www.mediafire.com Open in urlscan Pro
104.17.151.117 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Submission: On April 30 via manual (April 30th 2025, 12:32:48 am UTC) from US — Scanned from IL

Summary HTTP 185 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 46 domains to perform 185 HTTP transactions. The main IP is 104.17.151.117, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 29713.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2024. Valid for: a year.

This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.17.151.117 104.17.151.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.42.32 104.21.42.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.63.106 104.21.63.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	172.67.199.186 172.67.199.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.86.69 18.245.86.69	16509 (AMAZON-02) (AMAZON-02)
2	104.26.9.66 104.26.9.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
22	52.57.221.121 52.57.221.121	16509 (AMAZON-02) (AMAZON-02)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	104.22.4.65 104.22.4.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	54.201.228.35 54.201.228.35	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.72.6.211 3.72.6.211	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
11	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
4 7	162.19.138.119 162.19.138.119	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.95.98.65 141.95.98.65	16276 (OVH OVH SAS) (OVH OVH SAS)
1	18.66.102.2 18.66.102.2	16509 (AMAZON-02) (AMAZON-02)
1	18.173.204.202 18.173.204.202	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.39 178.250.1.39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	54.220.144.202 54.220.144.202	16509 (AMAZON-02) (AMAZON-02)
1 1	74.121.140.211 74.121.140.211	30419 (PAEDAE-INC) (PAEDAE-INC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
3 17	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	95.100.185.43 95.100.185.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	103.231.98.107 103.231.98.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.2.233 37.157.2.233	198622 (ADFORM Ad...) (ADFORM Adform A/S)
4	103.231.98.109 103.231.98.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 2	67.220.226.232 67.220.226.232	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.38.113.7 54.38.113.7	16276 (OVH OVH SAS) (OVH OVH SAS)
1 3	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1	104.22.51.98 104.22.51.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	() ()
185	57

32 104.17.151.117 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.42.32 (None, )

ASN13335 (CLOUDFLARENET, US)

the.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.63.106 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)

privacy.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-69.fra60.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.66 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.econventa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
econventa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.57.221.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.4.65 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.228.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-228-35.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.72.6.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.19.138.119 (Frankfurt am Main, Germany) 4 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-2.fra56.r.cloudfront.net

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.204.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-204-202.fra56.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.144.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-144-202.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (PAEDAE-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.185.43 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-185-43.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.107 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.233 (Denmark) 3 redirects

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.232 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.113.7 (France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: falcon-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.248.119.252 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.51.98 (None, )

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (None, )

ASN- ()

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	mediafire.com 1 redirects www.mediafire.com — Cisco Umbrella Rank: 29713 static.mediafire.com — Cisco Umbrella Rank: 40699	350 KB
24	googlesyndication.com 8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 235 pagead2.googlesyndication.com — Cisco Umbrella Rank: 163	230 KB
22	ezoic.net g.ezoic.net — Cisco Umbrella Rank: 14699	37 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 306 ad.doubleclick.net — Cisco Umbrella Rank: 225 stats.g.doubleclick.net — Cisco Umbrella Rank: 302 cm.g.doubleclick.net — Cisco Umbrella Rank: 413	287 KB
15	google.com translate.google.com — Cisco Umbrella Rank: 1948 analytics.google.com — Cisco Umbrella Rank: 270 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 689	103 KB
10	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 822 ads.pubmatic.com — Cisco Umbrella Rank: 831 image6.pubmatic.com — Cisco Umbrella Rank: 1102 simage2.pubmatic.com — Cisco Umbrella Rank: 1454 image2.pubmatic.com — Cisco Umbrella Rank: 1404 simage4.pubmatic.com Failed	15 KB
9	id5-sync.com 4 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1004 id5-sync.com — Cisco Umbrella Rank: 674	69 KB
5	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1749	2 KB
5	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 17263	10 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 1097	3 KB
4	yahoo.com 1 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 3825 cms.analytics.yahoo.com — Cisco Umbrella Rank: 3183 ups.analytics.yahoo.com — Cisco Umbrella Rank: 828	10 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	11 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 621 dis.criteo.com — Cisco Umbrella Rank: 1076	8 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 566	2 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1291 sync.crwdcntrl.net — Cisco Umbrella Rank: 1273 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1410	14 KB
3	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 578	282 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 117	335 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2506	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 443	2 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1376	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 128	22 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1760	673 B
2	econventa.com cdn.econventa.com — Cisco Umbrella Rank: 45608 econventa.com — Cisco Umbrella Rank: 39625	58 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4656 api.amplitude.com — Cisco Umbrella Rank: 4546	22 KB
2	ezojs.com www.ezojs.com — Cisco Umbrella Rank: 21592	89 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1678 api.btloader.com	21 KB
2	gatekeeperconsent.com the.gatekeeperconsent.com — Cisco Umbrella Rank: 29118 privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 45570	4 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 1234	610 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 5065	439 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3567	402 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 2902	550 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 771	1 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1787	881 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3225	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 1117	13 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2873	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 426	850 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3661	4 KB
1	eu-1-id5-sync.com lbs.eu-1-id5-sync.com Failed lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1249	289 B
1	google.co.il www.google.co.il — Cisco Umbrella Rank: 19752	408 B
1	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1334	74 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 136	14 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 782	7 KB
0	33across.com Failed cdn-ima.33across.com Failed
0	mediafiredls.com Failed www.mediafiredls.com Failed
0	dns-finder.com Failed ag.dns-finder.com Failed
185	46

	Domain	Requested by
25	static.mediafire.com	www.mediafire.com
22	g.ezoic.net	www.ezojs.com go.ezodn.com www.mediafire.com g.ezoic.net
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
13	securepubads.g.doubleclick.net	www.mediafire.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net
7	id5-sync.com	4 redirects cdn.id5-sync.com
7	www.mediafire.com	1 redirects www.mediafire.com
5	btlr.sharethrough.com	www.mediafire.com
5	go.ezodn.com	www.mediafire.com
4	simage2.pubmatic.com	ads.pubmatic.com www.mediafire.com
4	c1.adform.net	3 redirects ads.pubmatic.com
3	cm.g.doubleclick.net	3 redirects
3	match.adsrvr.org	3 redirects
3	analytics.google.com	www.googletagmanager.com
3	www.gstatic.com	www.mediafire.com www.gstatic.com
3	static.xx.fbcdn.net	www.facebook.com
3	www.googletagmanager.com	www.mediafire.com www.googletagmanager.com
2	image2.pubmatic.com	www.mediafire.com
2	uipglob.semasio.net	1 redirects www.mediafire.com
2	ups.analytics.yahoo.com	www.mediafire.com
2	ib.adnxs.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	www.mediafire.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	cdn.id5-sync.com	www.ezojs.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad-delivery.net	www.mediafire.com
2	www.ezojs.com	www.mediafire.com www.ezojs.com
1	api.btloader.com	btloader.com
1	um.simpli.fi	www.mediafire.com
1	mwzeom.zeotap.com	www.mediafire.com
1	cms.analytics.yahoo.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	token.rubiconproject.com	www.mediafire.com
1	sync.mathtag.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	fonts.gstatic.com	www.mediafire.com
1	www.google.co.il	www.mediafire.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	hbopenbid.pubmatic.com	www.mediafire.com
1	econventa.com	cdn.econventa.com
1	translate.googleapis.com
1	api.amplitude.com	cdn.amplitude.com
1	ad.doubleclick.net	www.mediafire.com
1	www.facebook.com	www.mediafire.com
1	static.cloudflareinsights.com	www.mediafire.com
1	cdn.econventa.com	www.mediafire.com
1	cdn.amplitude.com	www.mediafire.com
1	privacy.gatekeeperconsent.com	the.gatekeeperconsent.com
1	translate.google.com	www.mediafire.com
1	btloader.com	www.mediafire.com
1	the.gatekeeperconsent.com	www.mediafire.com
0	simage4.pubmatic.com Failed	ads.pubmatic.com
0	cdn-ima.33across.com Failed	securepubads.g.doubleclick.net
0	lbs.eu-1-id5-sync.com Failed	cdn.id5-sync.com
0	www.mediafiredls.com Failed	www.mediafire.com
0	ag.dns-finder.com Failed	btloader.com
185	71

This site contains links to these domains. Also see Links.

Domain
download1979.mediafire.com
blog.mediafire.com
fast.io
mediafire.zendesk.com
translate.google.com
twitter.com
www.facebook.com
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.mediafire.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-30` - `2025-08-30`	a year	crt.sh
gatekeeperconsent.com WE1	`2025-04-14` - `2025-07-13`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
btloader.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
www.ezojs.com WE1	`2025-04-22` - `2025-07-21`	3 months	crt.sh
*.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M03	`2024-11-14` - `2025-12-13`	a year	crt.sh
econventa.com WE1	`2025-03-20` - `2025-06-18`	3 months	crt.sh
cloudflareinsights.com WE1	`2025-04-27` - `2025-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-02-06` - `2025-05-07`	3 months	crt.sh
ezoic.net E6	`2025-03-13` - `2025-06-11`	3 months	crt.sh
ezodn.com WE1	`2025-04-12` - `2025-07-11`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
ad-delivery.net WE1	`2025-03-08` - `2025-06-06`	3 months	crt.sh
*.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2025-02-07` - `2026-02-14`	a year	crt.sh
*.gstatic.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
upload.video.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
id5-sync.com WE1	`2025-03-26` - `2025-06-24`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.google.co.il WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
eu-1-id5-sync.com R10	`2025-03-01` - `2025-05-30`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2025-03-25` - `2025-09-18`	6 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2025-04-12` - `2025-07-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3 months	crt.sh
oa.openxcdn.net WR3	`2025-03-12` - `2025-06-10`	3 months	crt.sh
esp.rtbhouse.com WR3	`2025-04-14` - `2025-07-13`	3 months	crt.sh
tpc.googlesyndication.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-18` - `2025-07-17`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2025-01-07` - `2025-12-22`	a year	crt.sh
zeotap.com WE1	`2025-03-22` - `2025-06-20`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-13` - `2025-12-14`	a year	crt.sh
sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-02-24` - `2025-08-20`	6 months	crt.sh
api.btloader.com WR3	`2025-03-28` - `2025-06-26`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Frame ID: B009E759C494F22B339BD0456107AB15
Requests: 129 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: A15C8D51AC91D63809684750E8F154C5
Requests: 4 HTTP requests in this frame

Frame: https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js
Frame ID: EA95DA2BF1AF7D629D0C49447940D6E5
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: B4BEF85F8B1C116CB65FC941CCBA5112
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: EE3DF780D7271694EDE2CADD320C6174
Requests: 1 HTTP requests in this frame

Frame: https://8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com/safeframe/1-0-43/html/container.html
Frame ID: E575E1998D8EF5C6EFFEF1CC389F0E29
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS2EgkDT9EG77Mx2EinhnyUocV-fJJmDb-oFtjnZ2oT-beqEdnmOqaNT0_jA3lZ3JddDdcMOOZBEvEu7Z__2xNgRjOuOUyHiK3m1TYQM2DBl74A0Ky_3FrR_nQOpwZ7J2oUsCqkNTvQ6XUeWCnS5yiACPY-m8vnkyVxvumGSIq5tZg506ImqOLl0fOJFjd5SE8UfA4rf6_tLz51PhJjirih2UfJSuTcs9cQkSIL15wfBcP8qqObYJC0BD8lVvQJPGJwonzxbF9ShL27-WbHrw8lT1XmxOcyxuw9b4kc4YjAidw9b9DVqU7oX_hk1NQpPBh_2HH49h_43rRVw8avc_ahdsXeU6yjjsnnUVx77bfgC6_KyPEQ7z9uO2-KbkZd5psD4gazHBTb7rbGVQWT9QDsLyCxCYal1tA_BqsrtoK&sai=AMfl-YTjBN43KMoisZXB98HdgBZvXOSwMMTKO42gZuEtuGG8I-0IPo3eqQh48Rw7nau5LLDRfua5eLWyR8Bu9a0g1pvW1rwM0laQi2EpsIy7d9liVkUYhx0Le9FDDJfAmzs4y4l6biaGyrp55pATPR6DFA&sig=Cg0ArKJSzCJdpbTH2P1iEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4254710480805BEC1EDA3E848AB0902F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf6ny9RYXcap_v2Nc72d4nTxsKAPmwwLQM_DHeYvWAkOY7Gr72Jse_-i5uRrL2mLclo9n6W53g9YJ-aK1THRYo0hAZGhw8bMYLzsI7IY7ZDegEEElCYvHgm40xcOBl3fuV3Mp1jKWmYO1WzA-PXSVAeTdobovCKLqLToK6_2PEB5A876FgBSm7rtwWWm5PL74mIWCqI5Lkh6J8Qak9Q6QesXWe3Th18do4b0sCkXGtIUyeAKs3KRFz11sOENtuGxm0A5j08QRi13WlgGmlvSGKTx5LF2NPDZ0w-04Za3V_FYvMo6s62lTqJd-XJ47TSoeHFUC-cXuXlylsR4R9HsTLUDNqcMlhvc7VI_kimT0KFPsOi7osHaUaevbyGmKQO__rgp-5hEK_G4LNd88ubVrHU3jWGtYs9ueFC7JZuKDV&sai=AMfl-YRDqD3wvw-Ay6oK-IlSQzy85x44leIlpVE-xULRC9y7YIavI7bdsVY8oJw1kknjMaQRMOw-M1JqYmmb2mH6yX_Ywbz9yz6Ya-T3CUY6IzDzLkaButoq3ZeDmVfwnM7C04JGmlWmvNptEsZ6M3L29w&sig=Cg0ArKJSzPm9MUpWbRrvEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: ED3F4EBFA7C867515FFF3925BF17ED7A
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2qwVEFYNYBYoVYDCp2cYt35E2-qrqt9iwF_IWJzh_PK60jovr-KNT53AfKhFmKECCvq6c_TvHFj8cLarf8QGsg1rLl_e8SJU4RiAfRU3KvuIEYUt_TtHxOsEZ-q24FZ-I_usRJPpO-hkZOIc4pepqqy1XKdj-IuiklgcA6fA4rkF4HyLS6ViifB6avKjFKUjqW-96pzlgNos7EtxxGQZq-x8QxsAJJaCrKjD-gg6Ig0nsLrHZU2ykeQbm7qDpzVjqXhmNxRvMHdq_6pacR4X58KHGbR2LGNHdVlX-1Bjf6LyqzXGAbMrb3suG2WaL3kG3ut3Q-CI7jcofgoDCakA9WLWWfRXZl_Xz_ouAkfjH1i2e3wtkeOx_1hOPYnEdaWG_CKJewNwqNEN1SKSnaMliDjljYpj27ZhBm4SfhZ1U&sai=AMfl-YQNg-UXXM49jiPhvVN6Mp45-PRzSmwpI1mPTlQjzqkDA5nZ5TrqPbtqYeSZd70q6xTRJMsPSAj8MbpmrYwlT49S-CNwKEoDliGg_csKaElbasu3PmSbMiLK06Okdqqsta1A2RyGDLEL3Yy1jRaX&sig=Cg0ArKJSzF7GXqU6mvZOEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7965BA0836FB5786B5A02E1235EA1039
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: A15FD2CD0561C8CD0E3E8D0280BC159A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: 203C9F7AD6D64210819B56212E6D9C97
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=
Frame ID: 04896C157CEA998DB2137A00A20257C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2762283829040849321
Frame ID: 9C1CD2825E0BC2CBE610C6DCFA46ACC2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 612CE28056416D2A081EC4ECE743E045
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 6B69B486483AD3C9673CDA90338EEBFF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4089434452386030344&gdpr=0&gdpr_consent=
Frame ID: 024810665F5884B5F8493D3983ADA9C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IterationT v3.0.0

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

185
Requests

93 %
HTTPS

0 %
IPv6

46
Domains

71
Subdomains

57
IPs

9
Countries

2101 kB
Transfer

7598 kB
Size

89
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://download1979.mediafire.com/wspo50sznzzgmkbYPupbgChlE4bl8sxbw607shdR_Gziwd3WkLKWFmHfNgfocGhMZIzQ6mdP92T_SBPXUrArSK0H3tsXCI1Y01gtwHDQr2tzF9059b_iGht0iDUm7Eo2Xg3E1qh0r5trViGFfIwaP9xP8dYRjyCVJH9eaHAyUv3W/s7ueut0kfh4mtk3/IterationT+v3.0.0.zip
Title: Download (33.5MB)

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://fast.io/
Title: AI Cloud Storage for Teams

Search URL Search Domain Scan URL

URL: https://mediafire.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire
Title: Twitter Page

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/
Title: MediaFire Blog

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjstMusTqVPp7Fi2x9EYRmKUYBuZHeelSWFr4La2E6AufZDzoc-2M3ve--8ntfHHuSDz-DHvEm_RuXJOgNNniM8YHDQB-_q3AyWn0EH6j2uk8_TwdCuvC1ghKyLXjnVrI-Ye9A8svatIJRpvDrEVpEAzrvM3sBy6MoTR0jsf77AfNDbK1WHO6wx2T4y8wWdfM8YImB14JfFoRNLNeErE9lAHSLw2XfSMitF7ySktsL8BV9lHToRj8ZBcLvml_FHEEmSa39lasbhVpAf1sC6mzc_RKw07818cgS5nBqPuBselJ_QtyGJaNYmTh3uXWKaKK-oqS_yxXDxtH-lCrL7o8t7s65PZ1lDDzRlaITi627KHmOoHJOPcvlom0jBm_mmgWwmSX7eHiBGarGsqT9DHfUKgV&sai=AMfl-YQiSXJ70GdAuFVkMIVj1tAvNx1vV_pG1zKY_W_pgpj5N4L5GhSSlHOvVt0TMFeS3u8VQ1Gvhag5we8lXpmH8HxoaZSG0T8WT_YpRsUiwK_-xX8kMrPkhokEVZvn8JYgmM6mLFT_fdfUKMtZEfR0Gw&sig=Cg0ArKJSzPVcS-TgH_b1&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.mediafire.com/upgrade/%3Futm_source%3Dhouse_ad_360%26utm_medium%3Dwebsite%26utm_content%3Dturbo_downloader%26utm_campaign%3Dv01_336x280%26mf_source%3Dhouse_ad_360%26mf_medium%3Dwebsite%26mf_content%3Dturbo_downloader%26mf_campaign%3Dv01_336x280

