5%2587%2589%25E5%2587%2589%25E5%25AD%2590_Vol.089.rar%2Ffile&sid=hK00EIYRD&upapi=true IP 130.211.23.194:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pv?tid=Sgzux0aCxb&w=5115845767331840&o=5678961798414336&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Ff9jbx2obmzm0dgq%2FCoser%40rioko%25E5%2587%2589%25E5%2587%2589%25E5%25AD%2590_Vol.089.rar%2Ffile&sid=hK00EIYRD&upapi=true HTTP/1.1 Host: api.btloader.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 204 No Content access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate vary: Origin date: Mon, 27 Mar 2023 13:03:49 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	api.btloader.com/country	130.211.23.194	200 OK	16 B
URL HTTP/2 api.btloader.com/country IP 130.211.23.194:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 16 B (16 bytes) Hash 452880c1a375b8fba8c9499f0930d05f ffe5484a23512c2a574d837fe2d3267b134e48c8 8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d HTTP Headers `GET /country HTTP/1.1 Host: api.btloader.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www.mediafire.com/ Origin: http://www.mediafire.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600 content-type: application/json vary: Origin date: Mon, 27 Mar 2023 13:03:49 GMT content-length: 16 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf HTTP Headers `POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=	142.250.74.142	200 OK	45 kB
URL HTTP/2 fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= IP 142.250.74.142:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1964) Size 45 kB (45040 bytes) Hash 7d5884cb23295f73e38a1a70d13369c0 fc34085d41bdf0495a0e75d2f523f4d840b825ad 44c863dd2a7d1f86cc6c263197a5a848aa1fe32240ca271c180ef2a31a51a21e HTTP Headers `GET /f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= HTTP/1.1 Host: fundingchoicesmessages.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site timing-allow-origin: * cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Mon, 27 Mar 2023 13:03:48 GMT permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-security-policy: script-src 'nonce-oOIWKvDimeMsF7zEWaky3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp" cross-origin-resource-policy: cross-origin report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&gjid=642197857&_gid=1202403200.1679922247&_u=YEBAAUAAAAAAACAAI~&z=909680309	142.250.150.157	200 OK	4 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&gjid=642197857&_gid=1202403200.1679922247&_u=YEBAAUAAAAAAACAAI~&z=909680309 IP 142.250.150.157:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&gjid=642197857&_gid=1202403200.1679922247&_u=YEBAAUAAAAAAACAAI~&z=909680309 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: http://www.mediafire.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Mon, 27 Mar 2023 13:03:49 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9f118fb224d6a3feb68bb7296958d8fe 7ccaa3d7e3b47dec93f7ddb398615bd71227b26e 2f70628100003ab47f5fb5622f8951ec8f4bad4b88cc3c083983a5c31356b429 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css	142.250.74.67	200 OK	4.2 kB
URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css IP 142.250.74.67:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (23228), with no line terminators Size 4.2 kB (4205 bytes) Hash 8f89ebd6757f0474347497a9545d3cc2 014d050331fcdbcff8cbf854b4c926286e0c104a 015111236a8db21de30b2af7d2d24221a9f358fe83137f4651707f4728043585 HTTP Headers `GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 4205 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 25 Mar 2023 02:39:03 GMT expires: Sun, 24 Mar 2024 02:39:03 GMT cache-control: public, max-age=31536000 last-modified: Sun, 12 Mar 2023 00:11:57 GMT content-type: text/css; charset=UTF-8 vary: Accept-Encoding age: 210286 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash aacadb94b44e557195c202f9eac3d422 ae45e0a668927354b659a0050ec4f37421acfc12 e3efec2ec99be9c753808134094e95ea88d59e2898a180327a5a0818050a3859 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 46deddb8b844851da2d68cdb99372c7d f52730dfe273dff574d1421d8c7178c2d296aaa2 6dfc153b2d0e0b53820d77a059a342f07bf691771ae91c31bc4d45cdbcebf2a8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 338c42e4ccd475333da107485955b1cf 89223f304f86cb8c292a3acb7c640b5002b39690 333964f3284089e231f7cade16ba160392dd24eab8516c55588be6f513c7306d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857	142.250.74.132	200 OK	42 B
URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857 IP 142.250.74.132:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Mon, 27 Mar 2023 13:03:49 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857	142.250.74.163	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857 IP 142.250.74.163:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-829541-1&cid=1734653387.1679922247&jid=241839930&_u=YEBAAUAAAAAAACAAI~&z=1638583857 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Mon, 27 Mar 2023 13:03:49 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main	142.250.74.170	200 OK	75 kB
URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main IP 142.250.74.170:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1665) Size 75 kB (75429 bytes) Hash 028ffa7b57c1fd69787200d635396b46 5276fd8933eb26e281fc0963c7bb6045d76099f0 bbbf2f923f44c50acf39b245c42fc8cd32c387037a1adcbd2eced810c9db23ed HTTP Headers `GET /_/translate_http/_/js/k=translate_http.tr.no.TOlP0ZdKkgc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp7Yc-t0RdoRmhC4zicj8CNkmrefQ/m=el_main HTTP/1.1 Host: translate.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="rosetta" report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-length: 75429 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 23 Mar 2023 18:32:04 GMT expires: Fri, 22 Mar 2024 18:32:04 GMT cache-control: public, max-age=31536000 last-modified: Wed, 22 Mar 2023 00:32:01 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 325905 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 338c42e4ccd475333da107485955b1cf 89223f304f86cb8c292a3acb7c640b5002b39690 333964f3284089e231f7cade16ba160392dd24eab8516c55588be6f513c7306d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4812 Expires: Mon, 27 Mar 2023 14:24:01 GMT Date: Mon, 27 Mar 2023 13:03:49 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4812 Expires: Mon, 27 Mar 2023 14:24:01 GMT Date: Mon, 27 Mar 2023 13:03:49 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	46 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type gzip compressed data, max compression\012- data Size 46 kB (45514 bytes) Hash f46320b9aad3accbf744cfdae1ddeb1f d8a1840473b5a684be32698b41fa89f410d90558 9620d074fe263f3ca0a726a56bdc3f5e2f4aff2ccfbb1188a75034002257a986 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4812 Expires: Mon, 27 Mar 2023 14:24:01 GMT Date: Mon, 27 Mar 2023 13:03:49 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4812 Expires: Mon, 27 Mar 2023 14:24:01 GMT Date: Mon, 27 Mar 2023 13:03:49 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b00868-d4e4-49ee-b488-491632971243.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b00868-d4e4-49ee-b488-491632971243.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10282 bytes) Hash 675f061936669e9de498cd16bfc96379 00235db033dbeb738db9633e50c8666add66dadb 7c26736fcd1bf736aba7d16534720e03e0527ef30f6efb98403ad17e8c11a7e2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b00868-d4e4-49ee-b488-491632971243.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10282 x-amzn-requestid: 29110a42-55db-45a2-8abf-0270f02b3017 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRi4YH3SIAMF31g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d4b68-459f32fe475dc8d439aa8343;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:08 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: H0c7tei0dk0pJQQmcORCZ8Wq9J4SVtvKl8aePWY6mDqmZcL9ofUm_Q== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 07:13:01 GMT age: 21048 etag: "00235db033dbeb738db9633e50c8666add66dadb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg	34.120.237.76	200 OK	4.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.8 kB (4775 bytes) Hash 8cc79a830964d923d24a45f5ccc9939b 557cc4827414912c41319ad961c14cce71ed4a18 b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4775 x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CK96KF9coAMFvMA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 16:38:20 GMT age: 73529 etag: "557cc4827414912c41319ad961c14cce71ed4a18" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:53:16 GMT age: 54633 etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10591 bytes) Hash 668a8a17a1bb77ea7db7fa23c9df9690 242108539ff8694a3c557d07b2b000e764a77f24 100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10591 