www.mediafire.com
Open in
urlscan Pro
104.16.53.48
Public Scan
Effective URL: https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file
Submission Tags: malware stealer Search All
Submission: On September 13 via manual from PL — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 30th 2022. Valid for: a year.
This is the only time www.mediafire.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
check.ddos-guard.net |
Domain | Requested by | |
---|---|---|
10 | static.mediafire.com |
www.mediafire.com
|
5 | btlr.sharethrough.com |
www.mediafire.com
|
5 | gg.gg |
1 redirects
href.li
gg.gg |
4 | www.mediafire.com |
href.li
www.mediafire.com |
2 | ad-delivery.net |
www.mediafire.com
|
2 | www.googletagmanager.com |
www.mediafire.com
|
2 | securepubads.g.doubleclick.net |
www.mediafire.com
securepubads.g.doubleclick.net |
2 | check.ddos-guard.net |
gg.gg
|
2 | href.li |
gg.gg
|
1 | translate.googleapis.com | |
1 | ad.doubleclick.net |
www.mediafire.com
|
1 | www.facebook.com |
www.mediafire.com
|
1 | static.cloudflareinsights.com |
www.mediafire.com
|
1 | cdn.otnolatrnup.com |
www.mediafire.com
|
1 | prebid.media.net |
www.mediafire.com
|
1 | mediafire-d.openx.net |
www.mediafire.com
|
1 | hbopenbid.pubmatic.com |
www.mediafire.com
|
1 | onetag-sys.com |
www.mediafire.com
|
1 | translate.google.com |
www.mediafire.com
|
1 | btloader.com |
www.mediafire.com
|
1 | cdn.amplitude.com |
www.mediafire.com
|
1 | fundingchoicesmessages.google.com |
www.mediafire.com
|
1 | cazi.me | 1 redirects |
1 | bit.ly | 1 redirects |
0 | api.btloader.com Failed |
btloader.com
|
0 | www.google-analytics.com Failed |
www.googletagmanager.com
|
0 | otnolatrnup.com Failed |
cdn.otnolatrnup.com
|
0 | api.amplitude.com Failed |
cdn.amplitude.com
|
55 | 28 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tls.automattic.com R3 |
2022-08-25 - 2022-11-23 |
3 months | crt.sh |
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA |
2022-07-25 - 2023-08-25 |
a year | crt.sh |
*.mediafire.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-30 - 2023-09-30 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
cdn.amplitude.com Amazon |
2021-12-17 - 2023-01-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-05 - 2023-08-05 |
a year | crt.sh |
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-01-10 - 2023-01-03 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2022-06-13 - 2023-07-14 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2022-07-21 - 2023-08-21 |
a year | crt.sh |
*.media.net Sectigo RSA Domain Validation Secure Server CA |
2022-04-06 - 2023-05-04 |
a year | crt.sh |
*.sharethrough.com Amazon |
2022-07-14 - 2023-08-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-22 - 2022-09-20 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-22 - 2022-11-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file
Frame ID: 5BB87CB198DD3D0240ED06421733322E
Requests: 55 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: 156B393A0DD6705FDD14F725C2500F7C
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/3L0voKV
HTTP 301
https://href.li/?http://gg.gg/1266rf Page URL
- http://gg.gg/1266rf Page URL
-
http://gg.gg/1266rf
HTTP 301
https://cazi.me/8vADa HTTP 302
https://href.li/?https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime... Page URL
- https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file Page URL
Detected technologies
CodeIgniter (Web Frameworks) ExpandDetected patterns
Amplitude (Analytics) Expand
Detected patterns
- cdn\.amplitude\.com
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3L0voKV
HTTP 301
https://href.li/?http://gg.gg/1266rf Page URL
- http://gg.gg/1266rf Page URL
-
http://gg.gg/1266rf
HTTP 301
https://cazi.me/8vADa HTTP 302
https://href.li/?https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file Page URL