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJERVIDFuFe2Guhvp5wLnynaquKkahTPR0xdy8MUEz6OXao_d57CuzsU74Rkst7jVfcZm4Y8pJRpI9D7sV6sNi7WQLBde2n4mVd-qB3K-FXOFu3HfnzXAS_IloOL2_N3RfLLg-XHfTz-tfuwvg0VT1tzugXJPRge-UbEuPt0vTDrhnkW62TofdUXK4NsPWsqy4a2xvacTfHLBssYb5xna2L9J7dXKiVAB6wGE2SYHl-9kgpORJB5v93SLx0r3iO2FZWyUkeVFFksly13Kzc6CkJrbhx3wlDIQnRohqgazMkuAKcE04BuTPMyA5djVAPnDWALOyFta77iMMVsZ0RySp5KdGYTiwgvSN5H7e6vM_DXkTRBlEJmX2C_x8uu1bEg-Uf7tkgO7hS-k-VlOxCd5QO7RYK5h7Lnrg8qhMXrAhQbxmYMGjty2Zn4nvqpv939NGa5uy3Eub9Q38LkNt3ys8yCa0i5t4p8RWuYWF6IfzWjTu46dLKTi_bOz-I7qlpTSmV99m_pP8m3emra8C4MSGQHi3d98HoWTLQq3PSehwx36y3rJWJb6mx-b7u4SZzJpbNB88ek23gIXhfm7eIEZje9CLuKKFPTMgOvNf0r0XHm1y6x-cS1YnM2PBvsHpBeFpc6DCy_MPj7WHNEn3RtbeO6R0F4XtykgTQ1BBgqP6ViPBngpWDsntGaEa3m3RyfTOG8VSYMwCS6LyDh9lIogB0p72hkTrr8uK_ZCuZqbaCvnO2HtJjF6lHMghfiofWxvi80xMiB6IZWyjIoV0PEkfua-f3w-BE5sFWtHLjjtpGgZF0eZBfmVA-WtuKcIad6ZpzpJ5D1lbf8Rh7IwCbOnJJjeYFeSWgd6uxd7Lu9G2k5gmL9weoS99V3J1TzrQM1TgEaKnnVhcLNHgzdLpUY5q1CRpFwQaqjW96cC9fADRaMHbDX3Ffg0KAVoeqK_JVlAcx1_CZaYm8W3IOsmykB2yZrCKiO4oTtK2XKlzWruOja2yX0HR-mB2PLFBk_dDKwK8xdgbmssAQ9ImdxP5qr-4I1r7-lcZmVY6mLnznz7ihqDuXytvMppEQiogzeKURJwV8gv2h57REvT2AYzyfvfSoNH1HoG7UwaYBc4yG-rlxM-67osj9HzXTqG6ei4VEg7cznRpgbKU15H2-4sMlRrXDpzPOFvtF8_Z6czOn5YXzkE1M9CGwaH_YQ8MO1hi2Tiug4qyN0-EsNet9NQz5iijr29LR02mbBmal5YSoiDCqskgdADFDAQQB8Xf2j9-qBmXKqqQpp50t110qVoQZ959hEdetPpomHGe4NO-QVmwwykcSlQYF3ypmNfGP1LDl_ltP_uyjkvoFF_91FCyapIMgpfsd80kWqTfyAQPzbC1wLhveRZti1AyzCO2dIoKHeuFQsJILm4XT-9wI_d1qS89K7sqwIt5ceV0vP3n7wQtTdHgJGQYc25VYHccHI29JBQcwVFAGKKjwLZPVaoE9hhXBY_SrFjKG8QP5hzVzWJ-HLNSNWgJgj3avBr6hs3vwjVkR6yVcgY4ltLUVonWbLycaS4cawfEFnyfexSIeykxZwsqYV32usMRCXF81hgC4rBf9w22KS78KsJ&opi=122715837

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssXKaSo33fyaGH-QCZKJRu1GJeFDG7ZXmZI3AZe-3UYevEt27IYHubUS7NopFjmhM1KrBfGjQBAh8_1yYnnXqAPkaew5J_myzctbvaahqQ5AJktUmaGUw8XoCwS7jl57dwGP0B3ano-9BGCtwaUIrWrm249TkYDam15wWKZl5I94L50Ra4_UL0HS3ZZswtwrvQRqe2cTtQus-SnVbxkUMtwbDXv0Fz997HM91yPmNUdMYLuDpHgT7CX0bpJ0eNhpiCAcJ8C84iRF7xAYKB5M4h--Dn3Hc7SuhCrwc6zD9v5PhHN33YBirVaiEjNgP9bdHaMMS_-eIuJ9M_OTc1j37LXQeDperwk9FmduA24xs5xZvbhYFb3gEXWQSpNHXmDYUSF0ap_hCtBwUJV9vM84LJu&sai=AMfl-YRjBvlgxo4yfwc-LgLeHXOCs01iEKSz_Nga5cSGyfPZVMLzlOB0xDjXubUuWDOYxZ2AJZ_CxkpSDGkhMj_-OMHT9qhcZo9FVTSkvsvOTA6IrRHt66ofzLcBT63UXbFEntkF8GDXwKEKj7WQsrxq1g&sig=Cg0ArKJSzKE5izNhzLCa&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.mediafire.com/upgrade/%3Futm_source%3Dhouse_ad_360%26utm_medium%3Dwebsite%26utm_content%3Dbulk_download%26utm_campaign%3Dv01_728x90%26mf_source%3Dhouse_ad_360%26mf_medium%3Dwebsite%26mf_content%3Dbulk_download%26mf_campaign%3Dv01_728x90

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJEROKxGbfpc_lkJry3CObB-y31jbebY_YASmxyOXXsisQQVhDaZ9Tq9CTsEahRwN5mEh6jUfSET4j6fyMmgGMmdxiBOlymoMgK1zQ93Avf9DL5UaohmoPgv8mukCwgzKvt9brzCFdK0ookDMzSGEYv3VSquI2_aWvLRpz9-y0IZrm44SC9ckHTLUzuYgeoIeEOTLczTLgsXINy8XMxQx0aPondPxiYH6dl8MhpqojHOo2k5lNrhgtIoruwqbqHtY-BnizO4ea0oZSKS3R6p8LaUA8kzxCmPhi1h3eKHoaeX8R8jZebtadsVZTwmYCdVya9QOEBWIbfpr90MJiSaSvpQwCymaJlcfMa0GAhTq3WP5AUeTTI_LmkvtrOM50UFOw1eHdMCCB3zTSYEZuLILw090SWutWBkc65Bsie6hMdE3xyV2a8OEwqoS1AuNibbhTeEa5nNcYvmJiL4N997HZNhJyfNKmfv0y2zTEQ2lv15pKVPirAJE_B_vqA7aUhaKCoT7CLCF4Nv_Zaz_c5q50wCtgYtwUvEj5M_tZgbVEDhP92OOIRIeTNPgYdi9ZiiYQm6dDhrmLfBrnUwlLSr74I92grEuqWHazJAOSIWy0xNwm4brCKSjcoEbuTfN8A2xCoX1FdQzrzxcy9hAaInt1UwCsCzrz7egFXNLrbNFzNv5d0blVwNI6U5KiL3oTV7TiG309bq7nw_5EOdSpTRIGZpXiaSzUmuQ0Jalc_0FbBDDNa2KEXtmkOF8NU-5a2p9MnqCWiwXJ5SDoovmEydSMFSiYTq-LUnvyz8dPTKXTFdFAXfODlq-A5qjSHRVcJ9Yi8Mh0N8DjYb4BkGphsz9TLTCegb67GAhnF1gqQPzrTD7yImM2LcOomPD2Z-rAu7jUd0fZB4j4i6qo7EpDacayIRpcoHtUtKZsR4ySTlCdJi22brLCiJwU1wewPRaWEy5iY7OuBg_dk_8x84PIFcZXcn8Zmfkn6olkO3ADiszX9AorsZVxVxhs71qDXtcJ13W2Mltwt2sXkLYmHdrCeopeK7K7gJcrhwMRhIVsnHg3xehtsCL_Yi44eT6ak5OHwoHlZt-t1UnlIxuE7Ue1hlh7O4_vrpPRTRNpd_illwyeeVFtNdO4_npqNCqc2Z9-e0lAx_P6ZiOnsjKNWtW7yRa0dTQiTto2Yvs-dz7c7ulryf7s-Ag1BUFNCHu20X--1orareKV0lfPliZc8lOBvZr7sI3ke6HDJ-5jP7Z9ACVm5fOJaGnWr5Bnw7RuEHLMBvJQRkQpectzlC8IJBoY7WOSulwqhEEVghcyBg227VzZiVTePBuePrl6oJkharFC33jrz1a2D7pngbbQfRRHRjw6AX7zdMa-7n2YgclpIGus1avriU9KotDmrUMn5_SDkplfNxPOYavIn_hBRTPYZ6aiUednPulMegJMY7shbH7GdT2DBH4UBVz7jaSjmrWBU83wNEYSGUVi0GDpo3lX4Ewqre93bP9ZYyILzgw6GyO0l0anKOgI9f9BpMwyar3VSet5qNYxnG3wzkknU8zunyrLtU310CVU-DxjiHJ--rYLFJpOiIRWeEOEVbir5PwLJAIi8qb1SczUC7F&opi=122715837

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsv-5ugHXVazoKAl-KWAvvHrgI8aDZDIUViQhWXBHMXpQGgYBy8UxIKiuLcPMHVqFFUtVqZdadblZSRdkafefDFyjpZOPJ2bnleiNIKnl0y39LBfLJVAwwyWfUyQWNZonWjjuU0u3Z4cgX_CdQ1nR1UfetwjgB8lJi4U5uhHhv7jdGdBHK1zKbu7TRHy3m4N0kfOv-U4pUhyek-d1o7Zcw0xOklsCCy4q1ooMzUa27VmR6B0hFiqbJ102D1yRqHJz39KopPnRsBwnr1p6u78z0AsUT5crKGrHBZMMbkGNtARwBfjMo28hoU5Tx1TgKVzXK0eojf6jirA2emrhkr9gpJgpDKSTb_XL2651Svqy2Syvjw_gFzxdbk9MAOnUeUkYJ_eyR8KRrsHC67xonqjFEzE&sai=AMfl-YTw5GvBvIQ8PkEGhtOjap2rdL76chs1ccgYahIrbmCuzoOVyBVUJeeqXhFpXJcOQ2uO74fg_IroANwmjRB21dzUN0uGXl6GbcGJ5Uj8efIpV_5uMoDFR7kq2V23Vdpj3omN6fDLxVwkjy4rwb1v&sig=Cg0ArKJSzN2iONhvM4VH&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://www.mediafire.com/upgrade/get_plan.php%3Fpid%3Dultra_50_monthly

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AdhHJESXLq0ojt2wLRgZDJMDMikKsRQzWqvgGtLz5LhMXyQKjsGmAWXdNAZ8v6EJSWkqm47zOnO5hMyDgT3uf8ejozIVUd9hj3qKXX_eHwKP8CI7a4UYADLeW9F8PzyAkie3jq0pAwIvrWanUWLwD8Zkc94zyos62qXyLobEmI4DBCexAj9K8V_eCGEC9ZDEKcH5Uruq_fVVJLVDjolTNwXASuMAoT0f_LlSZ70tx7mfZo091H_2j9hYvTEh_TTxaEPWVOOM1v_Wtu6WlU6FCH3y5Bn5yj85boBvtRApLwZRJaUdJvrch8m8ad5ozAolJ90uW-ltX__M-GnOlh6l_ke5fJ_q-OLl6eqel9eqlniGdCUKXxl0PMX0UWkaKC8Vamgaxqs1XxSrh-goA-C8YLrjfYhJl9fxgMRvyQRvx22FwRJ_iDH825YGmq7O4YZrRESJVgOOBNI4Roq50vQ4f41MklcVtVwdVA_3p-9qwiTxqCVoyRg3bcwb-jsunO6qDBmtLBv47Fw5FtgBPKCRxo3vywEMr6JMlWmJCo_asoeKYaOpaYgmtvtPzs9fafky8V4owhWh4-CYaZXoutFplPgdgLugVvucdiwn3L8JpLaycsRCQ1e4NlricLniFx_UacD-Xv6PjjXDwxyv7gE3IBNQUZtONOj05Qo6NzUKWY0X3GyLXdqIjcVfRvzU2-rzwmtB3yWI9We1FVXcG9dkB-EeRy25iGB3us99GlN9X8t_VRT3HJZe7P6cQzj6kkDpnHcKl85rDDMK3jTHItcUC5_TxkITlbIHb6CfrnysdkXkqQ_0ZYauuYSXtV0r84a1Z8nh-LxaRS5v59AuRy9FSLzulcHvTQ4GTlAcCMSdolsq47ZmKHpwNXT1b99pLWkupHUsrm5qTddRKai84zzs1qmJJmi-f1UG4zIuORN1E-6YQtDNm4r_SG-5IrOsNAdZRbJQpF3OpOjWZlFkQ2orNo9xSyQ3xb48_WaEjL3qww-K-OpcMmN1Cw6kwIeMmdcwy687bNOFhWxu3_zHq5yRe8idEIaHrc1Lv1ASqsWNFpsoZTrdov4rTXoVvr4nSvz7dy9tkJVgW4Hr7a5zAb3yavNKoi9chm5dJpsTZzdWW_bVHxnumzg7Hndkd3bE3hO7bJTPAhJfuNRWhp33TifpHrbER5Cg9lVMswo94BJZQRfe0PvJd4oMvTgc-04w2J4sYB2U_o6LUQCQvT0xdlkEmcniUY5eqFNVgiWb2dxYj-b-TSV2z0SDx_NgJ03RnjFYHhIWDkiBc9dRjUb8OyPA3dlkMH3a8dDVEC0YYoeWyxMnYfFLo2rk2wAcgqzt5NAnxTTkIRJt98wBKYT2BN3FYXfTCzErLEXAIun7KjUvd6W0eaYJRX3qnP65cqB6Q91PJhPydSb1ShO6sGpmfg7jCJTTv9dQYfjVWDrgQ4n2i50GG77IxUXqJ4HGH9hXD6oD3TTXf4HWYLgzkTtpEyvquOEwlEywRFeFxp1IRsOl3ySwK7oixX7PBPWV4QKq97Z9_lX3yVe36vakgkKtAzbzTwrypLLtqNRJf4CQ5oooERC9j9u_cmGYQkF7WiYJ6QQzIxi8Unp_JmDcFw&opi=122715837

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js

Request Chain 122

https://id5-sync.com/i/457/8.gif?o=api&id5id=ID5*Z-j921r9zWx2jiHtZhQiv-9uAICg-g76c1OHbgOgEt8UCLjuR66MwRCGpu5ViyXU&gdpr_consent=undefined&gdpr=false HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=585ef1bc-6a51-4f03-ae00-0817de9e19bf&ttl=%%TTL%% HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/457/19/6/3.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/457/19/6/3.gif?puid=6738f21a42b22f88cfaa3223db30ab2b&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f5fdWyBW03dTulJnybkA7rObP6EnlUVyjhzRAn2JYA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/457/3/5/4.gif?puid=08236811-6fb6-4d00-a596-f6bdd593b426&gdpr=0&gdpr_consent= HTTP 302
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

Request Chain 168

https://c1.adform.net/serving/cookie/match?party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=

Request Chain 169

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2762283829040849321

Request Chain 170

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 171

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 172

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4089434452386030344&gdpr=0&gdpr_consent=

Request Chain 173

https://pixel.onaudience.com/?partner=214&mapped=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent= HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

Request Chain 174

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU5Mjc4OTAtQTg0RC00RjY4LUE2QTUtMTZFRjBBMUQzMDlC&gdpr=0&gdpr_consent=&google_cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jpJ4kKhNT2impRbvCh0wmw%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELGaZ4og2Qm8e8eAvduYg6k&google_cver=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1

Request Chain 180

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=585ef1bc-6a51-4f03-ae00-0817de9e19bf&gdpr=0&gdpr_consent=

185 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request file Show response
www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/ 347 KB
88 KB 816ms
734ms Document
text/html 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87056db5e29b24140f294a640ff2de014d976c9c685e0f8c120c1bda006ad38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: OPTIONS, POST, GET
access-control-allow-origin: https://www.mediafire.com
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 9382f1b2fb2dc22c-TLV
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 30 Apr 2025 00:32:49 GMT
expires: 0
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfExtPri
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-mf-env: liveApi
x-mf-fe: mf1
x-robots-tag: noindex, nofollow

GET
H3 200 cmp.min.js Show response
the.gatekeeperconsent.com/ 8 KB
3 KB 260ms
136ms Script
application/javascript 104.21.42.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp.min.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ff1aa498c3e7899a1ba72cea996bea56b397a6e93864cff709ce8d1776e5ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: HIT
age: 45
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovsGuGfUErdaxpCFOVpCUXd9UrRWskcyXb7ID6rKQIe0jgjwznpLkH7hpmGcj%2BI1z43DGczCu7utcD96TP5n%2BawPk8NlU%2FCdz3S9FdeJayV4ks6bT2dIJN0AV5UeDTCnENfFU8DrV2L%2FgmYS"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=119654&min_rtt=119524&rtt_var=45081&sent=8&recv=7&lost=0&retrans=0&sent_bytes=3595&recv_bytes=3086&delivery_rate=24458&cwnd=12000&unsent_bytes=0&cid=c3338d4541445dee&ts=137&x=16"
date: Wed, 30 Apr 2025 00:32:50 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 30 Apr 2025 00:32:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=300, public
cf-ray: 9382f1baebc630c3-FRA
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
88 KB 388ms
135ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

edd9ba487a93691460f1f5751728b06b4d8d25f4bb4da441750f9e6a50fbed68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1072:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1072:0"}],}
expires: Wed, 30 Apr 2025 00:32:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Apr 2025 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1072:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1072:0
content-length: 88893
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tag Show response
btloader.com/ 63 KB
21 KB 243ms
92ms Script
application/javascript 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fbeb3ea2522c23e5fc0bc3f45de1dc5b70097b978d85760de2f2e6d29513251

