www.mediafire.com Open in urlscan Pro
104.16.202.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://loandata.cdosuitewiki.com/
Effective URL:
http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Submission: On June 21 via api (June 21st 2022, 2:41:44 am UTC) from CA — Scanned from CA

Summary HTTP 107 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 24 domains to perform 107 HTTP transactions. The main IP is 104.16.202.237, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 27632.

This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.209.156.152 35.209.156.152	15169 (GOOGLE) (GOOGLE)
1 6	104.16.202.237 104.16.202.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
8	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1	13.249.178.87 13.249.178.87	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.16.203.237 104.16.203.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:d625	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
5	52.0.130.158 52.0.130.158	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.65.166 142.250.65.166	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.233.100.70 44.233.100.70	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
5	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
3	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
107	40

1 35.209.156.152 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 152.156.209.35.bc.googleusercontent.com

loandata.cdosuitewiki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.202.237 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:823::200e (Mullica Hill, United States) 1 redirects

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2008 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.178.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-178-87.bos50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.203.237 (None, )

ASN13335 (CLOUDFLARENET, US)

static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d625 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

mediafire-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.0.130.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-130-158.compute-1.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.100.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-100-70.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

qfmlxrct3rwm.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

qfmlxrct3rwm.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

qfmlxrct3rwm.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2004 (Mullica Hill, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2145 translate.google.com — Cisco Umbrella Rank: 1472 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	121 KB
17	mediafire.com 1 redirects www.mediafire.com — Cisco Umbrella Rank: 27632 static.mediafire.com — Cisco Umbrella Rank: 41876	271 KB
14	adsco.re c.adsco.re — Cisco Umbrella Rank: 16871 6.adsco.re — Cisco Umbrella Rank: 17597 4.adsco.re — Cisco Umbrella Rank: 18906 adsco.re — Cisco Umbrella Rank: 14308 qfmlxrct3rwm.l4.adsco.re qfmlxrct3rwm.n4.adsco.re qfmlxrct3rwm.s4.adsco.re	78 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 ad.doubleclick.net — Cisco Umbrella Rank: 203 stats.g.doubleclick.net — Cisco Umbrella Rank: 125 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	188 KB
6	googlesyndication.com aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	24 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 318	109 KB
5	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1304	985 B
4	gstatic.com www.gstatic.com fonts.gstatic.com	32 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1223 fonts.googleapis.com — Cisco Umbrella Rank: 67	81 KB
3	otnolatrnup.com cdn.otnolatrnup.com — Cisco Umbrella Rank: 50624 otnolatrnup.com — Cisco Umbrella Rank: 37165	67 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 555	139 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1360	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1219 api.btloader.com — Cisco Umbrella Rank: 1336	6 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3851 api.amplitude.com — Cisco Umbrella Rank: 1350	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	105 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 7485	501 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	16 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1375	824 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 514	117 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 813	364 B
1	openx.net mediafire-d.openx.net — Cisco Umbrella Rank: 48186	593 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1332	5 KB
1	cdosuitewiki.com 1 redirects loandata.cdosuitewiki.com	333 B
107	24

	Domain	Requested by
11	static.mediafire.com	www.mediafire.com
11	fundingchoicesmessages.google.com	www.mediafire.com securepubads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.mediafire.com securepubads.g.doubleclick.net
6	www.mediafire.com	1 redirects www.mediafire.com static.cloudflareinsights.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	btlr.sharethrough.com	www.mediafire.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.mediafire.com
3	www.google.com	1 redirects www.mediafire.com tpc.googlesyndication.com
3	www.gstatic.com	www.mediafire.com translate.googleapis.com
3	4.adsco.re	www.mediafire.com c.adsco.re
3	6.adsco.re	www.mediafire.com c.adsco.re
3	c.adsco.re	cdn.otnolatrnup.com c.adsco.re
2	otnolatrnup.com	cdn.otnolatrnup.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	adsco.re	c.adsco.re
2	translate.googleapis.com
2	static.xx.fbcdn.net	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad-delivery.net	www.mediafire.com
2	translate.google.com	1 redirects www.mediafire.com
2	www.googletagmanager.com	www.mediafire.com
1	googleads.g.doubleclick.net	www.mediafire.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.ca	www.mediafire.com
1	aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	qfmlxrct3rwm.s4.adsco.re	c.adsco.re
1	qfmlxrct3rwm.n4.adsco.re	c.adsco.re
1	qfmlxrct3rwm.l4.adsco.re	c.adsco.re
1	api.btloader.com	btloader.com
1	api.amplitude.com	cdn.amplitude.com
1	www.facebook.com	www.mediafire.com
1	ad.doubleclick.net	www.mediafire.com
1	prebid.media.net	www.mediafire.com
1	hbopenbid.pubmatic.com	www.mediafire.com
1	onetag-sys.com	www.mediafire.com
1	mediafire-d.openx.net	www.mediafire.com
1	static.cloudflareinsights.com	www.mediafire.com
1	cdn.otnolatrnup.com	www.mediafire.com
1	btloader.com	www.mediafire.com
1	cdn.amplitude.com	www.mediafire.com
1	loandata.cdosuitewiki.com	1 redirects
107	44

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-04-24` - `2022-07-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.l4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Frame ID: E534AFC498A9B411D11A983BEAE411DA
Requests: 95 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: E080F61B1B6BFE9A6456743ECEAA8D13
Requests: 3 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: EECC8515461099EA5EB79DA68D78FED6
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 33C8215DC0BA9366C51151136AF19066
Requests: 1 HTTP requests in this frame

Frame: https://aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ECA89A28E373B367A1BFB44E50A0DAE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A70827BD0DF1E3C2B2DEFEE081F70A2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D736173E70DD3A50BF214340587B3695
Requests: 1 HTTP requests in this frame

Frame: https://aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28FCC3064E51F8E7DDA54CBDF9D6B93D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://loandata.cdosuitewiki.com/ HTTP 301
http://www.mediafire.com/?dlyyr3k5njh HTTP 302
http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pd... Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

107
Requests

69 %
HTTPS

56 %
IPv6

24
Domains

44
Subdomains

40
IPs

5
Countries

1290 kB
Transfer

3827 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C209L4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAcgDCqoE5QJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFA239XgNTXptZJhRVIpa2sBkTlsYcJo_MVO86Ew81wCBHEUb8ww8LH9Zh0oO38i_gHleTHzRePHj21QpyPABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIBwiIYRABGB2xCeW8b1Z7ozfAgAoDmAsByAsBuAwB2BMD0BUBmBYB-BYBgBcB&ae=1&num=1&sig=AOD64_0ygeKBWYe8TvWWWxnsP_1YBwsJ8A&client=ca-pub-4150982282538644&nb=0&adurl=https://bassadone.gi%3Fgclid%3DEAIaIQobChMI97Tax8K9-AIVCjCHCh1kfwMFEAEYASAAEgJIRvD_BwE
Title: Test drive now

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C209L4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAcgDCqoE5QJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFA239XgNTXptZJhRVIpa2sBkTlsYcJo_MVO86Ew81wCBHEUb8ww8LH9Zh0oO38i_gHleTHzRePHj21QpyPABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIBwiIYRABGB2xCeW8b1Z7ozfAgAoDmAsByAsBuAwB2BMD0BUBmBYB-BYBgBcB&ae=1&num=1&sig=AOD64_0ygeKBWYe8TvWWWxnsP_1YBwsJ8A&client=ca-pub-4150982282538644&nb=7&adurl=https://bassadone.gi%3Fgclid%3DEAIaIQobChMI97Tax8K9-AIVCjCHCh1kfwMFEAEYASAAEgJIRvD_BwE
Title: Test drive now