x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CaIOwFW-oAMFgUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0 x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:57:30 GMT age: 54379 etag: "242108539ff8694a3c557d07b2b000e764a77f24" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12017 bytes) Hash e999a9d79efe60a30b2942c5f2940294 c3891c43b16521f66eb3a52d83694de2ddd39871 290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12017 x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ca6yQGNtoAMFsxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg== via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 03:34:08 GMT age: 34181 etag: "c3891c43b16521f66eb3a52d83694de2ddd39871" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10405 bytes) Hash 22905e8a7c8b1741dd51842c114a6517 c5900fe2396e0ca371c4847af4e96149850c3577 1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10405 x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRi69E9xoAMFiJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 07:49:08 GMT age: 18881 etag: "c5900fe2396e0ca371c4847af4e96149850c3577" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 474a5d47cc23e28fea70e3d32fe95427 db4e4a58803bea6ecdaf992a4fc73d90ddd4c375 831b3e8febf102b90cf79251960c1ea2f436e39dd5d5ca71facde10f67a19dd7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60	216.58.207.193	200 OK	12 kB
URL HTTP/2 lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 IP 216.58.207.193:0 ASN #15169 GOOGLE File type PNG image data, 366 x 60, 8-bit/color RGBA, non-interlaced\012- data Size 12 kB (12249 bytes) Hash f232511b689198ef4eac18e967da3040 38d0f3381708819be8db2df251be3e391a5b0ecf cf7137aae8e21d7b4a5d0a322b25dfc27c7a1e9b1a06bb4d5f813ef9e3459df3 HTTP Headers `GET /YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 HTTP/1.1 Host: lh3.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-expose-headers: Content-Length content-disposition: inline;filename="unnamed.png" access-control-allow-origin: * timing-allow-origin: * x-content-type-options: nosniff server: fife content-length: 12249 x-xss-protection: 0 date: Mon, 27 Mar 2023 10:57:04 GMT expires: Sat, 25 Mar 2023 14:47:34 GMT cache-control: public, max-age=86400, no-transform age: 7605 etag: "v1" content-type: image/png vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.comodoca.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.comodoca.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 12be5365efe5cbaba1dd696a1f9ad350 a3c7730ba19d99dac488cc3ac5a863240b86c116 03cf51ebffb7f352d08d8ed9da54ce2b51693004df5d6ea4b4e6ca70d1579d31 HTTP Headers `POST / HTTP/1.1 Host: ocsp.comodoca.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Mon, 27 Mar 2023 13:03:49 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sat, 25 Mar 2023 04:47:37 GMT Expires: Sat, 01 Apr 2023 04:47:36 GMT Etag: "a3c7730ba19d99dac488cc3ac5a863240b86c116" Cache-Control: max-age=601937,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1677 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ae7d5eeae490b59-OSL

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 474a5d47cc23e28fea70e3d32fe95427 db4e4a58803bea6ecdaf992a4fc73d90ddd4c375 831b3e8febf102b90cf79251960c1ea2f436e39dd5d5ca71facde10f67a19dd7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 13:03:49 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2	142.250.74.35	200 OK	128 kB
URL HTTP/2 fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data Size 128 kB (128352 bytes) Hash 53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 HTTP Headers `GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://www.mediafire.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 128352 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:46 GMT expires: Sat, 23 Mar 2024 10:26:46 GMT cache-control: public, max-age=31536000 last-modified: Tue, 07 Mar 2023 19:51:56 GMT content-type: font/woff2 age: 268623 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.35	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://www.mediafire.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:42 GMT expires: Sat, 23 Mar 2024 10:26:42 GMT cache-control: public, max-age=31536000 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 age: 268627 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20230322	142.250.74.142	204 No Content	0 B