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "d61d771a9d404b6becd3b8ea6fa56808"
via: 1.1 google
cf-ray: 9382f1bc9b92ed42-TLV
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/javascript
last-modified: Wed, 30 Apr 2025 00:23:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 sa.min.js Show response
www.ezojs.com/ezoic/ 144 KB
47 KB 158ms
85ms Script
application/javascript 104.21.63.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.ezojs.com/ezoic/sa.min.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.63.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41da135a5039e2aad02bd25c14cf5105752de0ccbd088374499b08559d4378c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a55ed91d3f257a3cb5709ba30b200036"
age: 269
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7G6FqJm9x1mW9zy56cha%2F%2BJ2uBgrwHmCMpY%2B0CfeJqjI3QcuX7IVy5g70uAcIcg10zpX8cvtBl%2FE95yejVKT1wKPeHB4l31Rrc8OTzW%2FugFTZzoGVdISZUe5WnlNgVr"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=69251&min_rtt=69114&rtt_var=26191&sent=8&recv=7&lost=0&retrans=0&sent_bytes=3625&recv_bytes=3063&delivery_rate=42661&cwnd=12000&unsent_bytes=0&cid=5bff84b5a49864bf&ts=86&x=16"
date: Wed, 30 Apr 2025 00:32:50 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=600, stale-while-revalidate=3600
cf-ray: 9382f1bc1920c21f-TLV
server: cloudflare

GET
H3 200 upgrade_widget.js Show response
static.mediafire.com/js/ 13 KB
3 KB 98ms
89ms Script
application/x-javascript 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.mediafire.com/js/upgrade_widget.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47878b1adcd923dcfcf5d29ade971275259a236199ca23114deaaa409b138c18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-351b"
age: 8834
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 20:20:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=2592000
x-mf-fe: mf1
cf-ray: 9382f1bac853c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 zap_circle.svg
static.mediafire.com/images/download/subscription_upsell/ 770 B
666 B 138ms
129ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/zap_circle.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2fac09523ed9ca4b23fd845302db29d2c2b405457cfaa9601e9c35959e8dd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-302"
age: 452
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=2,i
x-mf-fe: mf1
cf-ray: 9382f1bac855c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 timer.svg
static.mediafire.com/images/download/subscription_upsell/ 877 B
707 B 95ms
86ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/timer.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136a2a86b537e7fe909a0479f565714e476c88055ca3fe81209e1e17c6f43bd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-36d"
age: 8834
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=2,i
x-mf-fe: mf1
cf-ray: 9382f1bac856c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 zap.svg
static.mediafire.com/images/download/subscription_upsell/ 747 B
667 B 116ms
115ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/zap.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b49dbd181c58edb92ec92edaa0f0e982d841ab735978cfe98e7ec2eb503f7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-2eb"
age: 13117
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=2,i
x-mf-fe: mf1
cf-ray: 9382f1bb58a0c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 megaphone.svg
static.mediafire.com/images/download/subscription_upsell/ 759 B
691 B 99ms
99ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/megaphone.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482a94c1ba7976b2b97757f9004facd785bee598b9678fb64e2a07542f86e5b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-2f7"
age: 13117
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=2,i
x-mf-fe: mf1
cf-ray: 9382f1bba8c8c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 crown.svg
static.mediafire.com/images/download/subscription_upsell/ 712 B
645 B 98ms
97ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/crown.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7c0df5d23898ea8e195222a6386aba911e9f282df4c0941d8baacbe35a18eea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-2c8"
age: 13117
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=2,i
x-mf-fe: mf1
cf-ray: 9382f1bba8cac22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 zap_white.svg
static.mediafire.com/images/download/subscription_upsell/ 770 B
687 B 98ms
96ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/zap_white.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91f2fceb37be6396e8f5b416d15a007ddb33034dd8496aa4a681d5bf7360761b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-302"
age: 13117
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bba8cfc22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 download.svg
static.mediafire.com/images/download/subscription_upsell/ 149 B
399 B 98ms
97ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/download.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ff39e2e085828036c40efa08d69febb971361f0c11eb21f7c382e7443c08015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-95"
age: 2984
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bba8d0c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 81 KB
28 KB 401ms
140ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

49f3a917f51991d266c8fd5337664dbffbe4997d1bc6f0a55784a1215bf70e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 consent_modules.json Show response
privacy.gatekeeperconsent.com/ 2 B
641 B 157ms
83ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://privacy.gatekeeperconsent.com/consent_modules.json
Requested by: Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/cmp.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: max-age=15780000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXGp8N6lCe4kir2Kg1bKAmZkH3WWnBvhZ6O%2Feh%2F40ZGJemHd6OhH29IBqoS0AcwnyjeIn9dRVVfQLEhWl8u8Q2lZQgtlisQA2cOJV9D0XyIp4ssqQZQZ%2FgvpubIeUTjVkUENTVsR3C3tfZpCfECzSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9382f1bc19faed42-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2
server-timing: cfL4;desc="?proto=QUIC&rtt=70220&min_rtt=69957&rtt_var=26760&sent=8&recv=6&lost=0&retrans=0&sent_bytes=3598&recv_bytes=3053&delivery_rate=41762&cwnd=12000&unsent_bytes=0&cid=d84247f0708d2b09&ts=85&x=16"
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 468ms
196ms Script
application/javascript 18.245.86.69
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.mediafire.com
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "660c3b546f2a131de50b69b91f26c636"
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
age: 721564
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: bmlbdeGwMPuuovrk4SQV59dmv9-Qi1fkdt7XEiKidoMTAAC7_-ASWA==
date: Mon, 21 Apr 2025 16:06:47 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
cache-control: max-age=31536000
via: 1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22154
x-amz-cf-pop: FRA60-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 335 KB
103 KB 363ms
256ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

da188258672d8fb00edd30cdc19ff27bb70f3573dd31c276c75cd9f55d6c5f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1314:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1314:0"}],}
expires: Wed, 30 Apr 2025 00:32:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 30 Apr 2025 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1314:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1314:0
content-length: 105047
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 89ms
89ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5813cfb2-d1d"
age: 7098
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bbb8dbc22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 89ms
88ms Image
image/png 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cf-cache-status: HIT
etag: "62deda56-750"
age: 4605
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 20:43:35 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/png
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
x-mf-fe: mf1
cf-ray: 9382f1bbb8dcc22c-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1872
server: cloudflare

GET
H3 200 icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 36 KB
8 KB 101ms
100ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-90ab"
age: 12394
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cf-ray: 9382f1bbb8dec22c-TLV
x-mf-fe: mf2
access-control-allow-origin: *
server: cloudflare

GET
H3 200 apps_list_sprite-v6.png
static.mediafire.com/images/backgrounds/download/ 8 KB
8 KB 265ms
264ms Image
image/png 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cf-cache-status: HIT
etag: "62deda56-1fd1"
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 23:01:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/png
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
x-mf-fe: mf1
cf-ray: 9382f1bbb8e1c22c-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8145
server: cloudflare

GET
H3 200 arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
504 B 96ms
95ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-13b"
age: 1782
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cf-ray: 9382f1bbb8e2c22c-TLV
x-mf-fe: mf1
access-control-allow-origin: *
server: cloudflare

GET
H3 200 check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ 444 B
552 B 92ms
91ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-1bc"
age: 1782
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bbb8e3c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ 181 B
452 B 90ms
90ms Image
image/png 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cf-cache-status: HIT
etag: "62deda56-b5"
age: 1782
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 20:25:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/png
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
x-mf-fe: mf2
cf-ray: 9382f1bbb8e5c22c-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 181
server: cloudflare

GET
H3 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
855 B 86ms
85ms Image
image/png 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cf-cache-status: HIT
etag: "62deda56-247"
age: 8834
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 19:29:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/png
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
x-mf-fe: mf1
cf-ray: 9382f1bbc8f9c22c-TLV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 583
server: cloudflare

GET
H3 200 infinity.js.aspx Show response
cdn.econventa.com/Scripts/ 179 KB
55 KB 283ms
137ms Script
application/x-javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.econventa.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c6d25ff7145b99246a13335d8b599ecccd7201d1f01aa4ded8c61ce2846da3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 158
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=128726&min_rtt=128698&rtt_var=48317&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4259&recv_bytes=4298&delivery_rate=26519&cwnd=12000&unsent_bytes=0&cid=f298d4ab33bf7955&ts=144&x=1", cfExtPri, cfHdrFlush;dur=0
p3p: CP="CAO PSA OUR IND"
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 30 Apr 2025 00:24:07 GMT
priority: u=3,i=?0
cache-control: public, max-age=1200, no-transform
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cf-ray: 9382f1bcec3a7767-LHR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 222ms
80ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://www.mediafire.com
Referer: https://www.mediafire.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9382f1bd08d2c231-TLV
access-control-allow-origin: *
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame A15C 54 KB
14 KB 577ms
454ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

14e5146cf78e50162db17e6d10194cf7dacf3f153d98ea9d102439c6dc180085

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'nonce-1o7XPTM4' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-1o7XPTM4' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 30 Apr 2025 00:32:51 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7498897666245878071&cpp=C3&cv=1022361287&st=1745973170755"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7498897666245878071&cpp=C3&cv=1022361287&st=1745973170755", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=26, mss=1232, tbw=8738, tp=17, tpl=0, uplat=334, ullat=0
x-fb-debug: YB5nZBRhV878oS4H7acODgSJXZy3e64p0iKj1cPIXct0JFi2OcMCCboF69d5HiyhFT0aG8vww51LXIOYkGjfNQ==
x-xss-protection: 0

GET
H3 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 101ms
100ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-23ce2"
age: 2147
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bc393dc22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 continent-na.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 50 KB
19 KB 92ms
91ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-na.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cfe92d9794a54258a19bfec7ae0faa73f61b66416983136594b4f95bb114dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-c817"
age: 7275
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bc393fc22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 can.svg
static.mediafire.com/images/flags_svg/ 1 KB
983 B 89ms
89ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/flags_svg/can.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-58f"
age: 6387
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1bc3940c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
455 B 87ms
87ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-ea"
age: 1782
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1bc3942c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 mf_round.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 1 KB
1 KB 86ms
85ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/mf_round.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-5b1"
age: 11018
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1bc3943c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 browser_chrome.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 8 KB
2 KB 87ms
86ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/browser_chrome.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6ba1010c2cc88c59de9e9584728da124770fa399643ffc1beffcec54b84be7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-1e24"
age: 8482
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:50 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1bc3945c22c-TLV
access-control-allow-origin: *
server: cloudflare

POST
H2 200 saa.go Show response
g.ezoic.net/ 10 KB
4 KB 418ms
141ms XHR
text/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/saa.go
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e7d15553810492d1b02ceefada455772510f699b2ec0dfa3ecb572a8078e6be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
expires: Tue, 29 Apr 2025 00:32:51 GMT
access-control-allow-origin: https://www.mediafire.com
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/javascript
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type

GET
H3 200 boise.js Show response
go.ezodn.com/detroitchicago/ 824 B
1 KB 168ms
80ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.ezodn.com/detroitchicago/boise.js?gcb=195-13&cb=5
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 4095698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BiCg1Qpfq3%2FRembZokrRTnDLTdfXj6Gt0vZDSKFhsCz68BkGUIc07KN0Ti%2BMZ91f%2BLcdUVvnJVapDHlos6p9n6ZDmSMQA1I63NZYOwO8BUqEnjgzENSqxcm1xBN5Rk8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=69927&min_rtt=69911&rtt_var=26249&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4114&recv_bytes=4582&delivery_rate=45669&cwnd=12000&unsent_bytes=0&cid=f931864fbb77b3b8&ts=89&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 29 Jan 2025 05:53:53 GMT
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9382f1c0dcb4c22e-TLV
server: cloudflare

GET
H3 200 abilene.js Show response
go.ezodn.com/parsonsmaize/ 11 KB
5 KB 168ms
81ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-13&cb=dc112bb7ea
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c02e9ba02a159b34fc2d7d2be0a743b497a6cd0a422a0c3acc88b871b2af96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 2345553
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxHZZkueysmYl9EqNrddfhIQhGBeLb0kiLaHmmP8wYp%2BqaDcmtTVGZ8d2b7ULLMJIGRbZviY5ZyxQiSgwzC8OnMmS4yW3oIVXsAnVpa6lKy%2BCuAlk5dryXXH6mfCCCc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=69927&min_rtt=69911&rtt_var=26249&sent=13&recv=8&lost=0&retrans=0&sent_bytes=5375&recv_bytes=4582&delivery_rate=45669&cwnd=12000&unsent_bytes=0&cid=f931864fbb77b3b8&ts=89&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 02 Apr 2025 20:06:08 GMT
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9382f1c0dcb5c22e-TLV
server: cloudflare

GET
H3 200 identity.js Show response
www.ezojs.com/ 168 KB
42 KB 80ms
80ms Script
application/javascript 104.21.63.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.ezojs.com/identity.js
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.63.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8787abba1a566d5492523a12b1a7f8927db9296e83ad14efe3acd1a07037cf19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: HIT
etag: W/"718d535e4044841c3640732abbe38887"
age: 282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gErKA0y3k2obO80nqKlsJ%2BgwmGgiVqkyPlY8ardqu5NoNhwL%2FasKvpk6wT059aFobRSJWAbjLlMSbKtetr%2F5IqL6mmp7ltzFeX1j19M4Ue2cDrUsihPihWR79OGi%2BKu4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74294&min_rtt=69114&rtt_var=6813&sent=55&recv=33&lost=0&retrans=0&sent_bytes=52725&recv_bytes=4433&delivery_rate=195224&cwnd=37200&unsent_bytes=0&cid=5bff84b5a49864bf&ts=750&x=16"
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 9382f1c0495ec21f-TLV
server: cloudflare

GET
H3

200

main.js Show response
www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/ Frame EA95
Redirect Chain

https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js?

8 KB
4 KB

92ms
92ms

Script
application/javascript

104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js?

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Server

104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

727fb2f867cdc5c248cd8c8733faf7bcfef375f7e757668b269e5430db35666c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 9382f1c0eceec22c-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a51d7b3d53cb/main.js?
cf-ray: 9382f1c05c87c22c-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Wed, 30 Apr 2025 00:32:51 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v4/yD/r/ Frame A15C 299 B
439 B 249ms
120ms Image
image/png 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.facebook.com/

Response headers

content-md5: OIlAxCmR79nrM/Ez4ygGlg==
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 17 Apr 2026 11:23:24 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/png
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: SL4f4nAej3RMi17YZ9rjNvf9bfBT29CpdwXasodAV0UY8ML+T8dItHr/R9LHkcaKa3WhLTVmmBVHWV0Dqx1t8A==
priority: u=3,i
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=24, mss=1232, tbw=8289, tp=12, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 299
origin-agent-cluster: ?1

GET
H3 200 prebid8.10.0.js Show response
www.mediafire.com/js/ 259 KB
82 KB 100ms
99ms Script
application/x-javascript 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.mediafire.com/js/prebid8.10.0.js
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c06b69cd980c621dfff35d647561cba5708d0c9eda20d46dc9202bcb93671d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"64ecb639-40a99"
age: 1973
access-control-allow-methods: OPTIONS, POST, GET
expires: Thu, 29 May 2025 23:27:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/x-javascript
last-modified: Mon, 28 Aug 2023 14:59:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=2592000
cf-ray: 9382f1c06c91c22c-TLV
x-mf-fe: mf2
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
33 KB 278ms
144ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

914a088b57a79f4a2726313146782807460cb9daf4a53b5f4539c3af39dfa4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 553 / 20208 / 31092088 / config-hash: 7875046863786205115
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34252
x-xss-protection: 0
server: cafe

GET px.gif
ag.dns-finder.com/ 0
0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
563 B 231ms
79ms Image
image/gif 104.22.4.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1108201
x-goog-stored-content-encoding: identity
expires: Thu, 17 Apr 2025 04:58:36 GMT
x-goog-stored-content-length: 43
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIsAVFruvg1oy8l6r0Clo5f-EzBGrTGuAqnw_RWup5zPjcSQRnT9LBiCBiHaRnpZL2owNDqHgCo
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9382f1c16fdac22f-TLV
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 257ms
124ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
age: 72651
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 04:22:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 04:22:00 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
110 B 232ms
80ms Image
image/gif 104.22.4.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.22935313646319633
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1108201
x-goog-stored-content-encoding: identity
expires: Thu, 17 Apr 2025 04:58:36 GMT
x-goog-stored-content-length: 43
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIsAVFruvg1oy8l6r0Clo5f-EzBGrTGuAqnw_RWup5zPjcSQRnT9LBiCBiHaRnpZL2owNDqHgCo
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9382f1c16fdcc22f-TLV
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

POST
H2 200 / Show response
api.amplitude.com/ 7 B
137 B 874ms
319ms XHR
text/html 54.201.228.35
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.201.228.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-228-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=15768000
access-control-allow-origin: *
content-length: 7
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/html;charset=utf-8

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.LVBTxrA1Ouc.R.W.O/am=AAY/d=0/rs=AN8SPfr0_fyxEU4o-Nwo2HW0DAs5C_RU4Q/ 22 KB
5 KB 383ms
125ms Stylesheet
text/css 142.250.186.67
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.LVBTxrA1Ouc.R.W.O/am=AAY/d=0/rs=AN8SPfr0_fyxEU4o-Nwo2HW0DAs5C_RU4Q/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.iw.srqvnacCc0c.O/am=AAY/d=1/rs=AN8SPfpPOwhD9IaEqmUZWp12f8bWv60CMw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

cab0cbd118de4f2881dbfb24c0c4a49d429cda90af998c3712103a18ad59f973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
age: 59072
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 08:08:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 08:08:19 GMT
last-modified: Tue, 25 Feb 2025 22:10:27 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4187
x-xss-protection: 0
server: sffe

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.iw.srqvnacCc0c.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfrMNlfzPBknrrMeEkRHKlyTaWfRYQ/ 213 KB
74 KB 388ms
125ms Script
text/javascript 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.iw.srqvnacCc0c.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfrMNlfzPBknrrMeEkRHKlyTaWfRYQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.iw.srqvnacCc0c.O/am=AAY/d=1/rs=AN8SPfpPOwhD9IaEqmUZWp12f8bWv60CMw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

sffe /

Resource Hash

eadb2140c433b64ca74a8e25665b4f80a54a4183c3cb01da578e7426fbae95c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
age: 106819
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Tue, 28 Apr 2026 18:52:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Apr 2025 18:52:32 GMT
last-modified: Fri, 21 Mar 2025 23:10:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75224
x-xss-protection: 0
server: sffe