- https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/3L0voKV HTTP 301
- https://href.li/?http://gg.gg/1266rf
- http://gg.gg/1266rf HTTP 301
- https://cazi.me/8vADa HTTP 302
- https://href.li/?https://www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/file
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
href.li/ Redirect Chain
|
417 B 313 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1266rf
gg.gg/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
555 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check
gg.gg/.well-known/ddos-guard/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js
check.ddos-guard.net/ |
152 B 490 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
I2RmLHr43PfogS75
gg.gg/.well-known/ddos-guard/id/ |
68 B 411 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
I2RmLHr43PfogS75
check.ddos-guard.net/set/id/ |
68 B 252 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gg.gg/.well-known/ddos-guard/mark/ |
0 143 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
href.li/ Redirect Chain
|
696 B 318 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
file
www.mediafire.com/file/ch9lzbufzrn0ifv/ExitLag_4.201_%252B_Lifetime_Key.rar/ |
315 KB 85 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=
fundingchoicesmessages.google.com/f/ |
104 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid5.17.0.js
www.mediafire.com/js/ |
263 KB 78 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/ |
68 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
btloader.com/ |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
file-zip-v3.png
static.mediafire.com/images/filetype/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ |
36 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apps_list_sprite-v6.png
static.mediafire.com/images/backgrounds/download/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ |
315 B 314 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ |
444 B 374 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ |
181 B 282 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element.js
translate.google.com/translate_a/ |
76 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ |
583 B 697 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
prebid-request
onetag-sys.com/ |
15 B 364 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
translator
hbopenbid.pubmatic.com/ |
0 117 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arj
mediafire-d.openx.net/w/1.0/ |
73 B 379 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
prebid
prebid.media.net/rtb/ |
1 KB 827 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
btlr.sharethrough.com/universal/ |
0 158 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
btlr.sharethrough.com/universal/ |
0 158 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
btlr.sharethrough.com/universal/ |
0 159 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
btlr.sharethrough.com/universal/ |
0 158 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
btlr.sharethrough.com/universal/ |
0 158 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infinity.js.aspx
cdn.otnolatrnup.com/Scripts/ |
199 KB 68 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
api.amplitude.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
like.php
www.facebook.com/plugins/ Frame 156B |
0 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ |
143 KB 52 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
continent-eu.svg
static.mediafire.com/images/backgrounds/download/additional_content/ |
23 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fin.svg
static.mediafire.com/images/flags_svg/ |
275 B 240 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ |
234 B 277 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 343 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ad.doubleclick.net/ |