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C209L4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAcgDCqoE5QJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFA239XgNTXptZJhRVIpa2sBkTlsYcJo_MVO86Ew81wCBHEUb8ww8LH9Zh0oO38i_gHleTHzRePHj21QpyPABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIBwiIYRABGB2xCeW8b1Z7ozfAgAoDmAsByAsBuAwB2BMD0BUBmBYB-BYBgBcB&ae=1&num=1&sig=AOD64_0ygeKBWYe8TvWWWxnsP_1YBwsJ8A&client=ca-pub-4150982282538644&nb=1&adurl=https://bassadone.gi%3Fgclid%3DEAIaIQobChMI97Tax8K9-AIVCjCHCh1kfwMFEAEYASAAEgJIRvD_BwE
Title: Bassadone Motors

Search URL Search Domain Scan URL

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=C209L4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAcgDCqoE5QJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFA239XgNTXptZJhRVIpa2sBkTlsYcJo_MVO86Ew81wCBHEUb8ww8LH9Zh0oO38i_gHleTHzRePHj21QpyPABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIBwiIYRABGB2xCeW8b1Z7ozfAgAoDmAsByAsBuAwB2BMD0BUBmBYB-BYBgBcB&ae=1&num=1&sig=AOD64_0ygeKBWYe8TvWWWxnsP_1YBwsJ8A&client=ca-pub-4150982282538644&nb=8&adurl=https://bassadone.gi%3Fgclid%3DEAIaIQobChMI97Tax8K9-AIVCjCHCh1kfwMFEAEYASAAEgJIRvD_BwE
Title: Open

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEbUUerbUzvHDuBT6nQS-18skcqCQRqEozB_QcZrdJj0arb6VCbD9F4WJRK-5D1kPoqlYoht3vx5plt-Yu3no5yRHNix-6SYXt7tYrPEjCjUIokWoS1bDJpQxSYDG8jeUJKoSPUeRzZ92RxSyqpkfFDxuH0EMolX9gRmgoxkV2Qo6wTowP9c7WrHAAfQgIavUWP7n5TDA6RYDQbu45EGQ3-M-PlFZ1862lc5oZpwuy3CQrTkPrA_hNY5AUKVnSX60O1GkXdjwIsV7lk8U3xGG6kzAhLECAIoik6th6X2nfxee8TzD5aDzVEzfjOMvEb8g4YdZ0f0xb3QsVtm8QHEewPHLzO1SkQYgSDYHP3tVapMJ0_-QaKtVOzoUp1rXPwZHEPDFODVowsOzlnfa5x3EVp8t9nPdyZb-QFkrvtLLEDi5U4Ra8eTjCroL4L3fqY2PJQb2skkFuV63l-IeM7QcJf0QRkvuppuZ9n3fnFE0xyV21aN-g8717s9d76lJP80WcAx3bVteCvSu0za4ch9SPyxpmhhkizuN2xLxh6E-eGg_mQvbG-va4OmEWcKIcGU4eKCwRHWMSMubcMbKFY_WBmqyHmDooXS_zIqvC8uH8rkOUk1XDBGEp2L9PfZIhL0YaFchjjGgSwUH3unnaPlJUykXFNj2CHvghVrnlyrFAiAWBQhlawRahu4AtLK8FDH7fisrYuEbIyCxo7rAODJqddY4NsGBOtcBAyp5vpzJSs2gaDV8u5VPWe8j1HSOHRGycCcysf-XL3iqGZgOS1kioBNS7cb8VD7Ag9LYM7quEn3IB0xH9GjoQM-Wdb3b5gcC3dZN-rHp2fl0IWg1eFQjvG8e9idhIHMGfYTQKaAs4sGDblmiTYUgrnzjhaaUzS_vq5WE8UHGjHvB5BjrYZe9wop30Ar98dJ73G1gsnHIkP5OL3s50WRToGSaBYxOzLQSbisGAgVtWxlSt7j9vpoBrwmYeIQTz6mJ6oL4W2a0O26JMRNZg9YofRT7d_kqYK5zaesiTHZAGJOqtpwvbtdVGr_YKsCuDnzDG2d5QnnkvFD-BddapYzXiZQs1wFK51EoN_zQeXfRb8ko6drfRiFSMonnIuZw4JwpDey2zPFn12lTIjQlFKXBBSKkZUpsRtFcZJ8UhHtEzjQ39LB5lk1LzYQkCc1FYMjW4cB9b9_5F_t6txf37bYNqLnIn4wIXDNepjBcoOeqhFQmFw5GgzVZbmqknKdayj67JxGt7uHlITgebA8en_kLmCQO4VzUt90LlqRKXQA6XtLFSC8x1kaztZt6f3wi4LGcyI-YqmAKmRyGJr0Dofm_Z62M-yRM2IvDpuD6JKK-RD9LhvQdZIsbb5BcvP7w4v-PnYv8OkJ75iuEhvJGaFv8TfA07153D43QLSTNTkq7TaqNMKU-GoMiqCL8X8axXVShoDV62MDoCcMiwnPJQvmgQpiZ9asPwR1kYKk1bXeShYDwkN4C5VXkcXosZUq7bwmuWDSrMVkwt51W0cXBv1SNbrzc9eZ_l79LCj9t_ev_svt_jL0PMB6TdpRAIB6kqO_ohQwJLJW0QRS1B9atZ2sJn0-un7zMbVtpxZWYHXlyx5Hj46lnPfnrLKjGRUAIEjq1_4YGkC-Mj7Y3dCk7kCHW7db3J0WWYJ0bk44WlGX9D_9ctyR0eS7nQXWrUJZq5xKUWN0Rn6BRDxWdPp04-iWm24Dz0rGZ_-1gSWbHmtiuAiCkpQUzFBCXTIfWDoWj0tJaegvxRPYqWcfGWnfLC9CUFScGA3dTgBD91cohgorNikTL7TvC5Ua3wWi7PLG9A

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://loandata.cdosuitewiki.com/ HTTP 301
http://www.mediafire.com/?dlyyr3k5njh HTTP 302
http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://translate.google.com/translate_a/element.js?cb=googFooterTranslate HTTP 301
https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Request Chain 105

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request file Show response
www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/
Redirect Chain

http://loandata.cdosuitewiki.com/
http://www.mediafire.com/?dlyyr3k5njh
http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

304 KB
84 KB

205ms
205ms

Document
text/html

104.16.202.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

HTTP/1.1

Server

104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33240bb1c2f9c14a53f3358cdf322c9b0d72e52c92a11479f366d628bc95fea4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
CF-Cache-Status: DYNAMIC
CF-RAY: 71e962e678d954d9-YYZ
Cache-Control: no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Jun 2022 02:41:38 GMT
Expires: 0
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Pragma: no-cache
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex, nofollow