GET
H3 200 Tag.engine Show response
econventa.com/ 2 KB
3 KB 424ms
414ms Script
application/json 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://econventa.com/Tag.engine?time=-180&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=65517&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=120&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.econventa.com
URL: https://cdn.econventa.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26ebf3d7ca783cdafc155bc52a425d2339d23f2c4001400a7d6963918e3123e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private, no-transform
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cf-ray: 9382f1c0ee0d7767-LHR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
p3p: CP="CAO PSA OUR IND"
server-timing: cfL4;desc="?proto=QUIC&rtt=130047&min_rtt=127604&rtt_var=3497&sent=64&recv=36&lost=0&retrans=0&sent_bytes=62056&recv_bytes=6219&delivery_rate=203104&cwnd=42000&unsent_bytes=0&cid=f298d4ab33bf7955&ts=1054&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 folders.svg
static.mediafire.com/images/download/upsell/ 436 KB
33 KB 122ms
121ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/upsell/folders.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2963508acf9e06ed042db7cd866f45005d1b49cb9306c8178cb1dc0541868dfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67edb26a-6ce6b"
age: 6291
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Apr 2025 21:55:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1c0bcbfc22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 mf_logo_u1_full_color_reversed.svg
static.mediafire.com/images/backgrounds/header/ 4 KB
2 KB 123ms
122ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_u1_full_color_reversed.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0ec73a3ca7f354865d6b95401c50627fdf5a9b0da763a6f75fa818fd775b55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-11ca"
age: 11854
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1c0bcc0c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 folders_2.svg
static.mediafire.com/images/download/subscription_upsell/ 436 KB
33 KB 122ms
121ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/download/subscription_upsell/folders_2.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2963508acf9e06ed042db7cd866f45005d1b49cb9306c8178cb1dc0541868dfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67f6eaca-6ce6b"
age: 6835
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Apr 2025 21:46:50 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1c0bcc2c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
695 B 126ms
125ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-2e1"
age: 11145
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf1
cf-ray: 9382f1c0bcc3c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
422 B 126ms
126ms Image
image/svg+xml 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"62deda56-c7"
age: 12199
access-control-allow-methods: OPTIONS, POST, GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
x-mf-env: liveApi
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-mf-fe: mf2
cf-ray: 9382f1c0bcc4c22c-TLV
access-control-allow-origin: *
server: cloudflare

GET
H3 200 MIOTWmnyDeP.js Show response
static.xx.fbcdn.net/rsrc.php/v4ivXU4/yb/l/he_IL/ Frame A15C 544 KB
141 KB 264ms
133ms XHR
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4ivXU4/yb/l/he_IL/MIOTWmnyDeP.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

6ed73dadf4632e69b6e9202b990ec3decc450108ae3a5cc3f0aeb443d8f42c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.facebook.com/

Response headers

content-md5: aKZWehjn/qe/yQl8bL3HSw==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 11:06:52 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug: aedxzZlkIz3RqNhFespkLHul4pOrgDT+I1geoaZTmzoq92vT9PVHwr1bx4PxwQFDV7e999zuK+Uy/JrciNJ2oQ==
priority: u=1,i
vary: Origin
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=129, rtx=0, c=24, mss=1232, tbw=8556, tp=13, tpl=0, uplat=2, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: https://www.facebook.com
content-length: 144017
origin-agent-cluster: ?1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 391ms
125ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
age: 6192
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:49:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 22:49:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 453 KB
145 KB 142ms
142ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He54s1v6304663za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d57817b2a148efd762793f7381780bc84d2aad1ed9ed8324453dffd688fd1313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1072:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1072:0"}],}
expires: Wed, 30 Apr 2025 00:32:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1072:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1072:0
content-length: 147995
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 200 ezconfig
g.ezoic.net/detroitchicago/ Frame 0
0 396ms
131ms Preflight 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/ezconfig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mediafire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
content-length: 0
date: Wed, 30 Apr 2025 00:32:51 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 105 KB
30 KB 239ms
82ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.ezojs.com
URL: https://www.ezojs.com/identity.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

572ec137575fa4799de7433a3f493bc02089ed14b410ac493262345f36c79be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-amz-id-2: pUV1ITHelki9b25U4g2KQi3bM956T6AfTSzhlMscrG7TL8UqvyricTdlkhtI9IkaZ24I/gKb17AN+vzlMXki9+BnNCQrbBu9
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"a607a260772d524047ddaed6b9b4fbfb"
age: 1238
x-amz-request-id: 466Y15A7Y5WVBCJG
cf-ray: 9382f1c25dcbc22c-TLV
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/javascript;charset=utf-8
last-modified: Mon, 28 Apr 2025 11:21:41 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 ezconfig Show response
g.ezoic.net/detroitchicago/ 49 B
121 B 133ms
132ms Fetch
application/json 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/ezconfig
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/identity.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 50a63bf06dcdc62ce03de6a07d10770dc80cfa47ef2b63db1e9f6a5fbd786a7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-length: 73
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/json
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type

POST
H2 200 ezconfig Show response
g.ezoic.net/detroitchicago/ 29 B
60 B 140ms
139ms Fetch
application/json 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/ezconfig
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/identity.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 893719087a8bc6dcdfabc4e1d54fd6d724953d40da2ad369f8b4fb5f689394d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
content-length: 29
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/json
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type

OPTIONS
H2 200 ezconfig
g.ezoic.net/detroitchicago/ Frame 0
0 395ms
132ms Preflight 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/ezconfig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mediafire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
content-length: 0
date: Wed, 30 Apr 2025 00:32:51 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 mulvane.js Show response
go.ezodn.com/parsonsmaize/ 1 KB
1 KB 81ms
80ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-13&cb=e75e48eec0
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b41253384e2818bd0f76171d6ffd723d4c85c5e1a69da74f174489cb52a40ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 108314
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQCVmaYDA3AxgTCb8uzSWh7NI%2BjH4Rr7IfDtAhSmM8V6jt99s5NPrKG%2BifMCSIxsWvY0vjLuR%2FVLvPngA2LUZzQkzAjp5aLgk3X7SaIh8CbJ%2F2esZkN3UegN3%2B3H2fQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74384&min_rtt=68978&rtt_var=10870&sent=20&recv=16&lost=0&retrans=0&sent_bytes=10471&recv_bytes=5741&delivery_rate=99842&cwnd=12000&unsent_bytes=0&cid=f931864fbb77b3b8&ts=176&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 19 Apr 2025 04:08:43 GMT
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9382f1c16d11c22e-TLV
server: cloudflare

GET
H3 200 birmingham.js Show response
go.ezodn.com/detroitchicago/ 752 B
1 KB 85ms
85ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.ezodn.com/detroitchicago/birmingham.js?gcb=195-13&cb=539c47377c
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30be558393bd8b0585c806a6eaed6d6f5b51d1ca63c0113061dfe35eaa128ce3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 607462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXiUXTqujNVS7BrmMWScjxds0WHzanTi50WuJwVMqDIN75GkqDcUog6vd%2B5S1nIk%2BDDWw%2F1fG8N71ImjZMQ3c0GyugLE6m10uRP7Go8cuDLMC7mwa0YWT%2BcbHcfnakI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74384&min_rtt=68978&rtt_var=10870&sent=24&recv=16&lost=0&retrans=0&sent_bytes=13707&recv_bytes=5741&delivery_rate=99842&cwnd=12000&unsent_bytes=0&cid=f931864fbb77b3b8&ts=180&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 22 Apr 2025 23:29:20 GMT
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9382f1c16d12c22e-TLV
server: cloudflare

GET
H3 200 ezoicanalytics.js Show response
go.ezodn.com/ 2 KB
2 KB 82ms
82ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.ezodn.com/ezoicanalytics.js?cb=1&dcb=195-13&shcb=34
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e814d50a228f54aecf40d8a58e41d48ce1dfc4376fd5fbedc28078fe0a8c5526

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 4112
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KhppLTIG3qsx39Tms9sZ0UYADo6a8FmrcHPqnMJuwP43vUgYNowjKTbdHvHrsVp1kNGHSca3XV%2FhQ4ptMmAi0n4FkniauBmHZEm45cEtFJrkLZUWEe%2BIwfHWcQYWPk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74384&min_rtt=68978&rtt_var=10870&sent=22&recv=16&lost=0&retrans=0&sent_bytes=11796&recv_bytes=5741&delivery_rate=99842&cwnd=12000&unsent_bytes=0&cid=f931864fbb77b3b8&ts=176&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Apr 2025 05:45:48 GMT
priority: u=3,i=?0
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9382f1c16d14c22e-TLV
server: cloudflare

POST
H3 200 9382f1b2fb2dc22c Show response
www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.7608936093056603:1745971724:T8LfhaWxpVmjJJ7Br3L_FLgs_5nyDVhTcDENdcbdzkI/ Frame EA95 0
574 B 84ms
77ms XHR
text/plain 104.17.151.117
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.7608936093056603:1745971724:T8LfhaWxpVmjJJ7Br3L_FLgs_5nyDVhTcDENdcbdzkI/9382f1b2fb2dc22c
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.151.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-ray: 9382f1c1ed98c22c-TLV
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 MIOTWmnyDeP.js Show response
static.xx.fbcdn.net/rsrc.php/v4ivXU4/yb/l/he_IL/ Frame A15C 544 KB
141 KB 175ms
126ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v4ivXU4/yb/l/he_IL/MIOTWmnyDeP.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

6ed73dadf4632e69b6e9202b990ec3decc450108ae3a5cc3f0aeb443d8f42c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.facebook.com/

Response headers

content-md5: aKZWehjn/qe/yQl8bL3HSw==
content-encoding: zstd
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 11:06:52 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
x-fb-debug: aedxzZlkIz3RqNhFespkLHul4pOrgDT+I1geoaZTmzoq92vT9PVHwr1bx4PxwQFDV7e999zuK+Uy/JrciNJ2oQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
priority: u=3,i
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
x-fb-connection-quality: GOOD; q=0.7, rtt=122, rtx=0, c=28, mss=1232, tbw=10581, tp=22, tpl=0, uplat=5, ullat=-1
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 144017
origin-agent-cluster: ?1

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 648 B
793 B 444ms
162ms Fetch
application/json 3.72.6.211
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

34c5acab4f3e8b7905cb22d803a28ffb5b148684279a42418b0e20ce6ab2ee46

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.mediafire.com
content-encoding: gzip
content-length: 430
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 558 B
697 B 449ms
167ms Fetch
application/json 3.72.6.211
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

338533032d1c7c1a21e4366353ac7bbd4b03bff74aa067689d8957c48288d7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.mediafire.com
content-encoding: gzip
content-length: 334
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
124 B 413ms
132ms Fetch 3.72.6.211
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 481ms
199ms Fetch 3.72.6.211
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 479ms
198ms Fetch 3.72.6.211
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-6-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
282 B 412ms
130ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials: true
observe-browsing-topics: ?1
pmfcgi-resp: TRUE
access-control-allow-origin: https://www.mediafire.com
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 30 Apr 2025 00:32:51 GMT
server: nginx

POST
H2 200 analytics Show response
g.ezoic.net/ezais/ 14 KB
4 KB 331ms
220ms Fetch
text/plain 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/ezais/analytics?cb=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/ezoicanalytics.js?cb=1&dcb=195-13&shcb=34
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 77fe6c78e9006bb9c67abf972428e2c17d8b3b68af917b0d419d38720abc7ad4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
content-encoding: br
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type

POST
H2 204 collect
analytics.google.com/g/ 0
0 331ms
127ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je54s1v887485693z86304663za200zb6304663&_p=1745973170472&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004&cid=523823685.1745973172&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1745973171&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&dt=IterationT%20v3.0.0&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&tfd=2579
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He54s1v6304663za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
558 B 372ms
124ms Ping
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K68XP6D85D&cid=523823685.1745973172&gtm=45je54s1v887485693z86304663za200zb6304663&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He54s1v6304663za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to: {"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:122:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.co.il/ads/ 42 B
408 B 397ms
134ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=523823685.1745973172&gtm=45je54s1v887485693z86304663za200zb6304663&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004&z=897497376

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 30 Apr 2025 00:32:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/ 527 KB
166 KB 124ms
124ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

accc3d02487bb988ea6d87a039e8764a8ad217cb7080a3a2383d606294ebfe33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 5829739145103952885
age: 52289
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 10:01:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 29 Apr 2025 10:01:22 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 170257
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202504290101/ 64 KB
23 KB 134ms
132ms Other
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202504290101/gpt

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

de83d54c3c01768225e8fb034f65dd15098c70db8b2cd23e4708b9f8c08bd43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 9807650885361896136
age: 36095
x-content-type-options: nosniff
expires: Tue, 06 May 2025 14:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 29 Apr 2025 14:31:16 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23837
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202504290101"

GET 0
www.mediafiredls.com/onclick/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
451 B 136ms
135ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1346227671&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&ul=he-il&de=UTF-8&dt=IterationT%20v3.0.0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=470610720&gjid=746326720&cid=523823685.1745973172&tid=UA-829541-1&_gid=1301403188.1745973172&_r=1&gtm=457e54s1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103173737~103173739~103200001&cd1=unregistered&cd7=legacy&cd3=archive&cd4=59&cd5=zip&cd8=%2F100%2F&jsscut=1&z=924854133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.mediafire.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 1
server: Golfe2

GET
DATA 200
OK truncated Show response
/ Frame B4BE 2 KB
2 KB Document
text/html

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c5b591f10c8fb4d85649e71bdc40e72a316fdceb1aab3ce125ac064ffa5f6e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 259ms
125ms Image
image/svg+xml 142.250.185.99
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
age: 59916
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 07:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 07:54:16 GMT
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3340
x-xss-protection: 0
server: sffe

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 125ms
123ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

age: 58688
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 08:14:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 08:14:43 GMT
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 910
x-xss-protection: 0
server: sffe

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 127ms
126ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.LVBTxrA1Ouc.R.W.O/am=AAY/d=0/rs=AN8SPfr0_fyxEU4o-Nwo2HW0DAs5C_RU4Q/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.LVBTxrA1Ouc.R.W.O/am=AAY/d=0/rs=AN8SPfr0_fyxEU4o-Nwo2HW0DAs5C_RU4Q/m=el_main_css

Response headers

age: 44589
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 12:09:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 12:09:42 GMT
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1842
x-xss-protection: 0
server: sffe

GET
H2 200 boise.js Show response
g.ezoic.net/detroitchicago/ 824 B
526 B 132ms
130ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/boise.js?gcb=195-13&cb=5
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 426
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 abilene.js Show response
g.ezoic.net/parsonsmaize/ 11 KB
4 KB 134ms
133ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/parsonsmaize/abilene.js?gcb=195-13&cb=dc112bb7ea
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f1c02e9ba02a159b34fc2d7d2be0a743b497a6cd0a422a0c3acc88b871b2af96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 et.js Show response
g.ezoic.net/porpoiseant/ 1 KB
602 B 134ms
133ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/porpoiseant/et.js?gcb=195-13&cb=3
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 571
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 drake.js Show response
g.ezoic.net/beardeddragon/ 4 KB
1 KB 138ms
138ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/beardeddragon/drake.js?gcb=13&cb=1b0a0a9dcc
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a5e87590d9232e0b0be4c640eeb47cb4f4299af754f195c802d49fe380ea1870

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 jellyfish.js Show response
g.ezoic.net/porpoiseant/ 37 KB
9 KB 194ms
194ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/porpoiseant/jellyfish.js?a=a&cb=17&dcb=195-13&shcb=34
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c710cdd34e668d4b076117de6e491db51bfdb199410738766ebc187cf6bd625c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:51 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 mulvane.js Show response
g.ezoic.net/parsonsmaize/ 1 KB
575 B 133ms
131ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/parsonsmaize/mulvane.js?gcb=195-13&cb=e75e48eec0
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9b41253384e2818bd0f76171d6ffd723d4c85c5e1a69da74f174489cb52a40ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 522
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 birmingham.js Show response
g.ezoic.net/detroitchicago/ 752 B
411 B 136ms
135ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/birmingham.js?gcb=195-13&cb=539c47377c
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 30be558393bd8b0585c806a6eaed6d6f5b51d1ca63c0113061dfe35eaa128ce3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 380
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 reno.js Show response
g.ezoic.net/detroitchicago/ 1 KB
557 B 142ms
141ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/reno.js?gcb=195-13&cb=3
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a285bc82f73dbd55244657449b4d9b2ecae8b2ea622d5558432bc818bb847df2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 526
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 overlandpark.js Show response
g.ezoic.net/detroitchicago/ 1 KB
519 B 136ms
135ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/overlandpark.js?gcb=195-13&cb=301bbdaf04
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8b3a000db28359e0512e1484988806b9cdaeb457e29ef6b82bfe097e6eed3231

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 488
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 wichita.js Show response
g.ezoic.net/detroitchicago/ 2 KB
953 B 137ms
136ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/wichita.js?gcb=195-13&cb=9f9286e31b
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 53731718ab10d0a5e783bd3eaef381aa420a233d429903bcde616619e25d330b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 raleigh.js Show response
g.ezoic.net/detroitchicago/ 1 KB
673 B 135ms
135ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/raleigh.js?gcb=195-13&cb=8
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcfeafb915fb5e0eaf4cce1e3abf6eeace381b5926e07261cbceffc30fa4e699