1 KB 663 B |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
ad-delivery.net/ |
43 B 864 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ |
382 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eWK9qnig1L4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpvY8V7VEEqHubYSWSOFisTqxoA6w/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Tag.engine
otnolatrnup.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
AGSKWxUnQrGsRWKuIFWwTKWrjLjXzrx1raAtPNWBlLHB_H0gZ-uSw5M3Q1bOzyEtTnramY0eAm-Dy5buGZNQCupqm6I=
fundingchoicesmessages.google.com/el/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
AGSKWxUnQrGsRWKuIFWwTKWrjLjXzrx1raAtPNWBlLHB_H0gZ-uSw5M3Q1bOzyEtTnramY0eAm-Dy5buGZNQCupqm6I=
fundingchoicesmessages.google.com/el/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AGSKWxXH0CSvq9ldZMEso73H5-wN71X7eOgAUUXTts41qmJSKwhPzFotLwCuwP0i1sMi-8l9YrMXhNjwMYR-QM7zOHE=
fundingchoicesmessages.google.com/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.js
www.google-analytics.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pv
api.btloader.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.amplitude.com
- URL
- https://api.amplitude.com/
- Domain
- securepubads.g.doubleclick.net
- URL
- https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafire.com
- Domain
- translate.googleapis.com
- URL
- https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eWK9qnig1L4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpvY8V7VEEqHubYSWSOFisTqxoA6w/m=el_main
- Domain
- otnolatrnup.com
- URL
- https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=12356&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fch9lzbufzrn0ifv%2FExitLag_4.201_%25252B_Lifetime_Key.rar%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
- Domain
- fundingchoicesmessages.google.com
- URL
- https://fundingchoicesmessages.google.com/el/AGSKWxUnQrGsRWKuIFWwTKWrjLjXzrx1raAtPNWBlLHB_H0gZ-uSw5M3Q1bOzyEtTnramY0eAm-Dy5buGZNQCupqm6I=?pvid=3C74F576-530F-4288-94BB-76EFF6709348
- Domain
- fundingchoicesmessages.google.com
- URL
- https://fundingchoicesmessages.google.com/el/AGSKWxUnQrGsRWKuIFWwTKWrjLjXzrx1raAtPNWBlLHB_H0gZ-uSw5M3Q1bOzyEtTnramY0eAm-Dy5buGZNQCupqm6I=?pvid=3C74F576-530F-4288-94BB-76EFF6709348
- Domain
- fundingchoicesmessages.google.com
- URL
- https://fundingchoicesmessages.google.com/f/AGSKWxXH0CSvq9ldZMEso73H5-wN71X7eOgAUUXTts41qmJSKwhPzFotLwCuwP0i1sMi-8l9YrMXhNjwMYR-QM7zOHE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzMDgyNjk3LDUyMzAwMDAwMF0sIjNDNzRGNTc2LTUzMEYtNDI4OC05NEJCLTc2RUZGNjcwOTM0OCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9jaDlsemJ1ZnpybjBpZnYvRXhpdExhZ180LjIwMV8lMjUyQl9MaWZldGltZV9LZXkucmFyL2ZpbGUiLG51bGwsW1s4LCJPV3ZzRDVmUElndyJdXV0
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/analytics.js
- Domain
- api.btloader.com
- URL
- https://api.btloader.com/pv?tid=BjMfgwqu&w=5115845767331840&o=5678961798414336&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fch9lzbufzrn0ifv%2FExitLag_4.201_%25252B_Lifetime_Key.rar%2Ffile&upapi=true
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: m8dfoP-147738790e05b509dc-00c |
|
.gg.gg/ | Name: __ddgid_ Value: eDJUF81Fg55QYuCY |
|
.gg.gg/ | Name: __ddgmark_ Value: HGQrR0E6QZzh8Z9Z |
|
.gg.gg/ | Name: __ddg5_ Value: dHtiCjoicgw1QzPY |
|
.check.ddos-guard.net/ | Name: __ddg2 Value: I2RmLHr43PfogS75 |
|
.gg.gg/ | Name: __ddg2_ Value: I2RmLHr43PfogS75 |
|
.gg.gg/ | Name: __ddg1_ Value: IZyPhUxxIuDwUBaXAaki |
|
gg.gg/ | Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22c925bf6bdcd9cef85e4822aee5c0ed3b%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.175%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.102+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1663082694%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7155d6f2bc947daf267a9458fc383c95 |