Redirect headers

Access-Control-Allow-Origin: http://www.mediafire.com
CF-Cache-Status: DYNAMIC
CF-RAY: 71e962e47eaa54d9-YYZ
Cache-Control: no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Jun 2022 02:41:38 GMT
Expires: 0
Location: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Pragma: no-cache
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA= Show response
fundingchoicesmessages.google.com/f/ 99 KB
35 KB 118ms
59ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7026864609d74f5e074e44069ca93113eaad315d951f7e1a59be6a72cf1ce01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_dxzDlDpsrtKAB0fWg1VTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-_dxzDlDpsrtKAB0fWg1VTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-_dxzDlDpsrtKAB0fWg1VTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-_dxzDlDpsrtKAB0fWg1VTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 260ms
202ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

f6d81c35673b3fe05f0df544860c5bc25d828fd8d13c2bb141c87c9c3fc864c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28067
x-xss-protection: 0
server: sffe
etag: "1251 / 960 of 1000 / last-modified: 1655503484"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Jun 2022 02:41:38 GMT

GET
H/1.1 200
OK prebid5.17.0.js Show response
www.mediafire.com/js/ 263 KB
79 KB 42ms
38ms Script
application/x-javascript 104.16.202.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mediafire.com/js/prebid5.17.0.js
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc7917529ca101209b15752c61816375bbbb8b7b9809efb540ccacf45748d09

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457244
Cf-Polished: origSize=269036
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
ETag: W/"627185bd-41aec"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:40:54 GMT
Cache-Control: max-age=2592000
CF-RAY: 71e962e7fa5554d9-YYZ
Cf-Bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 106ms
59ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8aaffba69039f3136ad0b741d06d4e87b6fd1260a24ba1d2cd0f1b911d2da5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39814
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Jun 2022 02:41:38 GMT

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 100ms
27ms Script
application/javascript 13.249.178.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.178.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-178-87.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: http://www.mediafire.com/
Origin: http://www.mediafire.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 30 May 2022 07:08:24 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1884795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22154
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via: 1.1 48a4cbead7454531a87cd246667053de.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: BOS50-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ArexZcNvU-N4IxLJA-iLx10OZrFM3200APvxkjpO-kFYd3cCKWDRNA==

GET
H2 200 tag Show response
btloader.com/ 12 KB
6 KB 53ms
27ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1734
content-length: 5389
last-modified: Tue, 21 Jun 2022 02:11:31 GMT
server: cloudflare
etag: "df48150a5a0b6d5007577a68caccbea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dPDp1twKEu6UtwYC%2FgfndIFW%2FakjM23dAdjbgQuhQaXwEzvSSklzx%2FyQD1M6YPoSzdCvtbjsCBa4jEDE0ePYUjjkXKV5bDfbCFwfRlx40f0md6MOLKGEfN9IOCjzLITgWvEhpTMMU5QhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 71e962e81aefece2-YUL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
66 KB 80ms
34ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d595d98e2cbb23b648da49ee6fe6072898de557251123d23da3367ee52bfa2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66986
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Jun 2022 02:41:38 GMT

GET
H/1.1 200
OK mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 61ms
34ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 28 Oct 2016 22:22:42 GMT
Server: cloudflare
Age: 1836
ETag: W/"5813cfb2-d1d"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e82f1da1f8-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK file-pdf.png
static.mediafire.com/images/filetype/new/ 2 KB
3 KB 60ms
33ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/filetype/new/file-pdf.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00deab78fb65141d97272a69bb45c8f517f7c1242b005c3033e47830b1b0a33a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457009
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 2021
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
ETag: "56e35350-7e5"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:44:49 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 71e962e82ab33fd8-YYZ
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 36 KB
9 KB 52ms
39ms Image
image/svg+xml 104.16.202.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 7098
ETag: W/"627185bd-90ab"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e80f43a1f2-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK dl_promo_logo.png
static.mediafire.com/images/backgrounds/download/ 945 B
2 KB 53ms
36ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/dl_promo_logo.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98294feb8fda8507671a762aea3e7fc0b27bb20ad97fec3ebf56a6572493c447

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457305
Cf-Polished: origSize=2240
Connection: keep-alive
Content-Length: 945
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
ETag: "56e35350-8c0"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:39:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 71e962e84fc3543d-YYZ
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK apps_list_sprite-v6.png
static.mediafire.com/images/backgrounds/download/ 8 KB
9 KB 60ms
34ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/apps_list_sprite-v6.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457171
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 8145
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
ETag: "627185bd-1fd1"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:42:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 71e962e85e8aa238-YYZ
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
1 KB 34ms
33ms Image
image/svg+xml 104.16.202.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 170
ETag: W/"627185bd-13b"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e82e0054c7-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ 444 B
1 KB 37ms
30ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 6160
ETag: W/"627185bd-1bc"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e84bf23fdf-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ 181 B
1 KB 49ms
38ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457305
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 181
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
ETag: "56e35350-b5"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:39:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 71e962e85af23fd8-YYZ
Cf-Bgj: imgq:100,h2pri

GET
H2

200

element.js Show response
translate.google.com/translate_a/
Redirect Chain

http://translate.google.com/translate_a/element.js?cb=googFooterTranslate
https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

76 KB
26 KB

50ms
49ms

Script
text/javascript

2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04ca62215f9319bc58a74b2cf787ff049ce0fddf1c35e9b81a27271a911cef42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Jun 2022 02:41:38 GMT
X-Content-Type-Options: nosniff
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://translate.google.com/translate_a/element.js?cb=googFooterTranslate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 194 KB
67 KB 62ms
22ms Script
application/x-javascript 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91ecf43349d645b498ba38eab200261c8f55c89799e83b5a1f35df0309ded800

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 02:38:07 GMT
server: cloudflare
age: 139
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, no-transform, max-age=900
cf-ray: 71e962e8be28ecfa-YUL
content-type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 504 B
1 KB 49ms
49ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead29755d607f44ae932646ccde384e04b666bd25433ab9bf5e53fb9296745bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
CF-Cache-Status: HIT
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
Age: 457302
Cf-Polished: origSize=583
Connection: keep-alive
Content-Length: 504
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
ETag: "56e35350-247"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Fri, 15 Jul 2022 19:39:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 71e962e88834543d-YYZ
Cf-Bgj: imgq:100,h2pri

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 89ms
55ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: http://www.mediafire.com/
Origin: http://www.mediafire.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 71e962e8bb7bece2-YUL

GET
H2 200 arj Show response
mediafire-d.openx.net/w/1.0/ 175 B
593 B 184ms
152ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediafire-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a80dd56-48c7-4488-b0f7-c075d41e61de%2Cb240703c-7278-47d1-a721-2986d3af43a8%2Cec6f0881-e3e0-4434-864f-a07ba51d7bfe%2Ceb5c07a8-ec25-4434-b56e-3ffbce57e8a4%2Cb3d25c28-cb2f-4cca-a8f9-f63d8a5d7f5d&nocache=1655779298676&aus=728x90%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%7C728x90&divids=div-gpt-ad-1583943974201-0%2Cdiv-gpt-ad-1583943910909-0%2Cdiv-gpt-ad-1583943842379-0%2Cdiv-gpt-ad-1583943738910-0%2Cdiv-gpt-ad-1573581836508-0&aucs=div-gpt-ad-1583943974201-0%2Cdiv-gpt-ad-1583943910909-0%2Cdiv-gpt-ad-1583943842379-0%2Cdiv-gpt-ad-1583943738910-0%2Cdiv-gpt-ad-1573581836508-0&auid=539074863%2C539074864%2C539074865%2C539074866%2C539074866
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4dc3e8721d1988836278b87e5fa459c5ec6e8b4f648ff0b90241f281e11b082e

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://www.mediafire.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 33ms
10ms XHR
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://www.mediafire.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 144ms
84ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://www.mediafire.com
date: Tue, 21 Jun 2022 02:41:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
824 B 99ms
74ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO2689O
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba50c6c5fc13ef82d8a7a081b0cb3fb2550ffae50766838c8d0a488b365cd5a8