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 642
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 vista.js Show response
g.ezoic.net/detroitchicago/ 705 B
401 B 132ms
132ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/vista.js?gcb=195-13&cb=296945a885
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bdb45214f548d4da3ec07c07d9f6f92f2fbff7d1ccefee55631d31729cf02a30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
content-length: 370
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 200 KB
65 KB 417ms
149ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

a42525b4588bca0d5e9d2020d304a727f77b707e02f2bfde6fa46ab1ffdfa486

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xf4FcclTiLIMwb-qat03Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw0pBiWMy_i-nErdtMF4C49eY51ulAbLT2PKsLEBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWII5Nu8maCsS9e2-y3jhyk3XXxlush4G4Sfs2axcQC_FwbLl_9ACbwIJV1w8wKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkamBiZ6xkYxBcYAABDeEJ1"
content-security-policy: script-src 'report-sample' 'nonce-Xf4FcclTiLIMwb-qat03Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 olathe.js Show response
g.ezoic.net/parsonsmaize/ 2 KB
897 B 135ms
131ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/parsonsmaize/olathe.js?gcb=195-13&cb=26
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3cefef7fc952707c97375ef3fa95a8c45a96eda7845d02bc1c28bf3570c0cfba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 vitals.js Show response
g.ezoic.net/tardisrocinante/ 11 KB
4 KB 138ms
133ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/tardisrocinante/vitals.js?gcb=13&cb=5
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6fca1361d81b8d8d05afbe947e257aef026891372b45e0d2de123a907a4ed1af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 chanute.js Show response
g.ezoic.net/parsonsmaize/ 20 KB
5 KB 140ms
136ms Script
application/javascript 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/parsonsmaize/chanute.js?a=a&cb=16&dcb=195-13&shcb=34
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 45fd2ba3960eed5c593360163563e703c8c333d4be5736119d53b84d666783ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-robots-tag: noindex
cache-control: max-age=31536000, public
content-encoding: br
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
455 B 370ms
120ms Fetch
text/plain 162.19.138.119
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
p3p: CP="CAO PSA OUR"
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET v1
lbs.eu-1-id5-sync.com/lbs/ 0
0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
289 B 400ms
129ms Fetch
application/json 141.95.98.65
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

bd1a68269ce82da303c17ae27d563b802243dcf1a9e998cd3dabfe88bba307e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.mediafire.com
date: Wed, 30 Apr 2025 00:32:51 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 imp.gif
g.ezoic.net/detroitchicago/ 43 B
216 B 133ms
131ms Ping
image/gif 52.57.221.121
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/parsonsmaize/abilene.js?gcb=195-13&cb=dc112bb7ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.221.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-221-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 1728000, 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS, HEAD, PUT, POST, GET, OPTIONS
expires: Tue, 29 Apr 2025 00:32:52 GMT
access-control-allow-origin: https://www.mediafire.com, https://www.mediafire.com
content-length: 43
date: Wed, 30 Apr 2025 00:32:52 GMT
x-middleton-display: imp_sol
content-type: image/gif
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers: Content-Type, Content-Type

GET
H2 200 AGSKWxX_3otcdKnxyU-Wp2bGaahUgj7DDBnvx8YI1Jh_nQx01PIjvp1Nf8dviQ9wDeRFuRwvDzhFZHDDgY0FgogHIbd729Q8LpIt5nPqvXLOESXgyglMEZRRqV_Kj_QBW02yaNfDEGoMVQ== Show response
fundingchoicesmessages.google.com/f/ 9 KB
5 KB 151ms
150ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX_3otcdKnxyU-Wp2bGaahUgj7DDBnvx8YI1Jh_nQx01PIjvp1Nf8dviQ9wDeRFuRwvDzhFZHDDgY0FgogHIbd729Q8LpIt5nPqvXLOESXgyglMEZRRqV_Kj_QBW02yaNfDEGoMVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ1OTczMTcyLDY0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3M3dWV1dDBrZmg0bXRrMy9JdGVyYXRpb25UX3YzLjAuMC56aXAvZmlsZSIsbnVsbCxbWzgsIkppY1ZTREhpMmhVIl0sWzksIml3Il0sWzE5LCIyIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTMsOTUzNDAyNTVdXSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.JicVSDHi2hU.es5.O/d=1/rs=AJlcJMxwg4Q4FQq8VcuZLp-fzqkNEOXb2w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

f449b0518a2e2ed2543315b356368c9c4902c104c1f19d066d6b1c6eda4b96d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-axLF_xAcfp_07DBPeN9SPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GTdtfEW62EgbtK-zdoFxEI8HFvuHz3AJrDh6PQbTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBiZG5noGBvEFBgCYEjv5"
content-security-policy: script-src 'report-sample' 'nonce-axLF_xAcfp_07DBPeN9SPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame EE3D 101 KB
28 KB 253ms
123ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

38f00721657fd6de7b95747418618530426233d20866cee0737fabaef1ba2876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28962
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Apr 2025 00:28:12 GMT
expires: Wed, 30 Apr 2025 01:18:12 GMT
last-modified: Mon, 28 Apr 2025 19:43:10 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 106 KB
30 KB 85ms
83ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae75158116209d042c1a6a960ffc134b3aec306694c85262d6dcfa3943a74e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-amz-id-2: /KXJ6EUNBPbOn5jE7IZ367ISF9cTzeF9dxQI7rX3SGYc2xDl4QthVZTbRNWBhbkM7/PCfBPhbDN9aCZH0meu0A==
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"519415b83d55d9e4672c7f348ac55069"
age: 1218
x-amz-request-id: QXTGJQCKVEVEYYKD
cf-ray: 9382f1c94b53c22c-TLV
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/javascript;charset=utf-8
last-modified: Mon, 28 Apr 2025 11:21:41 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 394ms
128ms Script
application/javascript 18.66.102.2
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-2.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

etag: "faa388a163b1b6d0377ee77a861591e5"
age: 2245
x-cache: Hit from cloudfront
x-amz-cf-id: tLtHX47grFnLp0NZSJG_JfXWzsP3SA7Y38N7BIakVrVYOSL7uaQCzw==
date: Tue, 29 Apr 2025 23:55:28 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration: expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy: default-src 'self'
cache-control: max-age=3600
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8729
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 412ms
130ms Script
text/javascript 18.173.204.202
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.204.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-204-202.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-amz-version-id: suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag: "e264379414c85b18fe5fb338ed4823f8"
Age: 82657
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: hMDXxEo9gOTFe679lfRy-dB4Rje8KgKqXQ8MFS3uEIFFyWatOyUhCQ==
Date: Tue, 29 Apr 2025 01:35:17 GMT
Content-Type: text/javascript
Last-Modified: Wed, 11 Dec 2024 19:25:11 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Via: 1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 3117
X-Amz-Cf-Pop: FRA56-P12
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
850 B 389ms
127ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age: 2952
x-content-type-options: nosniff
x-jsd-version-type: branch
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230168-FRA, cache-lon4272-LON
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 394
x-jsd-version: master

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 392ms
140ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 80007
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: _73j0kYY0NUkA3Kp7U-XYdrSXW0u8nVh1TpCfuMV211vlNfS-DHomg==
date: Tue, 29 Apr 2025 02:19:26 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 3 KB
3 KB 337ms
163ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

etag: 861bdaf24bda5c0db45c6ebe1c94a9eb
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2729
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 05 Feb 2025 14:45:21 GMT
server: Google Frontend
x-cloud-trace-context: 3ae5822140e8ca27707ec7ffdaea6dca

GET ob.js
cdn-ima.33across.com/ 0
0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 510ms
214ms Script
text/javascript 178.250.1.39
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

nginx /

Resource Hash

8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"67ece34f-a612"
cross-origin-resource-policy: cross-origin
expires: Thu, 01 May 2025 00:32:53 GMT
access-control-allow-origin: *
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/javascript
last-modified: Wed, 02 Apr 2025 07:12:15 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 243ms
73ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 409936
x-goog-stored-content-encoding: gzip
expires: Sat, 25 Apr 2026 06:40:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Fri, 25 Apr 2025 06:40:36 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AAO2VwrkIFTnPnOxlO4BaerHyHVspahs4IeEQ6ZTTUSQI_VZMlLcOzBi6pYfiQomhAq-_wlC
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
11 KB 326ms
326ms Fetch
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5763273973186877&correlator=70172395638840&eid=31086814%2C31091881%2C31092019%2C31092020%2C31085777%2C31092088%2C31092017%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202504290101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=183096492%2CMediaFire-Zone1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&didk=2298854458&dids=div-gpt-ad-1583943974201-0&adfs=744007279&sfv=1-0-43&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1745973172657&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&vis=1&psz=0x0&msz=0x-1&fws=128&ohw=0&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYrbPxoOgySABSAghkEhwKDWNyd2RjbnRybC5uZXQYrbPxoOgySABSAghkEhkKCnVpZGFwaS5jb20YrbPxoOgySABSAghkEhgKCXlhaG9vLmNvbRits_Gg6DJIAFICCGQSFAoFb3BlbngYrbPxoOgySABSAghkEhsKDGlkNS1zeW5jLmNvbRits_Gg6DJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YrbPxoOgySABSAghkEhcKCHJ0YmhvdXNlGK2z8aDoMkgAUgIIZA..&cbidsp=CoABCAESIwoMc2hhcmV0aHJvdWdoEOwDIAI4AVIMc2hhcmV0aHJvdWdoEhsKCHB1Ym1hdGljEKMDIAI4AVIIcHVibWF0aWMYAiIkYjA2YTMxNmQtN2U3NS00YWE2LWI1YTItZTk2ZTc1OWFlZWI0KgQIAyAAMgd2OC4xMC4wQOgHSgA.&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1745973169824&idt=2218&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121937%26dladtemplate%3D59%26button_delay%3D3000&adks=630197753&frm=20&eoidce=1&td=1&egid=56168&tan=7df31174-9eb7-44c6-984f-6b592194e073&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

295d7ac6a4f9d49c1d113e83e3c395bf827d364d34b6b63139ce367f0556f4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: dcb
google-lineitem-id: 5967615577
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138387047710
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.mediafire.com
content-length: 11528
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
10 KB 335ms
334ms Fetch
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5763273973186877&correlator=2168519526638121&eid=31086814%2C31091881%2C31092019%2C31092020%2C31085777%2C31092088%2C31092017%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202504290101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=183096492%2CMediaFire-Zone2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=2&didk=2784911678&dids=div-gpt-ad-1583943910909-0&adfs=1737954225&sfv=1-0-43&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1745973172662&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&vis=1&psz=0x0&msz=0x-1&fws=128&ohw=0&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYrbPxoOgySABSAghkEhwKDWNyd2RjbnRybC5uZXQYrbPxoOgySABSAghkEhkKCnVpZGFwaS5jb20YrbPxoOgySABSAghkEhgKCXlhaG9vLmNvbRits_Gg6DJIAFICCGQSFAoFb3BlbngYrbPxoOgySABSAghkEhsKDGlkNS1zeW5jLmNvbRits_Gg6DJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YrbPxoOgySABSAghkEhcKCHJ0YmhvdXNlGK2z8aDoMkgAUgIIZA..&cbidsp=CoABCAESIwoMc2hhcmV0aHJvdWdoEOwDIAI4AVIMc2hhcmV0aHJvdWdoEhsKCHB1Ym1hdGljEKMDIAI4AVIIcHVibWF0aWMYAiIkZGZjOWVmOTktZmJhMC00ODI5LTllZDAtZWM0YzZkMTEyMDhhKgQIAyAAMgd2OC4xMC4wQOgHSgA.&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1745973169824&idt=2218&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121937%26dladtemplate%3D59%26button_delay%3D3000&adks=3841872593&frm=20&eoidce=1&td=1&egid=56168&tan=7df31174-9eb7-44c6-984f-6b592194e074&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

07047a74a4365bb51c0dfbd5afbaf5713d6bb91d65c3e4154c0a48053edd4fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: dcb
google-lineitem-id: 6949855565
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138510757059
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.mediafire.com
content-length: 10568
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
11 KB 322ms
321ms Fetch
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=5763273973186877&correlator=4325776466618914&eid=31086814%2C31091881%2C31092019%2C31092020%2C31085777%2C31092088%2C31092017%2C83321072%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202504290101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=183096492%2CMediaFire-Zone3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=3&didk=3528871077&dids=div-gpt-ad-1583943842379-0&adfs=2888144481&sfv=1-0-43&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1745973172664&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYrbPxoOgySABSAghkEhwKDWNyd2RjbnRybC5uZXQYrbPxoOgySABSAghkEhkKCnVpZGFwaS5jb20YrbPxoOgySABSAghkEhgKCXlhaG9vLmNvbRits_Gg6DJIAFICCGQSFAoFb3BlbngYrbPxoOgySABSAghkEhsKDGlkNS1zeW5jLmNvbRits_Gg6DJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YrbPxoOgySABSAghkEhcKCHJ0YmhvdXNlGK2z8aDoMkgAUgIIZA..&cbidsp=CoABCAESIwoMc2hhcmV0aHJvdWdoEOwDIAI4AVIMc2hhcmV0aHJvdWdoEhsKCHB1Ym1hdGljEKMDIAI4AVIIcHVibWF0aWMYAiIkNzUwNDYyNTgtYzQ4My00OTAzLWIxNDgtYzJhZjMxMjRiNDlmKgQIAyAAMgd2OC4xMC4wQOgHSgA.&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1745973169824&idt=2218&prev_scp=dkey_present%3Dfalse%26buildnumber%3D121937%26dladtemplate%3D59%26button_delay%3D3000&adks=1870779098&frm=20&eoidce=1&td=1&egid=56168&tan=7df31174-9eb7-44c6-984f-6b592194e075&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bc712ccc10fbdc8f4748a10f36708fc55ebf0a3823addc4635b3c19819f35816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: dcb
google-lineitem-id: 5967615577
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138435710082
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.mediafire.com
content-length: 11591
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com/safeframe/1-0-43/html/ Frame E575 7 KB
3 KB 272ms
132ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com/safeframe/1-0-43/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Apr 2025 00:32:52 GMT
expires: Wed, 30 Apr 2025 00:32:52 GMT
last-modified: Thu, 24 Apr 2025 19:57:16 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 1 KB
2 KB 122ms
120ms XHR
application/json 162.19.138.119
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

44760d7fe873bc6ded98c454d86fc9229849f2c25ecf5808183b999f32837daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
p3p: CP="CAO PSA OUR"
date: Wed, 30 Apr 2025 00:32:52 GMT
content-type: application/json
vary: Origin

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 365ms
122ms XHR
text/plain 162.19.138.119
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.mediafire.com
date: Wed, 30 Apr 2025 00:32:52 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://id5-sync.com/i/457/8.gif?o=api&id5id=ID5*Z-j921r9zWx2jiHtZhQiv-9uAICg-g76c1OHbgOgEt8UCLjuR66MwRCGpu5ViyXU&gdpr_consent=undefined&gdpr=false
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=585ef1bc-6a51-4f03-ae00-0817de9e19bf&ttl=%%TTL%%
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/457/19/6/3.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/457/19/6/3.gif?puid=6738f21a42b22f88cfaa3223db30ab2b&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-f5fdWyBW03dTulJnybkA7rObP6EnlUVyjhzRAn2JYA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/457/3/5/4.gif?puid=08236811-6fb6-4d00-a596-f6bdd593b426&gdpr=0&gdpr_consent=
https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=

0
1 KB

557ms
132ms

Image
text/plain

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: ef823186f233724f4775c0c4b9549d14
Pragma: no-cache

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
location: https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
p3p: CP="CAO PSA OUR"
date: Wed, 30 Apr 2025 00:32:54 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 285 B
550 B 304ms
143ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e072d76ebfdd40a273aafcf7c9a0afb2e2ec72a74b4d76a8da188ed0b048daa9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: application/json
x-cloud-trace-context: 7093057c25b6f33ee7147d9661b7264c
server: Google Frontend
access-control-allow-headers: X-Requested-With

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4254 0
0 160ms
159ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS2EgkDT9EG77Mx2EinhnyUocV-fJJmDb-oFtjnZ2oT-beqEdnmOqaNT0_jA3lZ3JddDdcMOOZBEvEu7Z__2xNgRjOuOUyHiK3m1TYQM2DBl74A0Ky_3FrR_nQOpwZ7J2oUsCqkNTvQ6XUeWCnS5yiACPY-m8vnkyVxvumGSIq5tZg506ImqOLl0fOJFjd5SE8UfA4rf6_tLz51PhJjirih2UfJSuTcs9cQkSIL15wfBcP8qqObYJC0BD8lVvQJPGJwonzxbF9ShL27-WbHrw8lT1XmxOcyxuw9b4kc4YjAidw9b9DVqU7oX_hk1NQpPBh_2HH49h_43rRVw8avc_ahdsXeU6yjjsnnUVx77bfgC6_KyPEQ7z9uO2-KbkZd5psD4gazHBTb7rbGVQWT9QDsLyCxCYal1tA_BqsrtoK&sai=AMfl-YTjBN43KMoisZXB98HdgBZvXOSwMMTKO42gZuEtuGG8I-0IPo3eqQh48Rw7nau5LLDRfua5eLWyR8Bu9a0g1pvW1rwM0laQi2EpsIy7d9liVkUYhx0Le9FDDJfAmzs4y4l6biaGyrp55pATPR6DFA&sig=Cg0ArKJSzCJdpbTH2P1iEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/ Frame 4254 21 KB
8 KB 444ms
126ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

84867a2de0362b28255dda2e2e5cca9c37979137b00361e22d286d64ed649678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 8047411686069726594
age: 59166
x-content-type-options: nosniff
expires: Tue, 13 May 2025 08:06:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 08:06:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8550
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/ Frame 4254 3 KB
2 KB 441ms
124ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

6da225ff41d13daccdc866596691039b7d0dbab13fc5f91ac7fe8e2279603000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 14145566667870440924
age: 59843
x-content-type-options: nosniff
expires: Tue, 13 May 2025 07:55:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 07:55:30 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1239
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4254 220 KB
68 KB 257ms
124ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

0923ca035ce2e912178eb2032b148668aa905613119db6bf7a16df9178b54eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 360109090404770869
age: 2927
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:44:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 23:44:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-2
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69331
x-xss-protection: 0
server: cafe

GET
H2 200 7009497522443761165
tpc.googlesyndication.com/simgad/ Frame 4254 79 KB
79 KB 505ms
189ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7009497522443761165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

e018b73f4d9cae1b5275be6084b2c2dab89578ee4b0aeda983763ee92cc595f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

age: 60172
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 07:50:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 29 Apr 2025 07:50:01 GMT
last-modified: Thu, 08 Jun 2023 12:41:40 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 80664
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED3F 0
0 162ms
161ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf6ny9RYXcap_v2Nc72d4nTxsKAPmwwLQM_DHeYvWAkOY7Gr72Jse_-i5uRrL2mLclo9n6W53g9YJ-aK1THRYo0hAZGhw8bMYLzsI7IY7ZDegEEElCYvHgm40xcOBl3fuV3Mp1jKWmYO1WzA-PXSVAeTdobovCKLqLToK6_2PEB5A876FgBSm7rtwWWm5PL74mIWCqI5Lkh6J8Qak9Q6QesXWe3Th18do4b0sCkXGtIUyeAKs3KRFz11sOENtuGxm0A5j08QRi13WlgGmlvSGKTx5LF2NPDZ0w-04Za3V_FYvMo6s62lTqJd-XJ47TSoeHFUC-cXuXlylsR4R9HsTLUDNqcMlhvc7VI_kimT0KFPsOi7osHaUaevbyGmKQO__rgp-5hEK_G4LNd88ubVrHU3jWGtYs9ueFC7JZuKDV&sai=AMfl-YRDqD3wvw-Ay6oK-IlSQzy85x44leIlpVE-xULRC9y7YIavI7bdsVY8oJw1kknjMaQRMOw-M1JqYmmb2mH6yX_Ywbz9yz6Ya-T3CUY6IzDzLkaButoq3ZeDmVfwnM7C04JGmlWmvNptEsZ6M3L29w&sig=Cg0ArKJSzPm9MUpWbRrvEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/ Frame ED3F 21 KB
0 427ms
427ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