|
.gg.gg/ | Name: gg_token Value: 24cf3183ed1afe1cbc23a0db8b01d8af6320a0c6d01734.70670535 |
|
cazi.me/ | Name: clid Value: 272272890 |
|
cazi.me/ | Name: XSRF-TOKEN Value: eyJpdiI6ImczMnpzeHBlVm9kNFpJMllJOVFSM1E9PSIsInZhbHVlIjoiamZSTXo1RVdqMElGUk4yeG56VkJocFhYdDVtaGE3NE05cTRoSjNJWS9GbTFQMldXUTN6c2lpQmx1Tk1QcHF1TEdxY3ZtZEQyK2o2QkpuNGFYQkk0VXNweXZEUlhXbzRPemxsVjI1TURubE95c0ZzTTNmN3JFc29qQ3BaQkt0WmIiLCJtYWMiOiI2NDY2YjVjYzcyMWQ5MDc0MzRmMWFmZDgwNjNlNjJhNGU3M2RiNDNjZmY3MDVlMGM4MzA4YjliYmU0Zjk5NDkwIn0%3D |
|
cazi.me/ | Name: cuti_session Value: eyJpdiI6IkpLQnp1T0pXZ21rZUgzUUFVMUpndVE9PSIsInZhbHVlIjoiZlFEeWpQRnIyRDN3ci9VRXVqUzdpcXVZdm5MYVhKSmRwdWhVejZZWTNXYjRxL0c4ZDg2M1Vpc1huL0ZvSEw0TFl1Q3dDWE1pbHk1TnNDMlA1b3FyYTk3ZGZua0VOQXVHTENZRTlSbHV4YzBWSGl6OWRUd0E3UlgvaHJnb2wvRjUiLCJtYWMiOiJlN2I2NjkwYzk1MGNhOTBhZThmNTMyMjdjMWU3MWJlNjdhMjYyZWNiMWU2MTEzMmZhNjI4ZDJjMjgxZTllOTQ4In0%3D |
|
cazi.me/ | Name: dC7aNWmVU4FYmM0qm1qDLZz4GUD0uPIW6Yc0hFFp Value: eyJpdiI6ImljeTNBSER3K2krVlplYTZMS0gxdlE9PSIsInZhbHVlIjoiZkxTakM0U0RCQzlxVWUrLzQ3cjdITGl0aHJ1RG00cXYrZXNPM1pEeE9aeGpuRnpScWZUdEhDUDVMUldHSVIyVy9DUEUzSmpIM3ZTTGJJTHFZL3ZJYzZKRU1aUHFiT0Q5cmhRZmJVMFJNVTc1WEh1ZFNVT2kwcjh1V0w5dkNneUtBdUd4VHdCcnplOTFNUThZMTA5b0RBY3UyTlp1dW42QlYyczVBZzlHOW4rYU1ZMndlWW9MamNJV2dmZXk0cmRVZ3gySjk4amRiNEQwVGpoUHBDN1NNZmJ1NExRTG1xbXIzR09hK1UzN3RVSkU1R2VXam5GUG80YXB3SjVSRy9zSjZQeXVKTzRCYVZYWUZtTXNFbWJJUmhUS29yVnBKVHZqLzJ5aXVnaUh1c1dzZlNNQUxkZTNOSUVvcEw0a2hQYndLVitWc0taOW9mcEFwWGlJUEVpWHNHYmc3aHJqSFNRRWNoSWVKZUh4RzVNNDZubzlJQ21CM1BJbytnQkN6OXJkRy9pVlY5LzgrbUgwQ0JZbm5FVDJ5dz09IiwibWFjIjoiZDE3MzljMTJlNDgxMzMzYjc0MTk1MTA2NmJmZjBmNjk1OGY4YWFlOTk3MDNjZGU4OGMyMTJmYTFlYzk4ZGM4ZSJ9 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad-delivery.net
ad.doubleclick.net
api.amplitude.com
api.btloader.com
bit.ly
btloader.com
btlr.sharethrough.com
cazi.me
cdn.amplitude.com
cdn.otnolatrnup.com
check.ddos-guard.net
fundingchoicesmessages.google.com
gg.gg
hbopenbid.pubmatic.com
href.li
mediafire-d.openx.net
onetag-sys.com
otnolatrnup.com
prebid.media.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.mediafire.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.mediafire.com
api.amplitude.com
api.btloader.com
fundingchoicesmessages.google.com
otnolatrnup.com
securepubads.g.doubleclick.net
translate.googleapis.com
www.google-analytics.com
104.16.53.48
142.250.186.102
18.194.118.84
185.129.100.100
192.0.78.26
198.47.127.22
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700:440e::ac40:9c1a
2606:4700::6813:d725
2a00:1450:4001:80b::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a01:4f9:4a:27ec::2
2a03:2880:f12d:181:face:b00c:0:25de
34.107.148.139
34.98.64.218
51.89.9.253
52.222.206.118
67.199.248.11
91.215.42.31
02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
4461e368bbafe725369b1914d72868a87f2f130282e71728aa1c2347f95b85e1
648eeb3d9b95548aeb731df2de7f2cd089ef4772d9e39888124f7e1075df3eff
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6dc7917529ca101209b15752c61816375bbbb8b7b9809efb540ccacf45748d09
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
781f9640521a0e58c8bfa567d0b6646fd227fb85ff3530f737ebec5998633ce0
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
9b7796313db30fe858e40d99504943434fdea81acd6aaed8720641ebaf78e33b
a2ab26e0e5a6dc2f42774b07ec870232e61387d0bb998f56218a777e83ff9214
bdc07e7626dea2822fe78363afec4a3a9a4ab9290e81cc1dcc1208a00b04b3a5
c88d15bd72a34e351da0555eb323c48f58ff66ae843bc0e04e90e18eebf5e631
cbb99c4149249b280f1d3d924d9bdd29a4a14cba1e71775fb3bdbdf13ebd5a48
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738
e0cee25d1d840eaad0aa6c58e2edbaaa33adbdb84798f8a795866d80fc77315c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
f28d7569cc03d76cdb3aa1719c8005bc5c3b37eb2134be96ae16171cc1166380
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061