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 204
No Content v1 Show response
btlr.sharethrough.com/universal/ 0
197 B 158ms
99ms XHR
text/plain 52.0.130.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.130.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-130-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
Date: Tue, 21 Jun 2022 02:41:38 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1 Show response
btlr.sharethrough.com/universal/ 0
197 B 174ms
116ms XHR
text/plain 52.0.130.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.130.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-130-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
Date: Tue, 21 Jun 2022 02:41:38 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1 Show response
btlr.sharethrough.com/universal/ 0
197 B 168ms
109ms XHR
text/plain 52.0.130.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.130.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-130-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
Date: Tue, 21 Jun 2022 02:41:38 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1 Show response
btlr.sharethrough.com/universal/ 0
197 B 142ms
84ms XHR
text/plain 52.0.130.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.130.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-130-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
Date: Tue, 21 Jun 2022 02:41:38 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

POST
H/1.1 204
No Content v1 Show response
btlr.sharethrough.com/universal/ 0
197 B 220ms
162ms XHR
text/plain 52.0.130.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid5.17.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.130.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-130-158.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.mediafire.com
Date: Tue, 21 Jun 2022 02:41:38 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
934 B 46ms
19ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Tue, 21 Jun 2022 02:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 791346
x-guploader-uploadid: ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHQCDQe2TtkYbkvKlXSTRYrJseDnvtRPPzSqeDiWF6kZZXiV9lfCLKATn3ccZrQ280IqQs4eSRGk0NjcT1Llp7kh8vnMdyr2AMLjgiFcwXbrHuWpeCwJloASCfosxfQ2XBYlKCoh5TYT9APkug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 71e962e90bb6ece2-YUL
expires: Sat, 11 Jun 2022 23:08:34 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 79ms
20ms Image
image/x-icon 142.250.65.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Jun 2022 10:52:51 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 47ms
23ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.15180716149554097
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Tue, 21 Jun 2022 02:41:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 791346
x-guploader-uploadid: ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gNXrIabsbeuVq2%2BOmYJAQMP0%2FwYFlIhFMa1up6S9Hm73kdMVpMVs2mRrIJQjvauXZonBl6H68JOTVpKXGl4Nmbl8Z3eQZzVWcf%2BtkvVlZV9g4STRtQmgCMxQVdAr9v9FVOWVoumKqMHnoR5vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 71e962e90bb7ece2-YUL
expires: Sat, 11 Jun 2022 23:08:34 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E080 42 KB
16 KB 100ms
62ms Document
text/html 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc5f79518b1df942123a591a99169250009057498b58d0425ef3a44f67eefe74

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 21 Jun 2022 02:41:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: U+IbFL1r3cSDfDMPPHlTiuroFlh8DOYe6LF7prBy4GCIrqzOKq8gV2oDn1Z8m+Fb+6A/ppVESdOcKByfqpjpkg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1 200
OK world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 51ms
50ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 170
ETag: W/"627185bd-23ce2"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e8e8d2543d-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK continent-na.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 50 KB
20 KB 49ms
49ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/continent-na.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cfe92d9794a54258a19bfec7ae0faa73f61b66416983136594b4f95bb114dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 5204
ETag: W/"627185bd-c817"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e8ebad3fd8-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK usa.svg
static.mediafire.com/images/flags_svg/ 1 KB
1 KB 34ms
33ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/flags_svg/usa.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 6473
ETag: W/"627185bd-5c7"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e8ef3fa238-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

GET
H/1.1 200
OK flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
1 KB 28ms
27ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 03 May 2022 19:42:53 GMT
Server: cloudflare
Age: 4831
ETag: W/"627185bd-ea"
Vary: Accept-Encoding
Report-To: {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962e8fcb43fdf-YYZ
NEL: {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 247ms
87ms XHR
text/html 44.233.100.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.100.70 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-100-70.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 21 Jun 2022 02:41:38 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H3 204 AGSKWxXoRncZH094waWytBpnS5PYp-0Gwa8NjBtcorrQNUPBsVLeAgHTfphKrC6FTzjrGqjKkWBKtXs2Mx1Qn_sMEME= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 87ms
45ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXoRncZH094waWytBpnS5PYp-0Gwa8NjBtcorrQNUPBsVLeAgHTfphKrC6FTzjrGqjKkWBKtXs2Mx1Qn_sMEME=?pvid=83A1D8C9-F890-4A72-83E9-68775D59B860&anonid=13523F58-05C7-459B-8373-3D84D73C4D6E

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.dZ810RvynqQ.es5.O/d=1/rs=AJlcJMzkSDDozqGuze0M6ObeZ3L9K6_qAg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wkpciDZCIi-QuDA4n00-8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wkpciDZCIi-QuDA4n00-8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wkpciDZCIi-QuDA4n00-8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wkpciDZCIi-QuDA4n00-8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXoRncZH094waWytBpnS5PYp-0Gwa8NjBtcorrQNUPBsVLeAgHTfphKrC6FTzjrGqjKkWBKtXs2Mx1Qn_sMEME= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 102ms
62ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-io0_nBBFFbTR5lmCo4wwvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-io0_nBBFFbTR5lmCo4wwvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-io0_nBBFFbTR5lmCo4wwvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-io0_nBBFFbTR5lmCo4wwvA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWIyLXmz_cQFzUmOWsEmkkPmSZGWwJstsSTDyEoaCh292_FQG0ePh1CT_sD9h6QhsjzMkesoTJhyE2JKJtZJgE= Show response
fundingchoicesmessages.google.com/f/ 66 KB
24 KB 119ms
78ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWIyLXmz_cQFzUmOWsEmkkPmSZGWwJstsSTDyEoaCh292_FQG0ePh1CT_sD9h6QhsjzMkesoTJhyE2JKJtZJgE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1Nzc5Mjk4LDc4MjAwMDAwMF0sIjgzQTFEOEM5LUY4OTAtNEE3Mi04M0U5LTY4Nzc1RDU5Qjg2MCIsIjEzNTIzRjU4LTA1QzctNDU5Qi04MzczLTNEODRENzNDNEQ2RSIsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9kbHl5cjNrNW5qaC9GSU5BTF9EZWxvaXR0ZV9MYXVuY2hlc19OZXdfU3luZGljYXRlZF9Mb2FuX0RhdGFfTW9kdWxlcy5wZGYvZmlsZSIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcf5402b11cd7148c145cfa00fa1b92983044700e75833836d48588d7080f207

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EgAIOequxFvb7qZSU31iEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-EgAIOequxFvb7qZSU31iEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-EgAIOequxFvb7qZSU31iEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-EgAIOequxFvb7qZSU31iEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.adsco.re/ 63 KB
23 KB 62ms
23ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 17502
etag: W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 71e962e9b979ca5f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 22 Jul 2022 02:41:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
19ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7066
date: Tue, 21 Jun 2022 00:43:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 21 Jun 2022 02:43:52 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 68ms
42ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=1A4OHDn9&w=5115845767331840&o=5678961798414336&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Jun 2022 02:41:38 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 /
6.adsco.re/ 0
416 B 79ms
36ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
Origin: http://www.mediafire.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 71e962ea3e007148-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
463 B 130ms
34ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
Origin: http://www.mediafire.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame E080 400 B
825 B 60ms
18ms Image
image/png 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: OS640IVFsrVpv78lq1MyK4FmkIXaFoAEq0uI4hGQ3F3gicY7N4vfbq26hVQ+DirPFI0pkSlh7xmrrDvSrMf40Q==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 20 Jun 2023 01:31:32 GMT