84867a2de0362b28255dda2e2e5cca9c37979137b00361e22d286d64ed649678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 8047411686069726594
age: 59166
x-content-type-options: nosniff
expires: Tue, 13 May 2025 08:06:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 08:06:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8550
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/ Frame ED3F 3 KB
0 407ms
407ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

6da225ff41d13daccdc866596691039b7d0dbab13fc5f91ac7fe8e2279603000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 14145566667870440924
age: 59843
x-content-type-options: nosniff
expires: Tue, 13 May 2025 07:55:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 07:55:30 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1239
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ED3F 220 KB
0 241ms
241ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

0923ca035ce2e912178eb2032b148668aa905613119db6bf7a16df9178b54eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 360109090404770869
age: 2927
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:44:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 23:44:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-2
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69331
x-xss-protection: 0
server: cafe

GET
H2 200 17494115938463050724
tpc.googlesyndication.com/simgad/ Frame ED3F 57 KB
57 KB 588ms
309ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17494115938463050724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

cee9fd8e304615d5ace755818a222fb75754484b38923463745dfed56bf4e3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

age: 59120
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 08:07:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Tue, 29 Apr 2025 08:07:33 GMT
last-modified: Wed, 30 Mar 2022 12:57:01 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 58527
x-xss-protection: 0
server: sffe

POST
H2 204 collect
analytics.google.com/g/ 0
0 127ms
126ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je54s1v887485693za200zb6304663&_p=1745973170472&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004&cid=523823685.1745973172&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEAAAAI&_s=2&sid=1745973171&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&dt=IterationT%20v3.0.0&en=scroll&epn.percent_scrolled=90&_et=36&tfd=4039
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He54s1v6304663za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7965 0
0 162ms
162ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2qwVEFYNYBYoVYDCp2cYt35E2-qrqt9iwF_IWJzh_PK60jovr-KNT53AfKhFmKECCvq6c_TvHFj8cLarf8QGsg1rLl_e8SJU4RiAfRU3KvuIEYUt_TtHxOsEZ-q24FZ-I_usRJPpO-hkZOIc4pepqqy1XKdj-IuiklgcA6fA4rkF4HyLS6ViifB6avKjFKUjqW-96pzlgNos7EtxxGQZq-x8QxsAJJaCrKjD-gg6Ig0nsLrHZU2ykeQbm7qDpzVjqXhmNxRvMHdq_6pacR4X58KHGbR2LGNHdVlX-1Bjf6LyqzXGAbMrb3suG2WaL3kG3ut3Q-CI7jcofgoDCakA9WLWWfRXZl_Xz_ouAkfjH1i2e3wtkeOx_1hOPYnEdaWG_CKJewNwqNEN1SKSnaMliDjljYpj27ZhBm4SfhZ1U&sai=AMfl-YQNg-UXXM49jiPhvVN6Mp45-PRzSmwpI1mPTlQjzqkDA5nZ5TrqPbtqYeSZd70q6xTRJMsPSAj8MbpmrYwlT49S-CNwKEoDliGg_csKaElbasu3PmSbMiLK06Okdqqsta1A2RyGDLEL3Yy1jRaX&sig=Cg0ArKJSzF7GXqU6mvZOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/ Frame 7965 21 KB
0 12ms
11ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

84867a2de0362b28255dda2e2e5cca9c37979137b00361e22d286d64ed649678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 8047411686069726594
age: 59166
x-content-type-options: nosniff
expires: Tue, 13 May 2025 08:06:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 08:06:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8550
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/ Frame 7965 3 KB
0 8ms
8ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250428/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

6da225ff41d13daccdc866596691039b7d0dbab13fc5f91ac7fe8e2279603000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 14145566667870440924
age: 59843
x-content-type-options: nosniff
expires: Tue, 13 May 2025 07:55:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 07:55:30 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1239
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7965 220 KB
0 207ms
207ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

0923ca035ce2e912178eb2032b148668aa905613119db6bf7a16df9178b54eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 360109090404770869
age: 2927
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:44:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 23:44:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-2
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69331
x-xss-protection: 0
server: cafe

GET
H2 200 16298801869159861559
tpc.googlesyndication.com/simgad/ Frame 7965 12 KB
13 KB 232ms
232ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16298801869159861559

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

7ec07fca39de3ece6668edebbfe6002dcb9639a0f412d3af35fc7a63d3597d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

age: 446794
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 24 Apr 2026 20:26:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 24 Apr 2025 20:26:19 GMT
last-modified: Tue, 18 Mar 2025 13:14:54 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 12778
x-xss-protection: 0
server: sffe

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
571 B 433ms
146ms XHR
application/json 54.220.144.202
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.144.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-144-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5a4b9efc09443d0168e868c413bc2c2701f1d4831553f269ffd4b5f8016457c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.mediafire.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 156
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: application/json;charset=utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4254 0
0 186ms
185ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4254 0
0 178ms
178ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED3F 0
0 316ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED3F 0
0 314ms
157ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7965 0
0 456ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7965 0
0 452ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4254 0
0 156ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 glam300. Show response
fundingchoicesmessages.google.com/f/AGSKWxW3OMH-6kTNw2W3fSyLB9cyCKDnmOez-CcRtu_IJbeSMYXPpOty9Rkmz0RZc9B-4DzAp4l1wjh3ljJ6d2yxcuKJzO6lDTjqQ5T8yfQvly48ws4OwwpR916ZI-FuDis5rbkhG2cj4jlaVJ62e6Ry50XAHeblF... 54 B
109 B 142ms
141ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW3OMH-6kTNw2W3fSyLB9cyCKDnmOez-CcRtu_IJbeSMYXPpOty9Rkmz0RZc9B-4DzAp4l1wjh3ljJ6d2yxcuKJzO6lDTjqQ5T8yfQvly48ws4OwwpR916ZI-FuDis5rbkhG2cj4jlaVJ62e6Ry50XAHeblFerAR2vYhaOV3A8eL5knN82NIUHDeY51/_/ads-config._radio_ad_/abm.aspx-advertisement_/glam300.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.JicVSDHi2hU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxwg4Q4FQq8VcuZLp-fzqkNEOXb2w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

3924f49393cd4f71189e1ac0906d38c76bd963633ff9cfcb182cf9fbd5b08040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qaqxbBY_FuiBIrSfcVFjSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GTdtfEW62EgbtK-zdoFxEI8HFvvHz3AJvBizY15TEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBiZG5noGBvEFBgCnujwv"
content-security-policy: script-src 'report-sample' 'nonce-qaqxbBY_FuiBIrSfcVFjSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 123ms
123ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: br
etag: 13036835877489095579
age: 8598
x-content-type-options: nosniff
expires: Tue, 13 May 2025 22:09:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 22:09:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxXvzF_mUyzWIrZ98ubeQUjtOaYDc4W7AS-XiaWfL1Ic4d1rAl-UgzABheljEN1Rif94b8v4BM7DjFfj-KhhOP_DaTbmpGSS-NHlkHABiJvgXNr1o_fyD2yuWdHUUJdJ0WOAiF3wGQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 270ms
136ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXvzF_mUyzWIrZ98ubeQUjtOaYDc4W7AS-XiaWfL1Ic4d1rAl-UgzABheljEN1Rif94b8v4BM7DjFfj-KhhOP_DaTbmpGSS-NHlkHABiJvgXNr1o_fyD2yuWdHUUJdJ0WOAiF3wGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dpf-1EWkzKGZUsgPdrrDWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0ZBi-FB_mfUHEAvxcGy9f_QAm8CLWQvvMCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwMTI3M9A_P4AgMAisQk_g"
content-security-policy: script-src 'report-sample' 'nonce-dpf-1EWkzKGZUsgPdrrDWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mediafire.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED3F 0
0 309ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7965 0
0 463ms
156ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4254 0
0 158ms
158ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX4Q8l5euMnEUwsAi1r7oZaeTcu6rsdId4jaygyyldEQf1UhGHM-47WHi6nI3W5F0vuymCeP5hw9sxY1yrNNbYg7M_0CMyJX8s7jU023jiGqmqLYSFuSsv9gf0HHQm4UkcgzMZl5jL-7l8mfeNxyaC0uJdq8bhmxAEWD_vYhN2AezACV_mOOxdccPFAAy-rQK-hkrKt9InR892pNMUmXZAXqlRxqP6zr6RMI_zTfcqbv1VuD7Fu7o1GHeN7IWJ4FoKnQ6O-ZqCEKIbbvYfIm8tq4WXNvOwkcbK0zRwQGsPWAHdRc-_wvLJAVVsQt_r6oKZadKvq_CGl-hYH2ZFNn_7vbiiGY6kABYYw2_t-te1tQL2NFofJc_cMEXpEn0biF85yHGdRUe1f6950Z-JZ5VkGS_-RQG_mZfsHA0Uwhsdg00&sai=AMfl-YQjxFADiCzbEuPEhFuMzTyR1EeZ7wPX6wh70NuUSt0i5VS9kQHs4RRPJBqtOxNFE_kJeObti76abXNl1hDu3_80V35PgGKUUJHEonABR7NAIY5GIZVZIbCZu3D-C9oeVMBRYPwdkyLDTjQWrR_05g&sig=Cg0ArKJSzNCK3_f2-UzfEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Fetch
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202504290101/pubads_impl.js?cb=31092088
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.mediafire.com/

Response headers

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXvzF_mUyzWIrZ98ubeQUjtOaYDc4W7AS-XiaWfL1Ic4d1rAl-UgzABheljEN1Rif94b8v4BM7DjFfj-KhhOP_DaTbmpGSS-NHlkHABiJvgXNr1o_fyD2yuWdHUUJdJ0WOAiF3wGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LlzENHuSE8FzaO8YXXRlhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0pBi-FB_mfUHEAvxcGy9f_QAm8CBPXMeMCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwMTI3M9A_P4AgMAh9Mk9Q"
content-security-policy: script-src 'report-sample' 'nonce-LlzENHuSE8FzaO8YXXRlhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mediafire.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXvzF_mUyzWIrZ98ubeQUjtOaYDc4W7AS-XiaWfL1Ic4d1rAl-UgzABheljEN1Rif94b8v4BM7DjFfj-KhhOP_DaTbmpGSS-NHlkHABiJvgXNr1o_fyD2yuWdHUUJdJ0WOAiF3wGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gnPtaRwTtVfknwVHbRIzMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1JBi-FB_mfUHEAvxcGy9f_QAm8CDo8veMim5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwMTI3M9A_P4AgMAn-8lRA"
content-security-policy: script-src 'report-sample' 'nonce-gnPtaRwTtVfknwVHbRIzMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mediafire.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXvzF_mUyzWIrZ98ubeQUjtOaYDc4W7AS-XiaWfL1Ic4d1rAl-UgzABheljEN1Rif94b8v4BM7DjFfj-KhhOP_DaTbmpGSS-NHlkHABiJvgXNr1o_fyD2yuWdHUUJdJ0WOAiF3wGQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s0CbscuXAosOJ0akRPohHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBi-FB_mfUHEAvxcGy9f_QAm0DD384vTEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDEyFzPwDy-wAAAixIk_w"
content-security-policy: script-src 'report-sample' 'nonce-s0CbscuXAosOJ0akRPohHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mediafire.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUkQZRAQcaQftdanF5SFztt8BiBM8R_pFKCeKP4ZfLs0FHgeKloDa4JqxLpbK9qvT7JLs9ZUfma9GnuUdHFzmfEdCpPDwKCQ-bRzVsiY-6QtOdhe58_00XX807ERoVg9ImOgSnJuA== Show response
fundingchoicesmessages.google.com/f/ 5 KB
2 KB 144ms
144ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUkQZRAQcaQftdanF5SFztt8BiBM8R_pFKCeKP4ZfLs0FHgeKloDa4JqxLpbK9qvT7JLs9ZUfma9GnuUdHFzmfEdCpPDwKCQ-bRzVsiY-6QtOdhe58_00XX807ERoVg9ImOgSnJuA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ1OTczMTczLDY3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9zN3VldXQwa2ZoNG10azMvSXRlcmF0aW9uVF92My4wLjAuemlwL2ZpbGUiLG51bGwsW1s4LCJKaWNWU0RIaTJoVSJdLFs5LCJpdyJdLFsxOSwiMiJdLFsyNCwiIl0sWzI1LCJbWzk1MzQwMjUzLDk1MzQwMjU1XV0iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

ecc6dda562852fa3e889c46a1eda73053b2fc9b89f8e8c9b124b30b5ae171cc6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fLVgCRS_ETvxaqvfh3LtMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw0JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GRds_EW61YgbtK-zdoFxEI8HFvvHz3AJvBh6ounTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBiZG5noGBvEFBgCjIDxK"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-fLVgCRS_ETvxaqvfh3LtMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED3F 0
0 160ms
160ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXazXwR5-IbSNrQu1EQYqoibke9TW4T7na5zmnYNMPzSD1xRL145ujUqRkfsxojdk3UQupxXBYACfcu1TzuS2WxYVlzBf4_7c7977ZAUk8OJIc4hFJoBLlNPRFDCVxoWB3rB9h692sAQAUuCUv3u-L8xpaDspsxKr4dl6DDLFihrlzTArhbdjT7Ubke_vyZhdbPbMIka6NkeSeW-QhPZREce7_jH5ZH7WlpiJrMxe1uLGRaBBPmkP58ItZmehnOm-m1zAasLKlvk1WAEkti8xC7F0SOt8_6X0cxMJmoPYQOuphhqUHdfrVzT4wZLBofQTKsGwuV766pscYvcT5a2f2T58B1AbxYM73f5Yn1uYjqWV1sEhDIqHS8P_a9QsVdytcqyZ2l550kFTl7YFQBUovlHliTuVnsWrXzlTu77HJt2Q&sai=AMfl-YRDiNp9oiZSFzQEr-XeGsX5O3COM4jdl3yuuqKaRfTDHQ3p0PBVpqxTSEqRstthR2yhXrZoqrAopwuGRN7iw3l74su3xLscrVBOCh9I75YJvcVWB3_WIN5mjCZP4iIpB54XabznbdLov2kTI_OV6w&sig=Cg0ArKJSzKeJx4_Z_ivFEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7965 0
0 159ms
159ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumktypS-mjtFnv4r3H7HPyt_154xiPHRT8XAhqctU3O0NE0yH4NEpEXojWgPXsHMA2J0x_BtX2mvDWSdPoDyik6i3tlXWEs338egfQKgiMxgLwtHOZorpwnJULPf5_ZUX0rrRZkPKUHqTrBSWUvhtXvjHPwNJThOKCS6oNKobuXBHoS-M9GvsLzSa2FWBPc4ywRcm6_5scfzJrinSh4YO4_cl6mPJpeIqBo-trSf5GmjMcWYdG4LW2S18-ZtdikzhdlxQzi97u8_g2zN1V7b1aqLelbUcCw_VSjpkx1QBXsbX-MM_4krfFf07P-MCuTzT2hGClG6gUhx29lq1Psz8QFZGuxSu6rUjMahTMMu4CyZVYYXUA6vReDnVwmSQ3WAORnK7qm-QCqvZFMc5WqQLSCSUiWYn27ONViexdITK5c4A&sai=AMfl-YTwOZLbJueZoXLLbR_0y1qkGtVpoQx34OrASQ_YwYtOVUBPkAWCzouUK40Qg7cc_3UXYdEMUIDhtVB0EaWpiOox_fzuoLMnhdpldecIMM_xksVpzIISFnK5W98jSOzvfytPK0d6WHSIXm_cu4Q9&sig=Cg0ArKJSzOi9j34afdXYEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 30 Apr 2025 00:32:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 30 Apr 2025 00:32:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 AGSKWxWvVHacpeOvvj1A7EGKHQWWpRAilbWk90OngP8J9Mfb_t2D1vnGUNYr0JSrtSCqvxUz_muqfQ9M_V39NEI_Su2TJ0Dj5epsVEabXd8EavbaOG4W4GuYe3mtyTkb8_vG5aJfKeSsIQ== Show response
fundingchoicesmessages.google.com/f/ 2 KB
1 KB 147ms
147ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWvVHacpeOvvj1A7EGKHQWWpRAilbWk90OngP8J9Mfb_t2D1vnGUNYr0JSrtSCqvxUz_muqfQ9M_V39NEI_Su2TJ0Dj5epsVEabXd8EavbaOG4W4GuYe3mtyTkb8_vG5aJfKeSsIQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ1OTczMTczLDgyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9zN3VldXQwa2ZoNG10azMvSXRlcmF0aW9uVF92My4wLjAuemlwL2ZpbGUiLG51bGwsW1s4LCJKaWNWU0RIaTJoVSJdLFs5LCJpdyJdLFsxOSwiMiJdLFsyNCwiIl0sWzI1LCJbWzk1MzQwMjUzLDk1MzQwMjU1XV0iXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

122fc2482eade04cf70c5ce1aa573a1aed28e9a6ee23ab44a247ff91412ee949

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-r02urIzSnCvbIJTuTJWEJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:53 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GRds_EW61YgbtK-zdoFxEI8HFvvHz3AJtDwadNaZiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTAxMjcz0Dg_gCAwCRyzvU"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-r02urIzSnCvbIJTuTJWEJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVAMYGJBs--xWyK0fhanQqc73hPcvmCnmxDpA7-GrO-CqNfexM7rwOJqBYFrUJazi6s2FQmFrI7cDJ0e16FA1gYC8NLF_YDd7r6ZXB-aft1f9zDVzxHKfYkJbseYI_Oqs7l2yQlHw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 148ms
148ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAMYGJBs--xWyK0fhanQqc73hPcvmCnmxDpA7-GrO-CqNfexM7rwOJqBYFrUJazi6s2FQmFrI7cDJ0e16FA1gYC8NLF_YDd7r6ZXB-aft1f9zDVzxHKfYkJbseYI_Oqs7l2yQlHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ1OTczMTczLDk3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3M3dWV1dDBrZmg0bXRrMy9JdGVyYXRpb25UX3YzLjAuMC56aXAvZmlsZSIsbnVsbCxbWzgsIkppY1ZTREhpMmhVIl0sWzksIml3Il0sWzE5LCIyIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTMsOTUzNDAyNTVdXSJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

a3dad4016830a3a5f6e10e022b8399b9f614a0ec9da24dbe6c7a2485e40ee358

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yT0S8cwWvT1br7ieV7PYrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:54 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw15BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYhj026ypgJx796brDeO3GRds_EW61YgbtK-zdoFxELcHNvuHz3AJrCi_bikkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkamBiZG5noFBfIEBAEFKOww"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yT0S8cwWvT1br7ieV7PYrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWz79PyQ12cLgf7klQkvNyISKhnwdA1HAmj1441DfWksZKz8_jGoB7fGLhgcL8NLi0VzoqNW-WdZHvDTxqshdzXecpJTSn3PdrtLVb1rKQLBpFNHI6Ous9qpfUO5x5WXFHK-KHxVg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 141ms
139ms XHR
text/html 142.250.186.78
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWz79PyQ12cLgf7klQkvNyISKhnwdA1HAmj1441DfWksZKz8_jGoB7fGLhgcL8NLi0VzoqNW-WdZHvDTxqshdzXecpJTSn3PdrtLVb1rKQLBpFNHI6Ous9qpfUO5x5WXFHK-KHxVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b2o43OUGoXX7eizYERAwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mediafire.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBi-FB_mfUHEAtxc2y7f_QAm8CNn7PilVyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGpgYmRuZ6BeXyBAQBvEiTE"
content-security-policy: script-src 'report-sample' 'nonce-b2o43OUGoXX7eizYERAwTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.mediafire.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A15F 16 KB
6 KB 426ms
140ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

30b7f0adc63bb1e3010cee77e9aa68b9aa8511ec29abb030a2a7d710473951a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Apr 2025 00:32:54 GMT
server: Kestrel
server-processing-duration-in-ticks: 246403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame A15F 439 B
907 B 138ms
138ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mediafire.com&sn=ChromeSyncframe&so=0&topUrl=www.mediafire.com&topicsavail=1&fledgeavail=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e1c213b9db73dc184fb7c392fdbbb64597f579d39c1f93239dab930c44cade2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
server-processing-duration-in-ticks: 1114824
expires: 0
date: Wed, 30 Apr 2025 00:32:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 203C 20 KB
7 KB 373ms
121ms Document
text/html 95.100.185.43
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/js/prebid8.10.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-185-43.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer: https://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=35230
content-encoding: gzip
content-length: 6694
content-type: text/html
date: Wed, 30 Apr 2025 00:32:55 GMT
expires: Wed, 30 Apr 2025 10:20:05 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 203C 2 KB
3 KB 435ms
130ms Script
text/html 103.231.98.107
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24694761&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.107 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: dcdb8a56d7d0f7714b0cca637c4ae33ba71e7f98a9d848749a32389bdd08f666

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Wed, 30 Apr 2025 00:32:56 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 0489
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=

35 B
589 B

136ms
136ms

Document
image/gif

37.157.2.233
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.233 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 30 Apr 2025 00:32:56 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 30 Apr 2025 00:32:56 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9C1C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2762283829040849321

42 B
242 B

253ms
136ms

Document
image/gif

103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2762283829040849321
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 30 Apr 2025 00:32:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 30 Apr 2025 00:32:56 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2762283829040849321
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 612C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

416ms
132ms

Document
image/gif

103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 30 Apr 2025 00:32:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 30 Apr 2025 00:32:56 GMT
expires: Wed, 30 Apr 2025 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 796049
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 6B69
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

308ms
308ms

Document
image/gif

67.220.226.232
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 30 Apr 2025 00:32:57 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3J52DW9KTG0CY2WMVHMJ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 30 Apr 2025 00:32:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: P1D7WG250FQCAT1WE85Q

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0248
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4089434452386030344&gdpr=0&gdpr_consent=

42 B
219 B

242ms
134ms

Document
image/gif

103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4089434452386030344&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 30 Apr 2025 00:32:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: c40e535d-67d1-4837-ad88-28e8edd0b9b1
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 30 Apr 2025 00:32:56 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4089434452386030344&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 31.187.78.25; 31.187.78.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
x-xss-protection: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58679/ Frame 203C
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=8E927890-A84D-4F68-A6A5-16EF0A1D309B&gdpr=0&gdpr_consent=
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

0
40 B

171ms
171ms

Image
text/html

87.248.119.252
YAHOO-DEB Yahoo-U...

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 30 Apr 2025 00:32:57 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
content-length: 257
date: Wed, 30 Apr 2025 00:32:57 GMT
content-type: text/html
content-language: en
server: ATS

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 203C
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

141ms
141ms

Image
image/gif

77.243.51.122
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: HTTP/1.1
Server: 77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
routing-server-id: -1
frontend-id: 11
pragma: no-cache
expires: Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin: *
uip-response-status: Ok
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
date: Wed, 30 Apr 2025 00:32:56 GMT
content-length: 42
content-type: image/gif

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: /pubmatic/1/info2?sType=sync&sExtCookieId=8E927890-A84D-4F68-A6A5-16EF0A1D309B&sInitiator=external&gdpr=0&gdpr_consent=
routing-server-id: -1
frontend-id: 7
pragma: no-cache
expires: Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin: *
uip-response-status: Ok
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
date: Wed, 30 Apr 2025 00:32:56 GMT
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 203C 95 B
439 B 388ms
134ms Image
image/png 104.22.51.98
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8E927890-A84D-4F68-A6A5-16EF0A1D309B

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.51.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 9382f1e228601917-FRA
access-control-allow-origin: https://ads.pubmatic.com
content-length: 95
date: Wed, 30 Apr 2025 00:32:56 GMT
content-type: image/png
vary: Origin
server: cloudflare
access-control-allow-headers: *

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 203C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU5Mjc4OTAtQTg0RC00RjY4LUE2QTUtMTZFRjBBMUQzMDlC&gdpr=0&gdpr_consent=&google_cm
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1

0
74 B

522ms
126ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 30 Apr 2025 00:32:56 GMT
content-type: text/html; charset=utf-8
server: nginx

Redirect headers

cache-control: no-cache, must-revalidate
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 379
date: Wed, 30 Apr 2025 00:32:56 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 203C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jpJ4kKhNT2impRbvCh0wmw%3D%3D&gdpr=0&gdpr_consent=&google_cm
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELGaZ4og2Qm8e8eAvduYg6k&google_cver=1

4 KB
4 KB

122ms
122ms

Image
text/html

95.100.185.43
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELGaZ4og2Qm8e8eAvduYg6k&google_cver=1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Server: 95.100.185.43 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-185-43.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: max-age=35229
content-encoding: gzip
expires: Wed, 30 Apr 2025 10:20:05 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 6694
date: Wed, 30 Apr 2025 00:32:56 GMT
last-modified: Wed, 13 Nov 2024 05:14:24 GMT
content-type: text/html
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESELGaZ4og2Qm8e8eAvduYg6k&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 362
date: Wed, 30 Apr 2025 00:32:56 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 203C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1

0
225 B

396ms
126ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 30 Apr 2025 00:32:55 GMT
content-type: text/html; charset=utf-8
server: nginx

Redirect headers

cache-control: no-cache, must-revalidate
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGQiYw2o1H9U7Yi8TDO7MzI&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 379
date: Wed, 30 Apr 2025 00:32:56 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 pubmatic
um.simpli.fi/ Frame 203C 43 B
610 B 396ms
129ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 29 Apr 2025 00:32:56 GMT
access-control-allow-origin: *
content-length: 43
date: Wed, 30 Apr 2025 00:32:56 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 203C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=585ef1bc-6a51-4f03-ae00-0817de9e19bf&gdpr=0&gdpr_consent=

42 B
542 B

393ms
130ms

Image
image/gif

103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=585ef1bc-6a51-4f03-ae00-0817de9e19bf&gdpr=0&gdpr_consent=
Requested by: Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
Protocol: H2
Server: 103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-store, no-cache, private
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 30 Apr 2025 00:32:57 GMT
content-type: image/gif; charset=utf-8
server: nginx

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=585ef1bc-6a51-4f03-ae00-0817de9e19bf&gdpr=0&gdpr_consent=
content-length: 355
date: Wed, 30 Apr 2025 00:32:56 GMT
server: Kestrel

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 203C 0
160 B 432ms
157ms Image
text/html 87.248.119.252
YAHOO-DEB Yahoo-U...

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8E927890-A84D-4F68-A6A5-16EF0A1D309B&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: www.mediafire.com
URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 30 Apr 2025 00:32:56 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

POST
H3 204 collect
analytics.google.com/g/ 0
0 129ms
127ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je54s1v887485693za200zb6304663&_p=1745973170472&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130498~103130500~103173737~103173739~103200001~103220085~103233427&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004&cid=523823685.1745973172&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEIAAAI&sid=1745973171&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&dt=IterationT%20v3.0.0&_s=3&tfd=9040
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He54s1v6304663za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130495~103130497~103173737~103173739~103200004
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.mediafire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to: {"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.mediafire.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:153:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:58 GMT
content-type: text/plain
server: Golfe2

GET SPug
simage4.pubmatic.com/AdServer/ Frame 203C 0
0

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 553ms
224ms XHR
text/plain 130.211.23.194

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?tid=l9NkzpF4u5-6JBYHMs9-96841c5423&w=5115845767331840&o=5678961798414336&cv=2.1.87&widget=false&nlf=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fs7ueut0kfh4mtk3%2FIterationT_v3.0.0.zip%2Ffile&sid=2pUu7t38v-4sieL89d-96841c5423&pm=false&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://www.mediafire.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Apr 2025 00:32:59 GMT
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ag.dns-finder.com
URL: https://ag.dns-finder.com/px.gif

Domain: www.mediafiredls.com
URL: https://www.mediafiredls.com/onclick/0

Domain: lbs.eu-1-id5-sync.com
URL: https://lbs.eu-1-id5-sync.com/lbs/v1

Domain: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

378 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
.mediafire.com/	1970-01-21 14:35:33	Name: ukey Value: fizkyg7bkntjj0i4ntspic0nfp7ob6pm
.mediafire.com/	1970-01-21 05:42:45	Name: conv_tracking_data-2 Value: %7B%22mf_source%22%3A%22regular_download-59%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22linux%5C%2FChrome%22%2C%22mf_campaign%22%3A%22s7ueut0kfh4mtk3%22%2C%22mf_term%22%3A%22e80896c0cf89567224e543046b64653f%22%7D
.mediafire.com/	1970-01-21 04:59:34	Name: __cf_bm Value: 9P1L.gzOG46oO5dMEhB1y7pr2w6kTzMUvI5cIzIAeao-1745973169-1.0.1.1-t3aL1bdPu.5QoIq0CJOfoCPBn8ZxGTqNHwIETNFYfiGC_C853jCwg0A77QgT9FcpJzCEwAyyoTbOxEvotYZGSvQcKynx57dAO2N1ENJT4gA
.mediafire.com/	1970-01-21 04:59:40	Name: ezoab_484470 Value: mod275-c
.mediafire.com/	1970-01-21 04:59:34	Name: lp_484470 Value: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file
.mediafire.com/	1970-01-21 05:02:25	Name: ezovuuidtime_484470 Value: 1745973171
.mediafire.com/	1970-01-21 04:59:34	Name: ezovuuid_484470 Value: 17b2e007-517c-462c-68f3-8fb207c24ad8
.mediafire.com/	1970-01-21 04:59:34	Name: ezoref_484470 Value:
.mediafire.com/	1970-01-21 05:02:25	Name: active_template::484470 Value: orig_site.1745973171
www.mediafire.com/	1970-01-21 05:02:25	Name: ezstandaloneuser Value: false
.mediafire.com/	1970-01-21 13:45:09	Name: amp_28916b Value: YYrmYcSJAmZ3ecek30y5Kt...1iq21ol1k.1iq21ol1k.0.1.1
.mediafire.com/	1970-01-21 13:45:09	Name: cf_clearance Value: yFq9srAItYvaM7l9JIIb98j.CQIjt9eaVH5PFNb8nXk-1745973171-1.2.1.1-chK1eEUq9jpT52N7hm78B2ZwXEgCGYunH7NntVvo1blj2l6dG2Kp6afN8JDbWHQEeaHVPO4XIJZV3M0N7PsXIkqtFGufmoH3NWt2viHqDBPEEKjo_VdrU31YxrDL1C3goTGnTtoGgXaRsSYpQ3wzG3G2zhjsM1Kh2RAn04EB7JHQxJt7LIVbsQLZnkV.ZNDpcE84gpxDcyX8EiN_4dQwejj6Kmm5MsIdOV28H_ZrKZ7hRpAONIeE1pU4DkZvvUb2n3yddNmb3rjBLZaDYxTPvtzYVwp8M63TXk8f5XUK1E4Cgw_59jeh1Bmx8bBd9CY.AFzk_Nd8V8IVxa0jCAcLVDmd85dXGNICShbGCLxFrns
econventa.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
econventa.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
econventa.com/	1970-01-21 14:35:33	Name: IUID Value: 84e7b27a-1588-4111-9af6-f174987e8aff
econventa.com/	1969-12-31 23:59:59	Name: ISSH Value: 7AFF3C
econventa.com/	1969-12-31 23:59:59	Name: VMI Value:
econventa.com/	1970-01-21 14:35:33	Name: CHN Value: #[]
econventa.com/	1970-01-21 14:35:33	Name: MSSH Value: #{}
econventa.com/	1970-01-21 14:35:33	Name: MSRH Value: #{}
econventa.com/	1970-01-21 14:35:33	Name: ILP Value: null
econventa.com/	1970-01-21 14:35:33	Name: ILPLU Value: #1/1/0001 12:00:00 AM
econventa.com/	1970-01-21 14:35:33	Name: ILEALC Value: #1/1/0001 12:00:00 AM
econventa.com/	1970-01-21 04:59:47	Name: ILMPF Value: #False
econventa.com/	1970-01-21 14:35:33	Name: IPMPLU Value: #1/1/0001 12:00:00 AM
econventa.com/	1970-01-21 14:35:33	Name: IPMUID Value: #
econventa.com/	1970-01-21 14:35:33	Name: BSWUID Value: #
econventa.com/	1970-01-21 14:35:33	Name: IBL Value: #[]
econventa.com/	1970-01-21 14:35:33	Name: IOPT Value: #[]
econventa.com/	1970-01-21 14:35:33	Name: ISH Value: #{"101":[{"SId":"7AFF3C","D":"25/4/29T17:32:51"}]}
econventa.com/	1970-01-21 14:35:33	Name: ISH_Q Value: #[101]
.mediafire.com/	1970-01-21 14:35:33	Name: _ga Value: GA1.2.523823685.1745973172
.mediafire.com/	1970-01-21 05:00:59	Name: _gid Value: GA1.2.1301403188.1745973172
.mediafire.com/	1970-01-21 04:59:33	Name: _gat_gtag_UA_829541_1 Value: 1
.mediafire.com/	1970-01-21 04:59:34	Name: ezopvc_484470 Value: 2
www.mediafire.com/	1970-01-21 14:35:33	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.mediafire.com/	1970-01-21 14:35:33	Name: ezohw Value: w%3D1600%2Ch%3D1200
.sharethrough.com/	1970-01-21 05:42:45	Name: stx_user_id Value: 67ea9c9d-4811-4076-97a6-ddbd0ce5dd31
.id5-sync.com/	1970-01-21 07:09:09	Name: id5 Value: 9cc7312f-74a5-7200-b92f-c11e17c7f9fd#1745973172537#3
.mediafire.com/	1970-01-21 14:21:09	Name: __gads Value: ID=1d6eb381cbee87e4:T=1745973172:RT=1745973172:S=ALNI_MZ7H6HXCjkejOaQgw8ZeIQx5VUOfQ
.mediafire.com/	1970-01-21 14:21:09	Name: __gpi Value: UID=0000109a06b2a025:T=1745973172:RT=1745973172:S=ALNI_MYto0hNkrlTff3Ou26o6Ek1pW7muA
.mediafire.com/	1970-01-21 09:18:45	Name: __eoi Value: ID=dc2603f8388a9b3b:T=1745973172:RT=1745973172:S=AA-AfjaxDcUlrV70HZhICLbyKK13
.mediafire.com/	1970-01-21 14:35:33	Name: _ga_K68XP6D85D Value: GS1.1.1745973171.1.0.1745973173.58.0.0
.doubleclick.net/	1970-01-21 14:35:33	Name: IDE Value: AHWqTUlQeybxYWSJ_GjUzb4mI2ZoSTfvLknvBmZ0xOw_W0orecmn4iRZpdITq6Ee1N4
.adsrvr.org/	1970-01-21 13:45:09	Name: TDID Value: 585ef1bc-6a51-4f03-ae00-0817de9e19bf
.crwdcntrl.net/	1970-01-21 11:28:19	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 11:28:19	Name: _cc_id Value: 6738f21a42b22f88cfaa3223db30ab2b
.mediafire.com/	1970-01-21 04:59:33	Name: lotame_domain_check Value: mediafire.com
.mediafire.com/	1970-01-21 11:28:21	Name: _cc_id Value: 6738f21a42b22f88cfaa3223db30ab2b
.mediafire.com/	1970-01-21 05:00:59	Name: panoramaId_expiry Value: 1746059573427
.mediafire.com/	1970-01-21 13:45:09	Name: FCNEC Value: %5B%5B%22AKsRol-gWZbTi8H4ihAM-O0iDVn7vYixfzzs3mA6M9dn64JZ9xwOqfLeidR56agnpZjsosgYBo_QykFHdJEEbxzbx1v8DCOalBeIKDWPLuk94tUUC1se6hsIR_ZcLcMrXJdU4bYGuqV9Uj_h2O3sW76ootQlMk9GCg%3D%3D%22%5D%5D
.mathtag.com/	1970-01-21 14:25:28	Name: uuid Value: 08236811-6fb6-4d00-a596-f6bdd593b426
.criteo.com/	1970-01-21 14:21:09	Name: uid Value: 8d681219-c4d1-4d6c-a347-f677f16eb62a
.criteo.com/	1970-01-21 14:21:09	Name: receive-cookie-deprecation Value: 1
.id5-sync.com/	1970-01-21 07:09:09	Name: 3pi Value: 19#1745973173852#2050395283\|3#1745973174602#263153913\|264#1745973173550#-1750031792#585ef1bc-6a51-4f03-ae00-0817de9e19bf
.id5-sync.com/	1970-01-21 04:59:33	Name: cf Value: gif
.id5-sync.com/	1970-01-21 04:59:33	Name: cip Value: 457
.id5-sync.com/	1970-01-21 04:59:33	Name: cnac Value: 4
.id5-sync.com/	1970-01-21 04:59:33	Name: car Value: 5
.id5-sync.com/	1970-01-21 04:59:33	Name: gdpr Value: 0\|
.mediafire.com/	1970-01-21 14:21:09	Name: cto_bundle Value: RUrYSV9mQUpPNkhtcVRtNzZhc3l6bERUekVySmtaMkd5MkRqQzVkQUJHVXJWaTlvdE5Pa1FpSGFXaVZiYklhVTY3ZjRjQ25ReUVQa1k3ZEtOMjQxZWNndzY4NVhVUUJYWWlxZGZ5Z09FbElzZ3d4d3lMYjR0YjRsQlZ1ZmVyMkE2c0g4MUxZaERjVXQwUzNRUTlrTktqZmJDbXUwUVVURnpJNzY2Qmk5YjN6cjglMkZkSSUzRA
.rubiconproject.com/	1970-01-21 13:45:09	Name: audit_p Value: 1\|EONPyM1+lCeuNBHcfkITAWd2GnUKMuPPTh0zyqzTduKUHKCefwHvs0tz+CoMfHDOv1H9Mzeg6btCbuL7wqM7W3IfPgA6JC3/h8ynoM+KqQh+w7X59z910Awl2uJrUcauW3xQJuoyyIVF0h4yWShxibOLmkq10HKRsqlSNZOaaDQ=
.rubiconproject.com/	1970-01-21 13:45:09	Name: khaos Value: MA37CK1I-R-5REE
.rubiconproject.com/	1970-01-21 13:45:09	Name: khaos_p Value: MA37CK1I-R-5REE
.rubiconproject.com/	1970-01-21 13:45:09	Name: audit Value: 1\|EONPyM1+lCeuNBHcfkITAWd2GnUKMuPPTh0zyqzTduKUHKCefwHvs0tz+CoMfHDOv1H9Mzeg6btCbuL7wqM7W3IfPgA6JC3/h8ynoM+KqQh+w7X59z910Awl2uJrUcauW3xQJuoyyIVF0h4yWShxibOLmkq10HKRsqlSNZOaaDQ=
.pubmatic.com/	1970-01-21 13:45:09	Name: KADUSERCOOKIE Value: 8E927890-A84D-4F68-A6A5-16EF0A1D309B
.pubmatic.com/	1970-01-21 07:09:09	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-21 05:00:59	Name: pi Value: 158936:2
.pubmatic.com/	1970-01-21 07:09:09	Name: DPSync4 Value: 1747180800%3A197_219_226_227
.pubmatic.com/	1970-01-21 07:09:09	Name: SyncRTB4 Value: 1747180800%3A220_201_21_56_54_13_251_3%7C1747267200%3A35%7C1746576000%3A223
.zeotap.com/	1970-01-21 13:45:09	Name: zc Value: ff8692b6-6cae-48ef-4eac-6330f1c444f7
.criteo.com/	1970-01-21 14:21:09	Name: cto_bundle Value: Ve-aYV9lRjg4dGsxcjRmQTVaREtSejFCQ0MzbFQyOXVTVSUyRldZRWx1V3Z4TFRhS1NvJTJCVkNMUTRXbjhBVDc3dyUyQjE1NzVMMHhOdjBDcFVaRjJ0cG9rYnFFM3RvenI5S0NrdGZNUTVxQkdzaWpNRU56S2VndVRWTkFqM0F4ZGxGY21FU2loaDY3bFYzUk0xT2ZBV3ZGRkxKYkNpU0ElM0QlM0Q
.onaudience.com/	1970-01-21 13:45:09	Name: cookie Value: ca03839169f9345f
.onaudience.com/	1970-01-21 05:00:59	Name: done_redirects252 Value: 1
.simpli.fi/	1970-01-21 13:46:35	Name: suid Value: 38C0DA3563144E09B0E84439ACB8A320
.adsrvr.org/	1970-01-21 13:45:09	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiUu7jdkuKDPhAFGAEgASgCMgsI5K-7iqnigz4QBTgBWghwdWJtYXRpY2AC
.semasio.net/	1970-01-21 13:45:09	Name: SEUNCY Value: B1CD2E496A99AED0
.adform.net/	1970-01-21 05:42:45	Name: C Value: 1
.adnxs.com/	1970-01-21 07:09:09	Name: XANDR_PANID Value: SKwFhXCTV0BE8FETFT80GYfMU2yTMG9chwcvsp-gS5cH1XW0B96Kf9Z1bYjOL828Ys2M7cEW1BR1HBxBTRaYHWzciQuM6jVXxauNLCOcn3M.
.adnxs.com/	1970-01-21 07:09:09	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 07:09:09	Name: uuid2 Value: 4089434452386030344
.adform.net/	1970-01-21 06:25:57	Name: uid Value: 2762283829040849321
.amazon-adsystem.com/	1970-01-21 10:53:47	Name: ad-id Value: A1Sf2OHRkUUnqfyEQTjiXPo
.amazon-adsystem.com/	1970-01-21 14:35:33	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-21 07:09:09	Name: KRTBCOOKIE_377 Value: 6810-585ef1bc-6a51-4f03-ae00-0817de9e19bf&KRTB&22918-585ef1bc-6a51-4f03-ae00-0817de9e19bf&KRTB&22926-585ef1bc-6a51-4f03-ae00-0817de9e19bf&KRTB&23031-585ef1bc-6a51-4f03-ae00-0817de9e19bf
.pubmatic.com/	1970-01-21 05:42:45	Name: PugT Value: 1745973177
.pubmatic.com/	1970-01-21 07:09:09	Name: KRTBCOOKIE_57 Value: 23339-4089434452386030344&KRTB&22776-4089434452386030344
.pubmatic.com/	1970-01-21 05:42:45	Name: KRTBCOOKIE_391 Value: 22924-2762283829040849321&KRTB&23263-2762283829040849321&KRTB&23481-2762283829040849321

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file(Line 2429) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript	error	URL: https://www.mediafire.com/file/s7ueut0kfh4mtk3/IterationT_v3.0.0.zip/file Message: Access to XMLHttpRequest at 'https://www.mediafiredls.com/onclick/0' from origin 'https://www.mediafire.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.mediafiredls.com/onclick/0 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://lbs.eu-1-id5-sync.com/lbs/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8bfdb351f508fbaf76833179faa7d62d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ag.dns-finder.com
analytics.google.com
api.amplitude.com
api.btloader.com
bcp.crwdcntrl.net
btloader.com
btlr.sharethrough.com
c1.adform.net
cdn-ima.33across.com
cdn.amplitude.com
cdn.econventa.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connectid.analytics.yahoo.com
dis.criteo.com
econventa.com
esp.rtbhouse.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
go.ezodn.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsrvr.org
mwzeom.zeotap.com
oa.openxcdn.net
pagead2.googlesyndication.com
pixel.onaudience.com
privacy.gatekeeperconsent.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.cloudflareinsights.com
static.criteo.net
static.mediafire.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tags.crwdcntrl.net
the.gatekeeperconsent.com
token.rubiconproject.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.ezojs.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.googletagmanager.com
www.gstatic.com
www.mediafire.com
www.mediafiredls.com
ag.dns-finder.com
cdn-ima.33across.com
lbs.eu-1-id5-sync.com
simage4.pubmatic.com
www.mediafiredls.com
103.231.98.107
103.231.98.109
104.16.80.73
104.17.151.117
104.21.42.32
104.21.63.106
104.22.4.65
104.22.51.98
104.26.9.66
108.177.15.156
130.211.23.194
141.95.98.65
142.250.181.232
142.250.185.161
142.250.185.206
142.250.185.66
142.250.185.70
142.250.185.99
142.250.186.110
142.250.186.67
142.250.186.78
151.101.193.229
157.240.0.35
157.240.0.6
162.19.138.119
172.217.18.10
172.67.199.186
172.67.38.106
172.67.41.60
178.250.1.11
178.250.1.39
178.250.1.9
18.173.204.202
18.245.86.69
18.66.102.2
185.64.189.112
185.89.211.84
188.114.97.3
198.47.127.205
216.239.34.181
216.58.206.34
216.58.206.35
3.33.220.150
3.72.6.211
34.102.146.192
34.96.70.87
35.190.39.111
35.204.158.49
37.157.2.233
52.223.40.198
52.57.221.121
54.201.228.35
54.220.144.202
54.38.113.7
65.9.66.97
67.220.226.232
69.173.144.165
74.121.140.211
77.243.51.122
87.248.119.252
95.100.185.43
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
05cfe92d9794a54258a19bfec7ae0faa73f61b66416983136594b4f95bb114dd
07047a74a4365bb51c0dfbd5afbaf5713d6bb91d65c3e4154c0a48053edd4fcf
0923ca035ce2e912178eb2032b148668aa905613119db6bf7a16df9178b54eb7
0c06b69cd980c621dfff35d647561cba5708d0c9eda20d46dc9202bcb93671d8
0f67393986c012dbf48aa3149e2874bd84ed5f466362ad1ac31305f697f1da7b
122fc2482eade04cf70c5ce1aa573a1aed28e9a6ee23ab44a247ff91412ee949
136a2a86b537e7fe909a0479f565714e476c88055ca3fe81209e1e17c6f43bd4
14e5146cf78e50162db17e6d10194cf7dacf3f153d98ea9d102439c6dc180085
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a0ec73a3ca7f354865d6b95401c50627fdf5a9b0da763a6f75fa818fd775b55
1c6ba1010c2cc88c59de9e9584728da124770fa399643ffc1beffcec54b84be7
1e7d15553810492d1b02ceefada455772510f699b2ec0dfa3ecb572a8078e6be
1fbeb3ea2522c23e5fc0bc3f45de1dc5b70097b978d85760de2f2e6d29513251
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
295d7ac6a4f9d49c1d113e83e3c395bf827d364d34b6b63139ce367f0556f4d1
2963508acf9e06ed042db7cd866f45005d1b49cb9306c8178cb1dc0541868dfe
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
30b7f0adc63bb1e3010cee77e9aa68b9aa8511ec29abb030a2a7d710473951a9
30be558393bd8b0585c806a6eaed6d6f5b51d1ca63c0113061dfe35eaa128ce3
338533032d1c7c1a21e4366353ac7bbd4b03bff74aa067689d8957c48288d7a2
34c5acab4f3e8b7905cb22d803a28ffb5b148684279a42418b0e20ce6ab2ee46
38f00721657fd6de7b95747418618530426233d20866cee0737fabaef1ba2876
3924f49393cd4f71189e1ac0906d38c76bd963633ff9cfcb182cf9fbd5b08040
3cefef7fc952707c97375ef3fa95a8c45a96eda7845d02bc1c28bf3570c0cfba
3e1c213b9db73dc184fb7c392fdbbb64597f579d39c1f93239dab930c44cade2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40c6d25ff7145b99246a13335d8b599ecccd7201d1f01aa4ded8c61ce2846da3
41da135a5039e2aad02bd25c14cf5105752de0ccbd088374499b08559d4378c4
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
44760d7fe873bc6ded98c454d86fc9229849f2c25ecf5808183b999f32837daf
45fd2ba3960eed5c593360163563e703c8c333d4be5736119d53b84d666783ef
47878b1adcd923dcfcf5d29ade971275259a236199ca23114deaaa409b138c18
482a94c1ba7976b2b97757f9004facd785bee598b9678fb64e2a07542f86e5b9
49f3a917f51991d266c8fd5337664dbffbe4997d1bc6f0a55784a1215bf70e36
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
50a63bf06dcdc62ce03de6a07d10770dc80cfa47ef2b63db1e9f6a5fbd786a7d
53731718ab10d0a5e783bd3eaef381aa420a233d429903bcde616619e25d330b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
572ec137575fa4799de7433a3f493bc02089ed14b410ac493262345f36c79be3
5a4b9efc09443d0168e868c413bc2c2701f1d4831553f269ffd4b5f8016457c3
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da225ff41d13daccdc866596691039b7d0dbab13fc5f91ac7fe8e2279603000
6ed73dadf4632e69b6e9202b990ec3decc450108ae3a5cc3f0aeb443d8f42c54
6fca1361d81b8d8d05afbe947e257aef026891372b45e0d2de123a907a4ed1af
6ff39e2e085828036c40efa08d69febb971361f0c11eb21f7c382e7443c08015
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
727fb2f867cdc5c248cd8c8733faf7bcfef375f7e757668b269e5430db35666c
77fe6c78e9006bb9c67abf972428e2c17d8b3b68af917b0d419d38720abc7ad4
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02
7ec07fca39de3ece6668edebbfe6002dcb9639a0f412d3af35fc7a63d3597d0f
81b49dbd181c58edb92ec92edaa0f0e982d841ab735978cfe98e7ec2eb503f7c
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84867a2de0362b28255dda2e2e5cca9c37979137b00361e22d286d64ed649678
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
8787abba1a566d5492523a12b1a7f8927db9296e83ad14efe3acd1a07037cf19
893719087a8bc6dcdfabc4e1d54fd6d724953d40da2ad369f8b4fb5f689394d7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b3a000db28359e0512e1484988806b9cdaeb457e29ef6b82bfe097e6eed3231
8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e
914a088b57a79f4a2726313146782807460cb9daf4a53b5f4539c3af39dfa4d0
91f2fceb37be6396e8f5b416d15a007ddb33034dd8496aa4a681d5bf7360761b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b41253384e2818bd0f76171d6ffd723d4c85c5e1a69da74f174489cb52a40ce
9c5b591f10c8fb4d85649e71bdc40e72a316fdceb1aab3ce125ac064ffa5f6e3
a285bc82f73dbd55244657449b4d9b2ecae8b2ea622d5558432bc818bb847df2
a3dad4016830a3a5f6e10e022b8399b9f614a0ec9da24dbe6c7a2485e40ee358
a42525b4588bca0d5e9d2020d304a727f77b707e02f2bfde6fa46ab1ffdfa486
a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5e87590d9232e0b0be4c640eeb47cb4f4299af754f195c802d49fe380ea1870
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
accc3d02487bb988ea6d87a039e8764a8ad217cb7080a3a2383d606294ebfe33
ae75158116209d042c1a6a960ffc134b3aec306694c85262d6dcfa3943a74e0c
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
bc712ccc10fbdc8f4748a10f36708fc55ebf0a3823addc4635b3c19819f35816
bd1a68269ce82da303c17ae27d563b802243dcf1a9e998cd3dabfe88bba307e5
bdb45214f548d4da3ec07c07d9f6f92f2fbff7d1ccefee55631d31729cf02a30
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c710cdd34e668d4b076117de6e491db51bfdb199410738766ebc187cf6bd625c
cab0cbd118de4f2881dbfb24c0c4a49d429cda90af998c3712103a18ad59f973
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cee9fd8e304615d5ace755818a222fb75754484b38923463745dfed56bf4e3fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d57817b2a148efd762793f7381780bc84d2aad1ed9ed8324453dffd688fd1313
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d87056db5e29b24140f294a640ff2de014d976c9c685e0f8c120c1bda006ad38
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da188258672d8fb00edd30cdc19ff27bb70f3573dd31c276c75cd9f55d6c5f7f
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738
dcdb8a56d7d0f7714b0cca637c4ae33ba71e7f98a9d848749a32389bdd08f666
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfeafb915fb5e0eaf4cce1e3abf6eeace381b5926e07261cbceffc30fa4e699
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de83d54c3c01768225e8fb034f65dd15098c70db8b2cd23e4708b9f8c08bd43f
e018b73f4d9cae1b5275be6084b2c2dab89578ee4b0aeda983763ee92cc595f2
e072d76ebfdd40a273aafcf7c9a0afb2e2ec72a74b4d76a8da188ed0b048daa9
e0ff1aa498c3e7899a1ba72cea996bea56b397a6e93864cff709ce8d1776e5ea
e26ebf3d7ca783cdafc155bc52a425d2339d23f2c4001400a7d6963918e3123e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c0df5d23898ea8e195222a6386aba911e9f282df4c0941d8baacbe35a18eea
e814d50a228f54aecf40d8a58e41d48ce1dfc4376fd5fbedc28078fe0a8c5526
eadb2140c433b64ca74a8e25665b4f80a54a4183c3cb01da578e7426fbae95c8
ecc6dda562852fa3e889c46a1eda73053b2fc9b89f8e8c9b124b30b5ae171cc6
ed2fac09523ed9ca4b23fd845302db29d2c2b405457cfaa9601e9c35959e8dd8
edd9ba487a93691460f1f5751728b06b4d8d25f4bb4da441750f9e6a50fbed68
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f1c02e9ba02a159b34fc2d7d2be0a743b497a6cd0a422a0c3acc88b871b2af96
f449b0518a2e2ed2543315b356368c9c4902c104c1f19d066d6b1c6eda4b96d7
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

www.mediafire.com Open in urlscan Pro 104.17.151.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

185 Requests

93 %HTTPS

0 %IPv6

46 Domains

71 Subdomains

57 IPs

9 Countries

2101 kBTransfer

7598 kBSize

89 Cookies

15 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mediafire.com Open in urlscan Pro
104.17.151.117 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

93 %
HTTPS

0 %
IPv6

46
Domains

71
Subdomains

57
IPs

9
Countries

2101 kB
Transfer

7598 kB
Size

89
Cookies

185 HTTP transactions
1 data transactions