URL HTTP/1.1 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20230322 IP 142.250.74.142:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20230322 HTTP/1.1 Host: translate.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.mediafire.com/` HTTP/1.1 204 No Content Content-Type: image/gif; charset=us-ascii Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Mon, 27 Mar 2023 13:03:49 GMT Cross-Origin-Resource-Policy: cross-origin Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Permissions-Policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-platform=, ch-ua-platform-version= Cross-Origin-Opener-Policy: same-origin; report-to="TranslateApiHttp" Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-fIZnDJkhqVAG-B9JofC8ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self' Report-To: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]} Server: ESF Content-Length: 0 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff

	www.mediafire.com/cdn-cgi/rum?	104.16.53.48	204 No Content	0 B
URL HTTP/1.1 www.mediafire.com/cdn-cgi/rum? IP 104.16.53.48:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: www.mediafire.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate content-type: application/json Content-Length: 18074 Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/file/f9jbx2obmzm0dgq/Coser@rioko%E5%87%89%E5%87%89%E5%AD%90_Vol.089.rar/file Cookie: ukey=0qcd1imui8o1hzfx8802j85839nl2hef; f9pk=1; ad_count=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FFirefox%22%2C%22mf_campaign%22%3A%22f9jbx2obmzm0dgq%22%2C%22mf_term%22%3A%2275d03397ef0cc8af1197ac8c3b9f1bd6%22%7D; amp_28916b=oqoiqJsYY0PR1TsqZghcj2...1gshimd91.1gshimd91.0.1.1; _ga=GA1.2.1734653387.1679922247; _gid=GA1.2.1202403200.1679922247; _gat_gtag_UA_829541_1=1 `HTTP/1.1 204 No Content Date: Mon, 27 Mar 2023 13:03:49 GMT Connection: keep-alive access-control-allow-origin: http://www.mediafire.com access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true Server: cloudflare CF-RAY: 7ae7d5f03816b529-OSL X-Frame-Options: DENY X-Content-Type-Options: nosniff`

	api.amplitude.com/	52.35.248.242	200 OK	7 B
URL HTTP/2 api.amplitude.com/ IP 52.35.248.242:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 7 B (7 bytes) Hash 260ca9dd8a4577fc00b7bd5810298076 53a5687cb26dc41f2ab4033e97e13adefd3740d6 aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 HTTP Headers `POST / HTTP/1.1 Host: api.amplitude.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 1025 Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:49 GMT content-type: text/html;charset=utf-8 content-length: 7 access-control-allow-origin: * access-control-allow-methods: GET, POST trace-id: Root=1-64219435-56497340745925a7430a76bc strict-transport-security: max-age=15768000 X-Firefox-Spdy: h2`

	ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936	2.18.172.200	200 OK	5.6 kB
URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 IP 2.18.172.200:0 ASN #16625 AKAMAI-AS File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators Size 5.6 kB (5554 bytes) Hash 18a6bc0e051c0767f814f63ff07e65f9 8fbe4eb399d8501b90276723d38c9ffb4ab483fa 26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b HTTP Headers `GET /AdServer/js/user_sync.html?kdntuid=1&p=158936 HTTP/1.1 Host: ads.pubmatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK last-modified: Fri, 16 Dec 2022 06:36:49 GMT server: Apache accept-ranges: bytes content-encoding: gzip p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length: 5554 content-type: text/html cache-control: max-age=151902 expires: Wed, 29 Mar 2023 07:15:33 GMT date: Mon, 27 Mar 2023 13:03:51 GMT vary: Accept-Encoding X-Firefox-Spdy: h2

	contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1	2.18.172.23	200 OK	8.3 kB
URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 IP 2.18.172.23:0 ASN #16625 AKAMAI-AS File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979) Size 8.3 kB (8257 bytes) Hash 83fa4b54bfea4bbaa0c8117c956efefd 78d244b62b372b08b383502152cd4b7f15017895 82787000a3d4d7eaa80e05c989100637a04573a2b151b6f80631fafda3592c73 HTTP Headers GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C359%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1 Host: contextual.media.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK server: Apache content-type: text/html; charset=UTF-8 x-mnet-hl2: E strict-transport-security: max-age=31536000 vary: Accept-Encoding content-encoding: gzip cache-control: max-age=102811 expires: Tue, 28 Mar 2023 17:37:22 GMT date: Mon, 27 Mar 2023 13:03:51 GMT content-length: 8257 X-Firefox-Spdy: h2`