GET
H2 200 JrXa_htEZ7T.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/ Frame E080 527 KB
138 KB 59ms
20ms XHR
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/JrXa_htEZ7T.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b10b4a8bf200869b7453bbf2ca3691dd4c4c69875be9236f1b98eaa08c62755

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ryZO03BQYeaW7hXSswCdMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140445
x-fb-rlafr: 0
x-fb-debug: y5ocJFIYPzhf9uZUiIHAeqjgWnxVSivY0Q2uJZUydG29jVJHJ866x1lQq18/1MajZKeO+r5xLv5+pq5kuiTdYQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 20 Jun 2023 22:03:57 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 75ms
21ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.oOC1Oa7Rttc.O/d=1/rs=AN8SPfrSx_NPtaSO9FSK_pNCvaEYOQSpFQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 21 Jun 2022 03:38:07 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.oOC1Oa7Rttc.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoV5Q1BvIoIuaNY0e9X1CG-XlpuSg/ 224 KB
76 KB 75ms
22ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.oOC1Oa7Rttc.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoV5Q1BvIoIuaNY0e9X1CG-XlpuSg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.oOC1Oa7Rttc.O/d=1/rs=AN8SPfrSx_NPtaSO9FSK_pNCvaEYOQSpFQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36a5d53ddfbf65fefb6c44604bf6038cabee669fb77a80721113d581d2a8430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 01:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78017
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 21:13:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 01:38:07 GMT

GET
H3 200 pubads_impl_2022061401.js Show response
securepubads.g.doubleclick.net/gpt/ 370 KB
125 KB 63ms
19ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 14:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128388
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 14:47:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 364 B
195 B 77ms
37ms XHR
application/json 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

fe16621a66d5c7a745d4b785dc1776abeb64e4593817a48b39f43e21af6b0ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Jun 2022 02:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Tue, 21 Jun 2022 02:41:38 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 0
425 B 64ms
34ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK nyc123
Access-Control-Allow-Origin: http://www.mediafire.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 47 B
463 B 61ms
34ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9700ad4bf981b6167bb7d22c79256ec29fcefe6698431dcf66b1f5095ce952c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 54 B
595 B 27ms
17ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f67f8b19170f0d64a9772e4a034119f8d42834d64a46a317760bf2789d97659

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:38 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://www.mediafire.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962ea48957156-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
qfmlxrct3rwm.l4.adsco.re/ 0
464 B 463ms
89ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://qfmlxrct3rwm.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
qfmlxrct3rwm.n4.adsco.re/ 0
464 B 100ms
26ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://qfmlxrct3rwm.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
qfmlxrct3rwm.s4.adsco.re/ 0
464 B 1390ms
246ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://qfmlxrct3rwm.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 21 Jun 2022 02:41:40 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame EECC 63 KB
25 KB 35ms
25ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Age: 17491
CF-Cache-Status: HIT
CF-RAY: 71e962ea5dcd713f-YUL
Cache-Control: public, max-age=2678400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 21 Jun 2022 02:41:38 GMT
ETag: W/"WtfcKMteYs2dCZjgNMzUmw=="
Expires: Fri, 22 Jul 2022 02:41:38 GMT
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
6.adsco.re/ Frame EECC 0
588 B 18ms
18ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962eb59c17156-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame EECC 0
456 B 35ms
35ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
32ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=487586400&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&ul=en-us&de=UTF-8&dt=FINAL%20Deloitte%20Launches%20New%20Syndicated%20Loan%20Data%20Modules&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1550303434&gjid=265320093&cid=410059966.1655779299&tid=UA-829541-1&_gid=714096189.1655779299&_r=1&gtm=2ou6f0&cd1=unregistered&cd7=legacy&cd3=document&cd4=34&cd5=pdf&cd8=%2F50%2F100%2F&z=160202969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 49ms
47ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.5418897003949645

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-WxYLMxBeIvphjYdJujx8Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-WxYLMxBeIvphjYdJujx8Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-WxYLMxBeIvphjYdJujx8Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-WxYLMxBeIvphjYdJujx8Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 60ms
58ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.730253586050416

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sZjwPFzlA0StBXl-9S74sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-sZjwPFzlA0StBXl-9S74sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-sZjwPFzlA0StBXl-9S74sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-sZjwPFzlA0StBXl-9S74sg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Tue, 21 Jun 2022 02:41:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame EECC 63 KB
25 KB 21ms
21ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 17492
ETag: W/"WtfcKMteYs2dCZjgNMzUmw=="
Vary: Accept-Encoding
Content-Type: text/html
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 71e962eb9f94713f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 22 Jul 2022 02:41:39 GMT

GET
H3 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 99 KB
34 KB 71ms
71ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e605d4e07b0f2eb67dbce06e33b6638cbfc4a708798ad7753b86012565ec9ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ya00UWLXKEM8CGsKiCQjiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ya00UWLXKEM8CGsKiCQjiQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-ya00UWLXKEM8CGsKiCQjiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-ya00UWLXKEM8CGsKiCQjiQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 33C8 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
960 B 69ms
21ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 23:51:10 GMT
x-content-type-options: nosniff
age: 10229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Jun 2023 23:51:10 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 68ms
20ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:20:53 GMT
x-content-type-options: nosniff
age: 58846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Jun 2023 10:20:53 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 68ms
21ms Image
image/png 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:41:25 GMT
x-content-type-options: nosniff
age: 25214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Jun 2023 19:41:25 GMT

GET /
6.adsco.re/ Frame EECC 0
0

GET /
4.adsco.re/ Frame EECC 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 85ms
33ms XHR
text/plain 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-829541-1&cid=410059966.1655779299&jid=1550303434&gjid=265320093&_gid=714096189.1655779299&_u=YEBAAUAAAAAAAC~&z=329186944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Jun 2022 02:41:39 GMT
content-type: text/plain
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjzSS8Gp4l5SEiFEQKkrsLYheOTPzwcb7ApeZJ4pUCpVrTbEvu3WEnu6X2kbJk-qweyffGTfzwQ5zyHkorS7-Z_tMNH2nxjaevS7Tu9ttN3ETQez4qBUiMGKaBkNE3zmT42ql93TBH4haJRVrUBj6kMk3QWJoMspVVH7Ziuep79AC_52-9MgcmJvYa Show response
fundingchoicesmessages.google.com/el/ 0
29 B 46ms
46ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVjzSS8Gp4l5SEiFEQKkrsLYheOTPzwcb7ApeZJ4pUCpVrTbEvu3WEnu6X2kbJk-qweyffGTfzwQ5zyHkorS7-Z_tMNH2nxjaevS7Tu9ttN3ETQez4qBUiMGKaBkNE3zmT42ql93TBH4haJRVrUBj6kMk3QWJoMspVVH7Ziuep79AC_52-9MgcmJvYa

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.KN3ORJgLJ24.es5.O/d=1/rs=AJlcJMxoNW7IthmTF9GeAB9zSsfUMkZIuA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9nA-Zo0i_lwaX231DsVX3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9nA-Zo0i_lwaX231DsVX3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-9nA-Zo0i_lwaX231DsVX3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9nA-Zo0i_lwaX231DsVX3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 92ms
43ms Script
application/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
264 B 280ms
280ms XHR
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4078239900486182&correlator=3933700238071157&eid=31067915%2C42531608&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=630197753&sfv=1-0-38&ecs=20220621&fsapi=false&prev_scp=buildnumber%3D121876%26dladtemplate%3D34%26button_delay%3Ddisabled&eri=5&sc=0&cookie_enabled=1&abxe=1&dt=1655779299277&dlt=1655779298512&idt=622&biw=1600&bih=1200&adxs=552&adys=10&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&frm=20&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=728x-1&fws=0&ohw=0&ga_vid=410059966.1655779299&ga_sid=1655779299&ga_hid=487586400&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

73feb2f117c3ca17ecd6efcd5a28af814bef0dec671a95f58d5cd7d42e84bd98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
22 KB 309ms
308ms XHR
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4078239900486182&correlator=2443317405458797&eid=31067915%2C42531608&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=2&adks=3841872593&sfv=1-0-38&ecs=20220621&fsapi=false&prev_scp=buildnumber%3D121876%26dladtemplate%3D34%26button_delay%3Ddisabled&eri=5&sc=0&cookie_enabled=1&abxe=1&dt=1655779299283&dlt=1655779298512&idt=622&biw=1600&bih=1200&adxs=320&adys=120&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&frm=20&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&fws=0&ohw=0&ga_vid=410059966.1655779299&ga_sid=1655779299&ga_hid=487586400&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

3ae47cbc6ae38a150f06a1833c9b36204dc3bbd315f1f9cd161ded0f9c68ae1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22104
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 340ms
340ms XHR
text/plain 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4078239900486182&correlator=3939937536816271&eid=31067915%2C42531608&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=183096492%2CMediaFire-Zone3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=3&adks=1870779098&sfv=1-0-38&ecs=20220621&fsapi=false&prev_scp=buildnumber%3D121876%26dladtemplate%3D34%26button_delay%3Ddisabled&eri=5&sc=0&cookie_enabled=1&abxe=1&dt=1655779299286&dlt=1655779298512&idt=622&biw=1600&bih=1200&adxs=320&adys=420&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&frm=20&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&fws=0&ohw=0&ga_vid=410059966.1655779299&ga_sid=1655779299&ga_hid=487586400&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

40c7b363c2a53d8879d91d9d09ee8fab46ac292c6267dc10328ceaf4837385ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11636
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ECA8 6 KB
4 KB 89ms
34ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Jun 2022 02:41:39 GMT
expires: Wed, 21 Jun 2023 02:41:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 100ms
48ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=410059966.1655779299&jid=1550303434&_u=YEBAAUAAAAAAAC~&z=1771027435

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 90ms
38ms Image
image/gif 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=410059966.1655779299&jid=1550303434&_u=YEBAAUAAAAAAAC~&z=1771027435

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 259 B
789 B 59ms
58ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 38724a67158c55aecc30f0e2e6f18c205792e807cde7717e6e52e4bbec55a56e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

AS-P-G: OK
Date: Tue, 21 Jun 2022 02:41:39 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK nyc123
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 106ms
43ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

749dbcb988cdef93e53cfaa4e1a6faab70adac09631b8446151914c2dff30c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10741
x-xss-protection: 0

POST
H/1.1 200
OK rum Show response
www.mediafire.com/cdn-cgi/ 0
479 B 36ms
36ms XHR
text/plain 104.16.202.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mediafire.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

HTTP/1.1

Server

104.16.202.237 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cloudflare
X-Frame-Options: DENY
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: http://www.mediafire.com
access-control-max-age: 86400
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-RAY: 71e962ed6c2d54c7-YYZ
vary: Origin

GET
H2 200 verify Show response
otnolatrnup.com/ 17 B
335 B 70ms
31ms XHR
application/json 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/verify?sig=BAoAYrEv4wFisS_jgAGBAcAAID1PRT_-X35VqqyRLx_Eu4vU4kjHbgJtK6icmm1z3XhGwQAg7lA4hYsOm35KU6uGFoeyfFTIHK7jtL6IlrnuGTKWxgjCACBT9EVOzo1B0yQyd9aya-L-5Vh96wmxfVc2sQw1D95nkcQAECYHUwAAYHhnAAAAAAAAABPFABCBGM7B3iaAqbFvN03i-liWwwAgSunOkuBOpVWQVKeQEhNXX2Z1kZhAb_pO3ephh3v2-r8
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
server: cloudflare
x-adscore-status: bot
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
cf-ray: 71e962ee1ac14bbe-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17

GET
H2 204 Tag.vrfy Show response
otnolatrnup.com/ 0
72 B 26ms
24ms Script
text/plain 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=2337&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fdlyyr3k5njh%2FFINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAoAYrEv4wFisS_jgAGBAcAAID1PRT_-X35VqqyRLx_Eu4vU4kjHbgJtK6icmm1z3XhGwQAg7lA4hYsOm35KU6uGFoeyfFTIHK7jtL6IlrnuGTKWxgjCACBT9EVOzo1B0yQyd9aya-L-5Vh96wmxfVc2sQw1D95nkcQAECYHUwAAYHhnAAAAAAAAABPFABCBGM7B3iaAqbFvN03i-liWwwAgSunOkuBOpVWQVKeQEhNXX2Z1kZhAb_pO3ephh3v2-r8
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
server: cloudflare
x-adscore-status: bot
cf-ray: 71e962edfad1ecfa-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 59ms
48ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Jun 2022 02:41:39 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A70 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame D736 0
0

GET container.html
aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28FC 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205270638000/ 220 KB
61 KB 85ms
18ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 34465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61483
x-xss-protection: 0
server: sffe
date: Mon, 20 Jun 2022 17:07:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c2451425189fb5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 20 Jun 2023 17:07:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 14 KB
5 KB 116ms
50ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 534231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5195
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4bef18b80ae165d1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 94 KB
28 KB 118ms
52ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 534266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28898
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7ca71f15d9979237"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 5 KB
2 KB 125ms
59ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 534260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67a7e3dd539afea9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205270638000/v0/ 40 KB
13 KB 126ms
60ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205270638000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 534263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
server: sffe
date: Tue, 14 Jun 2022 22:17:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8dbbd2e5c9e4f2da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 14 Jun 2023 22:17:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 81ms
35ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 00:57:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 21 Jun 2022 02:41:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Jun 2022 02:41:39 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 17:24:30 GMT
x-content-type-options: nosniff
server: cafe
age: 33429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 21 Jun 2022 17:24:30 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 20ms
20ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 00:17:40 GMT
x-content-type-options: nosniff
server: cafe
age: 8639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 22 Jun 2022 00:17:40 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ 0
0 56ms
37ms Image
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaSgkRIlkvELbtTEI0VPwJlXgCgo7rBwuXV-Lza7XJwvM1R4vOm3lVJWCT7rfYcdrauxADzmi-CPAmbezSVNrNU2hc5g5w
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: HTTP/1.1
Server: 2607:f8b0:4006:81d::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 40ms
40ms Image
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjaBX4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAcgDCqoE4gJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFB03eRy549RswXZJeuKOdKiqNeuJi2Cw9hEVqsb64yKpHeD9Rom3qkgksdv1J-46S39z5BIF1rkcFbABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELuDAtIIBwiIYRABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDE1MDk4MjI4MjUzODY0NBjsuRE&sigh=gAVQDc8CbrY&uach_m=[UACH]
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s79-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5116d49e2ef383a0e16a3de7a22616c4e51f102129a7357d5ea44a65e4ae5219

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SeQB9UAbg7BZcbh3Fl_DhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SeQB9UAbg7BZcbh3Fl_DhA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-SeQB9UAbg7BZcbh3Fl_DhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SeQB9UAbg7BZcbh3Fl_DhA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET AGSKWxWbRVp4Yar_6YeH0dNxFMbt5rl-eWyXKs1qp7m16u7AuEP24X5F5v-BP5onNjqETx-degeViOZcOcAYj7MmFAxmRFVIDd1ZHJ-Pd80p8jnvSJD_1i2sTHNTKLLlB4nAQE7VXz2dgTn__4qAfZbqgbiCxs5oT43_fEDclV0YQIvxXpvvIuKDpi6puVzm
fundingchoicesmessages.google.com/f/ 0
0

POST
H3 204 AGSKWxVjzSS8Gp4l5SEiFEQKkrsLYheOTPzwcb7ApeZJ4pUCpVrTbEvu3WEnu6X2kbJk-qweyffGTfzwQ5zyHkorS7-Z_tMNH2nxjaevS7Tu9ttN3ETQez4qBUiMGKaBkNE3zmT42ql93TBH4haJRVrUBj6kMk3QWJoMspVVH7Ziuep79AC_52-9MgcmJvYa Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
58ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TGAnNp7tyXm23_ZCl2Jxqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TGAnNp7tyXm23_ZCl2Jxqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-TGAnNp7tyXm23_ZCl2Jxqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TGAnNp7tyXm23_ZCl2Jxqw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVjzSS8Gp4l5SEiFEQKkrsLYheOTPzwcb7ApeZJ4pUCpVrTbEvu3WEnu6X2kbJk-qweyffGTfzwQ5zyHkorS7-Z_tMNH2nxjaevS7Tu9ttN3ETQez4qBUiMGKaBkNE3zmT42ql93TBH4haJRVrUBj6kMk3QWJoMspVVH7Ziuep79AC_52-9MgcmJvYa Show response
fundingchoicesmessages.google.com/el/ 0
28 B 62ms
61ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--WDIyLU9ayH6R8X_cQ4o3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce--WDIyLU9ayH6R8X_cQ4o3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Jun 2022 02:41:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://www.mediafire.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce--WDIyLU9ayH6R8X_cQ4o3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce--WDIyLU9ayH6R8X_cQ4o3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 28 KB
28 KB 64ms
19ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.mediafire.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 454023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:34:36 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

99ms
52ms

Image
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/dlyyr3k5njh/FINAL_Deloitte_Launches_New_Syndicated_Loan_Data_Modules.pdf/file
Protocol: H2
Server: 2607:f8b0:4006:81e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

Date: Tue, 21 Jun 2022 02:41:39 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Content-Length: 0
X-XSS-Protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 38ms
38ms Image
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIhrX4y-xYre3FIrgnATk_o0oo5Xvw2rZ8a2UnBCv5vT9CBABIOSC7Shg-wGgAcHRtL4DyAEBqQKsrKWI3Iy0PuACAKgDAaoE4gJP0KXkl777UO1d-ARzF_lb2iYgoJy1Fl_o_GinF1JjEVfKDExmFBJT4JsdZDOe7TzMjs5uMrMohSEeomDM-IGX-oO8ti3ehoyMG0xnzpYuBdE_RNXjv2uZ8B7j9zMePhswqxOPtwdPZVa8FQxMCpgAFDqSmyCHcpkZLN7IzrXZvHKd_yN8MhmakjX_mu0K3cJI8BVy41i7rfYFbMvmbYHtud5AB-sdlyq6vXcKUJGsWrBK4Ipm_IbllWTfbZiC6GQlilfTjwwh5lHh-GEWxcTIg9TD5Hbwo47r4gJeLgvLtii61JV6etjGOm1JN56RcX2JoLM9KkuCrcod8b5JlN6tWDVB3voh0DMXaQS1uAVHGAHKKw2rYSmNxP_nSkvoKKRSkFZvS4rItFB03eRy549RswXZJeuKOdKiqNeuJi2Cw9hEVqsb64yKpHeD9Rom3qkgksdv1J-46S39z5BIF1rkcFbABOj8gLiYBOAEAYAHp67LQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELuDAtIIBwiIYRABGB2ACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDE1MDk4MjI4MjUzODY0NBjsuRE&sigh=G0p7_DMv64g&vt=1&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s79-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 89ms
48ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssQkSP4p0sKrKEZdTch1jL7sLL5KoLlxXMULwqfacdV_kLCMi55wot8-Y2-fxR-1aqxlIXnHbMAfJ6M8AoSmG6uWhnmh_eLdSQ7fFGCvF1fw8-GCH8wtRYuPee&sai=AMfl-YQumjovLV12b81g01rtLeK-g98gG8TGy3K5ZlNA872CuO2JPvFCExMO-CPQMBx_HHpXfF7sC91L4dZy3rmn6UYTZMOaXlb8ze8D6FQSRvPn5JhMjaUwNMJLodNA6NtG&sig=Cg0ArKJSzH3fyN6PGgl6EAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1997&tls=2997&g=100&h=100&tt=2997&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=1870779098

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.mediafire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 02:41:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: http://6.adsco.re/

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com
URL: https://aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxWbRVp4Yar_6YeH0dNxFMbt5rl-eWyXKs1qp7m16u7AuEP24X5F5v-BP5onNjqETx-degeViOZcOcAYj7MmFAxmRFVIDd1ZHJ-Pd80p8jnvSJD_1i2sTHNTKLLlB4nAQE7VXz2dgTn__4qAfZbqgbiCxs5oT43_fEDclV0YQIvxXpvvIuKDpi6puVzm?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1Nzc5Mjk5LDczMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMl0sImh0dHA6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2RseXlyM2s1bmpoL0ZJTkFMX0RlbG9pdHRlX0xhdW5jaGVzX05ld19TeW5kaWNhdGVkX0xvYW5fRGF0YV9Nb2R1bGVzLnBkZi9maWxlIixudWxsLFtdXQ

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mediafire.com/	1970-01-27 11:15:31	Name: ukey Value: pdkovgc2b56lpka18u32dibtpoi42sh5
.mediafire.com/	1970-01-20 04:39:31	Name: conv_tracking_data-2 Value: %7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FChrome%22%2C%22mf_campaign%22%3A%22dlyyr3k5njh%22%2C%22mf_term%22%3A%224ec3c4e84dc37d87%22%7D
.mediafire.com/	1970-01-20 12:41:55	Name: amp_28916b Value: OR5qFKQK4pUzMiLkc2bw7W...1g62263cu.1g62263cv.0.1.1
.openx.net/	1970-01-20 12:41:55	Name: i Value: 1bfce70b-5c40-0337-2cad-88b313f832bc\|1655779298
www.mediafire.com/	1970-01-20 03:56:44	Name: a Value: CvQNb9OtoG166o6nANaeKOnxTGzROQ2I
.mediafire.com/	1970-01-20 21:27:31	Name: _ga Value: GA1.2.410059966.1655779299
.mediafire.com/	1970-01-20 03:57:45	Name: _gid Value: GA1.2.714096189.1655779299
.mediafire.com/	1970-01-20 03:56:19	Name: _gat_gtag_UA_829541_1 Value: 1
www.mediafire.com/	1970-01-20 03:56:40	Name: token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI Value: BAoAYrEv4wFisS_jgAGBAcAAID1PRT_-X35VqqyRLx_Eu4vU4kjHbgJtK6icmm1z3XhGwQAg7lA4hYsOm35KU6uGFoeyfFTIHK7jtL6IlrnuGTKWxgjCACBT9EVOzo1B0yQyd9aya-L-5Vh96wmxfVc2sQw1D95nkcQAECYHUwAAYHhnAAAAAAAAABPFABCBGM7B3iaAqbFvN03i-liWwwAgSunOkuBOpVWQVKeQEhNXX2Z1kZhAb_pO3ephh3v2-r8
.mediafire.com/	1970-01-20 13:17:55	Name: __gads Value: ID=f291d5f61c3be155-22ad2d7e627c00ac:T=1655779299:S=ALNI_MYE9kFD3llu1YfbAb5a8VgvEIKeHw
.doubleclick.net/	1970-01-20 13:17:55	Name: IDE Value: AHWqTUnNUnIrg6OYPrUAUC4VXm6nU_7n0oZnDhAts6iwO-0GzIKwqAayWJBZGHGmJ8w
.doubleclick.net/	1970-01-20 03:56:22	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.KN3ORJgLJ24.es5.O/d=1/rs=AJlcJMxoNW7IthmTF9GeAB9zSsfUMkZIuA/m=detection(Line 140) Message: Refused to load the script 'https://fundingchoicesmessages.google.com/f/AGSKWxWbRVp4Yar_6YeH0dNxFMbt5rl-eWyXKs1qp7m16u7AuEP24X5F5v-BP5onNjqETx-degeViOZcOcAYj7MmFAxmRFVIDd1ZHJ-Pd80p8jnvSJD_1i2sTHNTKLLlB4nAQE7VXz2dgTn__4qAfZbqgbiCxs5oT43_fEDclV0YQIvxXpvvIuKDpi6puVzm?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1Nzc5Mjk5LDczMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMl0sImh0dHA6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2RseXlyM2s1bmpoL0ZJTkFMX0RlbG9pdHRlX0xhdW5jaGVzX05ld19TeW5kaWNhdGVkX0xvYW5fRGF0YV9Nb2R1bGVzLnBkZi9maWxlIixudWxsLFtdXQ' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: http://www.mediafire.com/js/prebid5.17.0.js Message: Refused to frame 'https://onetag-sys.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: http://www.mediafire.com/js/prebid5.17.0.js Message: Refused to frame 'https://us-u.openx.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: http://www.mediafire.com/js/prebid5.17.0.js Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: http://www.mediafire.com/js/prebid5.17.0.js Message: Refused to frame 'https://contextual.media.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
ad-delivery.net
ad.doubleclick.net
aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com
adsco.re
adservice.google.com
api.amplitude.com
api.btloader.com
btloader.com
btlr.sharethrough.com
c.adsco.re
cdn.amplitude.com
cdn.ampproject.org
cdn.otnolatrnup.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
loandata.cdosuitewiki.com
mediafire-d.openx.net
onetag-sys.com
otnolatrnup.com
pagead2.googlesyndication.com
prebid.media.net
qfmlxrct3rwm.l4.adsco.re
qfmlxrct3rwm.n4.adsco.re
qfmlxrct3rwm.s4.adsco.re
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.mediafire.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mediafire.com
4.adsco.re
6.adsco.re
aded84bb0b81ebd73a6cc3867a57555b.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
tpc.googlesyndication.com
www.google.com
104.16.202.237
104.16.203.237
104.36.115.111
13.249.178.87
130.211.23.194
142.250.65.166
142.251.40.98
162.252.214.5
185.200.116.90
185.200.118.90
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700:440e::ac40:9c1a
2606:4700::6811:a6ba
2606:4700::6813:d625
2606:4700::6813:d725
2607:f8b0:4004:c09::9a
2607:f8b0:4006:807::200a
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.107.148.139
35.209.156.152
35.244.159.8
38.132.109.186
44.233.100.70
51.222.239.232
52.0.130.158
00deab78fb65141d97272a69bb45c8f517f7c1242b005c3033e47830b1b0a33a
02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
04ca62215f9319bc58a74b2cf787ff049ce0fddf1c35e9b81a27271a911cef42
05cfe92d9794a54258a19bfec7ae0faa73f61b66416983136594b4f95bb114dd
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33240bb1c2f9c14a53f3358cdf322c9b0d72e52c92a11479f366d628bc95fea4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38724a67158c55aecc30f0e2e6f18c205792e807cde7717e6e52e4bbec55a56e
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
3ae47cbc6ae38a150f06a1833c9b36204dc3bbd315f1f9cd161ded0f9c68ae1c
40c7b363c2a53d8879d91d9d09ee8fab46ac292c6267dc10328ceaf4837385ca
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4dc3e8721d1988836278b87e5fa459c5ec6e8b4f648ff0b90241f281e11b082e
5116d49e2ef383a0e16a3de7a22616c4e51f102129a7357d5ea44a65e4ae5219
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6dc7917529ca101209b15752c61816375bbbb8b7b9809efb540ccacf45748d09
6f67f8b19170f0d64a9772e4a034119f8d42834d64a46a317760bf2789d97659
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
73feb2f117c3ca17ecd6efcd5a28af814bef0dec671a95f58d5cd7d42e84bd98
749dbcb988cdef93e53cfaa4e1a6faab70adac09631b8446151914c2dff30c37
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c
91ecf43349d645b498ba38eab200261c8f55c89799e83b5a1f35df0309ded800
9700ad4bf981b6167bb7d22c79256ec29fcefe6698431dcf66b1f5095ce952c7
98294feb8fda8507671a762aea3e7fc0b27bb20ad97fec3ebf56a6572493c447
9b10b4a8bf200869b7453bbf2ca3691dd4c4c69875be9236f1b98eaa08c62755
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
b36a5d53ddfbf65fefb6c44604bf6038cabee669fb77a80721113d581d2a8430
ba50c6c5fc13ef82d8a7a081b0cb3fb2550ffae50766838c8d0a488b365cd5a8
cc5f79518b1df942123a591a99169250009057498b58d0425ef3a44f67eefe74
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d
d595d98e2cbb23b648da49ee6fe6072898de557251123d23da3367ee52bfa2db
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5
dc54b817820f14ce6395ba2a037f37d4bb0af75d5b017336140793fbe2f7f738
dcf5402b11cd7148c145cfa00fa1b92983044700e75833836d48588d7080f207
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e605d4e07b0f2eb67dbce06e33b6638cbfc4a708798ad7753b86012565ec9ed2
e7026864609d74f5e074e44069ca93113eaad315d951f7e1a59be6a72cf1ce01
e8aaffba69039f3136ad0b741d06d4e87b6fd1260a24ba1d2cd0f1b911d2da5d
ead29755d607f44ae932646ccde384e04b666bd25433ab9bf5e53fb9296745bb
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f6d81c35673b3fe05f0df544860c5bc25d828fd8d13c2bb141c87c9c3fc864c3
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe16621a66d5c7a745d4b785dc1776abeb64e4593817a48b39f43e21af6b0ca9

www.mediafire.com Open in urlscan Pro 104.16.202.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

69 %HTTPS

56 %IPv6

24 Domains

44 Subdomains

40 IPs

5 Countries

1290 kBTransfer

3827 kBSize

12 Cookies

5 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mediafire.com Open in urlscan Pro
104.16.202.237 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

69 %
HTTPS

56 %
IPv6

24
Domains

44
Subdomains

40
IPs

5
Countries

1290 kB
Transfer

3827 kB
Size

12
Cookies

107 HTTP transactions
2 data transactions