	image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB	198.47.127.19	200 OK	60 B
URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB IP 198.47.127.19:0 ASN #62713 AS-PUBMATIC File type ASCII text, with no line terminators Size 60 B (60 bytes) Hash 1f196c67e4fb4ff72857a6db77d78527 520b9478cd66532bbab7efc2afefff54dcf62253 b8041ede2760d289a790f6322c24ca7f95d20333d0b7079589ae47b28c76c67c HTTP Headers `GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1 Host: image6.pubmatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads.pubmatic.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/2 200 OK cache-control: private content-type: text/html; charset=UTF-8 expires: Sun, 25 Jun 2023 05:34:15 GMT p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date: Mon, 27 Mar 2023 13:03:51 GMT content-length: 60 X-Firefox-Spdy: h2`

	simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=7B68C3B0-E092-4585-AD30-329461AA7630&rs=3&gdpr=0&gdpr_consent=&us_privacy=	198.47.127.20	200 OK	1.2 kB
URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=158936&sc=1&u=7B68C3B0-E092-4585-AD30-329461AA7630&rs=3&gdpr=0&gdpr_consent=&us_privacy= IP 198.47.127.20:0 ASN #62713 AS-PUBMATIC File type HTML document text\012- HTML document, ASCII text, with very long lines (1524) Size 1.2 kB (1227 bytes) Hash 3cb03cadec2bde9eb828bec623daa061 5468ddd1ad89697d9208f9b0ff5927c70cfc089b 9e47232859ac129bb65b00c88bce1381a008e5905c39feb264d2e02d1d5c65ae HTTP Headers GET /AdServer/SPug?o=1&p=158936&sc=1&u=7B68C3B0-E092-4585-AD30-329461AA7630&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 Host: simage4.pubmatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ads.pubmatic.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 13:03:51 GMT content-type: text/html; charset=utf-8 p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control: no-store, no-cache, private content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0	104.19.215.37	200 OK	0 B
URL HTTP/2 cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 IP 104.19.215.37:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/1.1 Host: cdn.otnolatrnup.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 27 Mar 2023 13:03:48 GMT content-type: application/x-javascript; charset=utf-8 accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version vary: Accept-Encoding cache-control: public, no-transform, max-age=900 content-encoding: gzip p3p: CP="CAO PSA OUR IND" access-control-allow-origin: * last-modified: Mon, 27 Mar 2023 12:58:18 GMT cf-cache-status: HIT age: 180 server: cloudflare cf-ray: 7ae7d5e75efe0b31-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	prebid.media.net/rtb/prebid?cid=8CUO2689O	34.107.148.139	200 OK	0 B
URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUO2689O IP 34.107.148.139:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `POST /rtb/prebid?cid=8CUO2689O HTTP/1.1 Host: prebid.media.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 2516 Origin: http://www.mediafire.com Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 13:03:48 GMT content-type: application/json;charset=UTF-8 cache-control: max-age=0, no-cache, no-store, must-revalidate pragma: no-cache accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model expires: Mon, 27 Mar 2023 13:03:48 GMT access-control-allow-origin: http://www.mediafire.com access-control-allow-credentials: true content-encoding: gzip via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Google+Symbols\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap	142.250.74.138	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Google+Symbols\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap IP 142.250.74.138:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /css?family=Archivo\|Arimo\|Bitter\|EB+Garamond\|Lato\|Libre+Baskerville\|Libre+Franklin\|Lora\|Google+Sans:regular,medium\|Material+Icons\|Google+Symbols\|Merriweather\|Montserrat\|Mukta\|Muli\|Nunito\|Open+Sans:400,600,700\|Open+Sans+Condensed:300,400,600,700\|Oswald\|Playfair+Display\|Poppins\|Raleway\|Roboto\|Roboto+Condensed\|Roboto+Slab\|Slabo+27px\|Source+Sans+Pro\|Ubuntu\|Volkhov&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.mediafire.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 27 Mar 2023 13:03:49 GMT date: Mon, 27 Mar 2023 13:03:49 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML