www.mediafire.com Open in urlscan Pro
104.16.203.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Submission: On January 24 via api (January 24th 2020, 4:36:04 pm UTC) from US

Summary HTTP 98 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 18 domains to perform 98 HTTP transactions. The main IP is 104.16.203.237, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com.

This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.16.203.237 104.16.203.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
11	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
2	2.21.218.77 2.21.218.77	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	2.21.217.111 2.21.217.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.20.10.114 2.20.10.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
98	23

13 104.16.203.237 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.218.77 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-218-77.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

mediafire-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.217.111 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-217-111.deploy.static.akamaitechnologies.com

aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.10.114 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-20-10-114.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	502 KB
17	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	110 KB
13	mediafire.com www.mediafire.com static.mediafire.com	222 KB
9	googletagservices.com www.googletagservices.com	247 KB
7	google.com 1 redirects translate.google.com www.google.com adservice.google.com	2 KB
5	google.de www.google.de adservice.google.de	793 B
4	google-analytics.com 1 redirects www.google-analytics.com	19 KB
4	googleapis.com translate.googleapis.com	93 KB
3	adnxs.com ib.adnxs.com acdn.adnxs.com	3 KB
3	gstatic.com www.gstatic.com	4 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	otnolatrnup.com cdn.otnolatrnup.com otnolatrnup.com	135 KB
3	aaxads.com c.aaxads.com l3.aaxads.com	104 KB
2	openx.net mediafire-d.openx.net eu-u.openx.net	572 B
2	googletagmanager.com www.googletagmanager.com	55 KB
1	aaxdetect.com aaxdetect.com	324 B
1	google.co.uk adservice.google.co.uk	778 B
1	facebook.com www.facebook.com
98	18

	Domain	Requested by
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
11	securepubads.g.doubleclick.net	www.mediafire.com securepubads.g.doubleclick.net
9	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	static.mediafire.com	www.mediafire.com www.google-analytics.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.mediafire.com
4	translate.googleapis.com	translate.google.com translate.googleapis.com
4	www.mediafire.com	www.mediafire.com
3	www.gstatic.com	www.mediafire.com
3	b.scorecardresearch.com	1 redirects cdn.otnolatrnup.com www.mediafire.com
2	ib.adnxs.com	www.mediafire.com
2	cdn.otnolatrnup.com	www.mediafire.com cdn.otnolatrnup.com
2	c.aaxads.com	www.mediafire.com
2	www.googletagmanager.com	www.mediafire.com
1	eu-u.openx.net	www.mediafire.com
1	acdn.adnxs.com	www.mediafire.com
1	l3.aaxads.com	www.mediafire.com
1	aaxdetect.com	www.mediafire.com
1	mediafire-d.openx.net	www.mediafire.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	otnolatrnup.com	cdn.otnolatrnup.com
1	www.google.de	www.mediafire.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.facebook.com	www.mediafire.com
1	translate.google.com	www.mediafire.com
98	29

This site contains links to these domains. Also see Links.

Domain
download1139.mediafire.com
facebook.com
blog.mediafire.com
fast.io
translate.google.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Frame ID: 268D19585A4435264940F43FE4D9F525
Requests: 53 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
Frame ID: ED8CD5BBEFB26EB71C0A23D9AC7137F9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMDVAppM-nrnZAQ7ccaITDsRcFhC5mvAQBP_ViguqD-4_lvuZE49dU-eFE1dVMQrIlppXE9REM2Xp-B9LJxDUoWQ5hDU8gdHgqsG5pa8idvsimxdsrtpkvCb-F_jcTTFDJatfU7lPOZLCX4ZErNHvlxJRQktqwfeLCtJXsv6kXJ2XtOnYvQZCrtuaVaN-ptzTDEUpJGVG_SpExzEfCGxTz5UUyaCfalSZkg_bLUk8wI9fKR_c4kZXJbVle5wZce7tmnYSIkVxK6vo&sai=AMfl-YRLeq2JA2Mrd1R2bn94fEQKfDZVRAb01GPGbfxdWL_jiIMQZNe6AEIC1e36zBifCh1UoYOi3BQdWmnstK3KaGV19ftkICl22vzSNnEN&sig=Cg0ArKJSzPiTdLsBN6EFEAE&urlfix=1&adurl=
Frame ID: DF891D7C19F77872E1626CAD121600FB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWLoQFApVHGFQ3aMFTQ5sNEXOajADMThCGbrH5MJzOFV211jlN_J776K7XT6_h0h8RClmER5uqvhWuGb357Zk9NwSzzPYDVGTo6JL-fqRrEAMndeKkrCcXYG2Qth-XAjz-oWXeE00eKKk0hVdKHyCK-Y1EO2bMvRtCSsVj2uTtOPRDBBRVgiYlZf0TV7ZxWlJ0_zeTiDKyvnk-D-9oXqi7kmJZJJfTFIIHRtBs2PMIbugkVwvoNN6qsfLUZ2yLIZGO-RIF_C1KOFI&sai=AMfl-YT2ejU9Di-q81HJiweHrUEjWoEfjtGynRGQ3I0W7RYQ0Qx8Phl7Wg4FWn-CFmcu4uf91XXWxg-Nbsw09213I_zbSCsC3GToFGdSRglT&sig=Cg0ArKJSzBfH60HvV96sEAE&urlfix=1&adurl=
Frame ID: A9B3FBF7C6A5018F95F60EC354F21BDF
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0dSDm2rooitmqFork3Kf2bgBWA70Ozx8U8Ak6aeUgchDf8yXKTKEfn6-dwA8gvVKAr2TfhnuB80-E6_oy9jzUPb7pk5rSbSlfiG-EDDh1Tirqvn3pMneuO9U6MkrZg2j_D7rIiL7ZKV8NG9WvJXF7N7XlKR0uNLWGXckDWmk89lULccpnr0Yjiok9aru_DwB3dwSdJYARbwgVfeCLQDS3p9VTYxt4fEZF6dSg8KSCpYWC8vSuDHHJT4au1HQX-FywXhXDT305oQ&sai=AMfl-YRAjdd5JrwMGiwJCFfkSnYXoYbyS5tXQtedMexN_0JaWY41E_704ube7S1X6o67NLbwUuwJXKFEe78pGiQYqj_rpyihU_zvZ0camOaCzA&sig=Cg0ArKJSzCSmudVdH70oEAE&urlfix=1&adurl=
Frame ID: E1DF8AE1922DA2468447E771F9FD09EF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html
Frame ID: B13825573880CED7A73CD447B856AB4C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/205/runner.html
Frame ID: 4C727E35271271B4076D060A20C18E0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=3493405847&adk=2006648550&adf=3173046729&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744780&bpp=15&bdt=127&fdt=65&idt=65&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=2&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=594855648&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=120&biw=1585&bih=1200&isw=336&ish=280&ifk=2221362344&scr_x=0&scr_y=0&eid=21065345&oid=3&pvsid=3831898694877757&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.8bh0h0i7b2bt&fsb=1&dtd=77
Frame ID: C91767F0B50EE12FCC2158E971712602
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=7241079169&adk=384215718&adf=3173046728&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744809&bpp=4&bdt=107&fdt=80&idt=80&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=752625539&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=420&biw=1585&bih=1200&isw=336&ish=280&ifk=1886727638&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=3349852944307567&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.54je83k737wo&fsb=1&dtd=83
Frame ID: 3F536567D8EADE4FDAC2C0ED3D9F04AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=3457321791&adk=3807574358&adf=3173046727&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744816&bpp=3&bdt=98&fdt=88&idt=88&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=226613231&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=545&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=3966367602&scr_x=0&scr_y=0&oid=3&pvsid=2384386518000982&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.20pklus0kdxa&fsb=1&dtd=93
Frame ID: 152A7B6B11C36F585158BC75BACBEDD6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/205/runner.html
Frame ID: 8E369C56343A61D7FEBB5B0E4623E450
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ0Izswa4gq5Dt8_CrinPVfA4OUtmKwT5vcM7cXgrLw7s_ExGtM5vlPva0kNQPvBDjkI8-qreUxVLoplEN95JvDQ9Jh_FKx9g59bSFcjqaCPVnAaLX4jnb5eAC-UFxc-eaumGQoPQa-5-bHe37m6BJyGA1bu_Ebyc_s1KwLhObQURhmcgGDPeWTFDBp7nF0kWq6h35iWEplibiY6A46BYZ2h0f5LkryMgkYUWvXTxTqunkke84kj_HOqR82xTmpk-A2JXog9CIsQ&sig=Cg0ArKJSzIBlxJHXD5lBEAE&urlfix=1&adurl=
Frame ID: 4A4CDE3E4A17F75765514E741FE3BEA9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=1988752482&adk=2500333461&adf=3173046725&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883745226&bpp=3&bdt=64&fdt=49&idt=49&shv=r20200122&cbv=r20190131&ptt=9&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=952309233&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=720&biw=1585&bih=1200&isw=728&ish=90&ifk=1755995248&scr_x=0&scr_y=0&eid=21065275%2C21065304&oid=3&pvsid=3136842748768979&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.7c5vcnussmc8&fsb=1&dtd=53
Frame ID: 6AA8BDADAE1FCB957189AE85662D3057
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: EDA53DC4829376AEFF03B39AA221B6B1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Frame ID: 4F172EEF7E97F12B219A8CEE673E19DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

98
Requests

67 %
HTTPS

63 %
IPv6

18
Domains

29
Subdomains

23
IPs

6
Countries

1498 kB
Transfer

4103 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://download1139.mediafire.com/s07e2fqpza2g/u9cujuijgaense3/pandariptv.apk
Title: Download (2.6MB)

Search URL Search Domain Scan URL

URL: https://facebook.com/share.php?u=http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file
Title: Post to Facebook

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://fast.io/
Title: Static Web Hosting CDN

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1006757793&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ul=en-us&de=UTF-8&dt=pandariptv&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAL~&jid=2043020445&gjid=195604381&cid=1783031671.1579883744&tid=UA-829541-1&_gid=110808680.1579883744&_r=1&cd1=unregistered&cd7=legacy&cd3=archive&cd4=30&cd5=apk&cd8=%2F100%2F&gtm=2ou1f1&z=1530952187 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_gid=110808680.1579883744&gjid=195604381&_v=j79&z=1530952187 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187&slf_rd=1&random=3392927380

Request Chain 35

http://b.scorecardresearch.com/b?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=pandariptv&c9=&cv=1.8 HTTP 302
http://b.scorecardresearch.com/b2?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=pandariptv&c9=&cv=1.8&cs_ak_ss=1

98 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set file Show response
www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/ 284 KB
83 KB 405ms
393ms Document
text/html 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

HTTP/1.1

Server

104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577702e69d2e090bb4e3666134f5c9e7edec9de0000143384cc1465c35551b91

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.mediafire.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db5a02471eb428fb7197d3f0560a7e0851579883743; expires=Sun, 23-Feb-20 16:35:43 GMT; path=/; domain=.mediafire.com; HttpOnly; SameSite=Lax ukey=zilq38djnh1fqwnp1aqpuogk0w51mauh; expires=Fri, 24-Dec-2021 16:35:43 GMT; Max-Age=60480000; path=/; domain=.mediafire.com; httponly
Access-Control-Allow-Origin: http://www.mediafire.com
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
X-Robots-Tag: noindex, nofollow
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
set-cookie: u9s0=1; expires=Mon, 27-Jan-2020 16:35:43 GMT; Max-Age=259200; path=/; domain=.mediafire.com; httponly
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 55a36c157955cc5a-ZRH

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d10680154bdc65dcfc89df439a45ef3aacc5dd8b4dc2aa4bd852a5e30a9152cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: br
last-modified: Fri, 24 Jan 2020 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28303
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
16 KB 97ms
54ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

58684b67d40f7a8107796974bea44297e1fc6573fb0c0564b52a2ec17f17d577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "407 / 912 of 1000 / last-modified: 1579799352"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16247
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H/1.1 200
OK prebid2.44.1.js Show response
www.mediafire.com/js/ 165 KB
53 KB 181ms
170ms Script
application/x-javascript 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mediafire.com/js/prebid2.44.1.js
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a7e39087bed30f124a891216762b67addf2644e1c730bc5e94fa9d0ad733266

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Mon, 20 Jan 2020 22:22:06 GMT
Server: cloudflare
ETag: W/"5e26280e-294a1"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c182ec53e96-ZRH
Expires: Sun, 23 Feb 2020 16:35:44 GMT

GET
H/1.1 200
OK aax.js Show response
c.aaxads.com/ 294 KB
104 KB 279ms
267ms Script
text/javascript 2.21.218.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2.21.218.77 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-218-77.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5487b10be6f68c7c4c203e5bb3bacc4860a81a97d7267aba4608a1c6718b4b66

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
X-MNET-H: E
P3P: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 24 Jan 2020 17:05:44 GMT

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 2 KB
1 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

863fd031f8bb86b29df08866f391017743b81a1439fbd7bb9f98e5fef8d10411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: en
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 797
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5e937b5fe1aa8ea03d1ed85cde6f9e4b3470fabf49159c5fe2e44c3d7f4ee57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: br
last-modified: Fri, 24 Jan 2020 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27818
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H/1.1 200
OK mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 53ms
25ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 28 Oct 2016 22:22:42 GMT
Server: cloudflare
Age: 2070
ETag: W/"5813cfb2-d1d"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c184e1fcc62-ZRH

GET
H/1.1 200
OK file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 53ms
26ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
Age: 155612
ETag: "56e35350-750"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 55a36c18491ccc4a-ZRH
Content-Length: 1872
Expires: Fri, 21 Feb 2020 21:21:17 GMT

GET
H/1.1 200
OK icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 36 KB
9 KB 190ms
179ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315f5f67f80b413592a970d2d7a3875294be6039956c2edfa0aa9d3095fa6f2d

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
ETag: W/"5b4e51d6-8f48"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 55a36c183e22cc4e-ZRH

GET
H/1.1 200
OK arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
600 B 267ms
258ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 18 Dec 2018 18:09:53 GMT
Server: cloudflare
ETag: W/"5c1937f1-13b"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 55a36c183879cc5a-ZRH

GET
H/1.1 200
OK check_circle_green.svg
static.mediafire.com/images/icons/svg_dark/ 444 B
681 B 46ms
27ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
Age: 2069
ETag: W/"5b4e51d6-1bc"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c184947cc52-ZRH

GET
H/1.1 200
OK fb_16x16.png
static.mediafire.com/images/backgrounds/download/social/ 181 B
608 B 46ms
26ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
Age: 155642
ETag: "56e35350-b5"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 55a36c184b1c3e8a-ZRH
Content-Length: 181
Expires: Fri, 21 Feb 2020 21:21:30 GMT

GET
H/1.1 200
OK infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 177 KB
62 KB 35ms
16ms Script
application/x-javascript 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c5c025509524a5c0a73bf56e53457f02dff136842191aaa2cba3f5cf2331594

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 198
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="CAO PSA OUR IND"
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=900
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c185aacdfbf-FRA
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
1011 B 47ms
36ms Image
image/png 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Mar 2016 23:22:56 GMT
Server: cloudflare
Age: 155642
ETag: "56e35350-247"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 55a36c18685dcc3a-ZRH
Content-Length: 583
Expires: Fri, 21 Feb 2020 21:21:16 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 17ms
5ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2060
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3619
x-xss-protection: 0
last-modified: Tue, 07 May 2019 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 24 Jan 2020 17:01:24 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 3 KB
2 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googFooterTranslate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61816e7c0be10882ec227cb672cb9bf0236f48fe160331472257e468203b6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1279
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
last-modified: Mon, 14 Oct 2019 12:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 24 Jan 2020 17:14:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 131
date: Fri, 24 Jan 2020 16:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 24 Jan 2020 18:33:33 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame ED8C 0
0 71ms
58ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
vary: Accept-Encoding
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: ftyCcq3QvtPov80RW82TXgESTcpn/FHbucWiSz06kjT1b5g6vYSjACGlHaGII+P2Oi3LZEWEDov8gmZTfVtOwg==
date: Fri, 24 Jan 2020 16:35:44 GMT Fri, 24 Jan 2020 16:35:44 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
4ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 911
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 24 Jan 2020 17:20:33 GMT

GET
H/1.1 200
OK world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 45ms
44ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
Age: 1536
ETag: W/"5b4e51d6-23ce2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c187a27cc52-ZRH

GET
H/1.1 200
OK continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
17 KB 34ms
33ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
Age: 3147
ETag: W/"5b4e51d6-aae3"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c187b293e8a-ZRH

GET
H/1.1 200
OK chn.svg
static.mediafire.com/images/flags_svg/ 677 B
708 B 130ms
129ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/flags_svg/chn.svg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 281c1ae097994abebf0c1e56a84620b5b636092607f4709450f1580d38f315be

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
ETag: W/"5b4e51d6-2a5"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c187982cc4a-ZRH

GET
H/1.1 200
OK flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
583 B 31ms
30ms Image
image/svg+xml 104.16.203.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 104.16.203.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 17 Jul 2018 20:30:14 GMT
Server: cloudflare
Age: 1536
ETag: W/"5b4e51d6-ea"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c187ed0cc62-ZRH

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1006757793&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_gid=110808680.1579883744&gjid=195604381&_v=j79&z=1530952187
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187&slf_rd=1&random=3392927380

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187&slf_rd=1&random=3392927380

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-829541-1&cid=1783031671.1579883744&jid=2043020445&_v=j79&z=1530952187&slf_rd=1&random=3392927380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20190916_00/e/js/element/ 239 KB
86 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20190916_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa99d88ac410da01b545aac3fa9e4125908e748a462a39434aff420230655f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2063
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 88005
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 09:48:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jan 2021 16:01:21 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
106 B 13ms
13ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1006757793&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ul=en-us&de=UTF-8&dt=pandariptv&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAUAL~&jid=501785368&gjid=535086384&cid=1783031671.1579883744&tid=UA-86547571-4&_gid=110808680.1579883744&_r=1&gtm=2wg1f153LP4T&z=473791697

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
989 B 53ms
41ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js?c1=8&c2=18203330&c3=1
Requested by: Host: cdn.otnolatrnup.com
URL: http://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f22320501f74c0109a7a36061b237f0f0dc3f5d61c3aa99e6e9846f29b52a845

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 708
Expires: Sat, 25 Jan 2020 16:35:44 GMT

GET
H/1.1 200
OK Tag.engine Show response
otnolatrnup.com/ 6 KB
6 KB 267ms
248ms Script
application/json 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://otnolatrnup.com/Tag.engine?time=-60&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=70808&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.otnolatrnup.com
URL: http://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: HTTP/1.1
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b73893d9d2d3a1f02801f88c14e54c768a70dc041a54744c01043747fb97c929

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP="CAO PSA OUR IND"
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 55a36c18cce563d7-FRA
Content-Type: application/json; charset=utf-8

GET
H2 200 l Show response
translate.googleapis.com/translate_a/ 3 KB
1 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0k5sdzmv1

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20190916_00/e/js/element/element_main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed0bb7e61cc17475b859f1ee647f79b55ac178a8a24d53781c6c8cd11782473

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MFm+iqDTT1NnEnMujL8DWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-MFm+iqDTT1NnEnMujL8DWg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-MFm+iqDTT1NnEnMujL8DWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-MFm+iqDTT1NnEnMujL8DWg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
access-control-allow-origin: *
date: Fri, 24 Jan 2020 16:35:44 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
900 B 6ms
5ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:38:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 75464
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 825
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:38:00 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
987 B 7ms
7ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 01:51:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3077053
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
expires: Sat, 19 Dec 2020 01:51:31 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 18:03:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 167560
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1847
x-xss-protection: 0
expires: Thu, 21 Jan 2021 18:03:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 109 B
778 B 30ms
18ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020011601.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 31ms
30ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

54c05d108ce5e65e51412d1667e583e90a8d22233e33e78deea09b903530a0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Jan 2020 14:06:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61850
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5f...
http://b.scorecardresearch.com/b2?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5...

0
248 B

26ms
26ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=pandariptv&c9=&cv=1.8&cs_ak_ss=1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jan 2020 16:35:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=8&c2=18203330&rn=0.13317127072186374&c7=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&c3=1&c4=&c5=&c6=&c10=&c15=&c16=&c8=pandariptv&c9=&cv=1.8&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 24 Jan 2020 16:35:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 593 B
1 KB 58ms
46ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid2.44.1.js

Protocol

HTTP/1.1

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bf88cf6cb57da22e6c21c31ef760cb629f5b44d6b294547388b12768fb658fd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Jan 2020 16:35:46 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 195.242.213.149; 195.242.213.149; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.187:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 711be565-640c-479d-be6b-279729146066
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
mediafire-d.openx.net/w/1.0/ 175 B
572 B 229ms
170ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://mediafire-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=e3f29bfd-b7f8-473c-9556-5bb75aae70e0%2Ceefbc987-bf15-4789-9475-b62415cba5a1%2C39b2f181-e21e-43ff-9503-a8651318bd22%2C85ae8989-5492-4460-9e4e-59378fa686e8%2C79d89e47-0a63-455b-8e47-660ace3ea5a8&nocache=1579883744247&aus=728x90%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%7C728x90&divIds=div-gpt-ad-1376107698761-0%2Cdiv-gpt-ad-1376108171730-0%2Cdiv-gpt-ad-1376108334082-0%2Cdiv-gpt-ad-1376108444357-0%2Cdiv-gpt-ad-1573581836508-0&auid=539074863%2C539074864%2C539074865%2C539074866%2C539074866&
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid2.44.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash: d796fd53a11527e0d5c8d84bb9b96e08b1138dd7bd73b00d96ff9f13e38a417a

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
server: OXGW/16.174.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://www.mediafire.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 612 B
1 KB 69ms
58ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid2.44.1.js

Protocol

HTTP/1.1

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

404f91af6f0fb5e9e780bb1410d390073cbfcb3961f83b77cd21fa6bdec8be75

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Jan 2020 16:35:46 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 195.242.213.149; 195.242.213.149; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.49:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 062029f4-9d57-483a-a6cb-87d3b768b9d5
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.mediafire.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pxusr.gif
c.aaxads.com/ 43 B
324 B 35ms
35ms Image
image/gif 2.21.218.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.aaxads.com/pxusr.gif?&type=1&vn=1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2.21.218.77 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-218-77.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Feb 2020 16:35:44 GMT

GET
H/1.1 200
OK pxext.gif
aaxdetect.com/ 43 B
324 B 73ms
56ms Image
image/gif 2.21.217.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aaxdetect.com/pxext.gif?&type=2&vn=1
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2.21.217.111 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-217-111.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Feb 2020 16:35:44 GMT

GET
H/1.1 200
OK b.js Show response
cdn.otnolatrnup.com/Scripts/MediaScripts/ 171 KB
67 KB 12ms
12ms Script
application/x-javascript 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.otnolatrnup.com/Scripts/MediaScripts/b.js?v=4
Requested by: Host: cdn.otnolatrnup.com
URL: http://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: HTTP/1.1
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3b6e780ed7ed3d9165b386b32fe7b64f3f6e259ecfbb43ccbf8b6df01a3f20b5

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 178
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR IND"
Connection: keep-alive
Last-Modified: Fri, 24 Jan 2020 16:30:57 GMT
Server: cloudflare
Vary: *, Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=791
CF-RAY: 55a36c1a5a01dfbf-FRA
Expires: Fri, 24 Jan 2020 16:45:57 GMT

GET
H/1.1 200
OK log
l3.aaxads.com/ 35 B
327 B 69ms
57ms Image
image/gif 2.20.10.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&slg=8PR6YK195&lwbsh=AAX&gq=mediafire.com&flg=AAX3221EY&vyu=2020012311_741&vhuyqdph=c8-web-12&jgsu=0&fvha=0&fvvwu=&xvs_vwdwxv=0&xvs_hqi=1&xvs_vwulqj=&xifd=&xvs_ogi=&xjg=4&dgw=desktop&ylg=00001579883744433032874715093646&yvlg=2228853447150991&vg=1&jwg=99&lqlg=0&jig=600&ff=CH&vf=ZH&fw=ZURICH&dewh=CONTROL&dgeg=0&dps=0&yhuvlrq=1.2&vE=true&fruv=true&glvE=false&lfh=&yz=1585&yk=1200&skw=1842&fo=0&__rk=1&dss=0&uwbsh=&deg=2&ghqg=84&glhqg=&glvwduw=&gvwduw=8&uhtxuo=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&nzui=&hsxuo=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Protocol: HTTP/1.1
Server: 2.20.10.114 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-20-10-114.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jan 2020 16:35:44 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 161ms
161ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958047677618292&correlator=108318315028303&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21065203%2C21065305&vrg=2020011601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200124&iu_parts=183096492%2CMediaFire-Zone1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=buildnumber%3D121423%26dladtemplate%3D30%26button_delay%3Ddisabled&eri=5&cookie_enabled=1&bc=23&abxe=1&lmt=1579883744&dt=1579883744483&dlt=1579883743986&idt=207&frm=20&biw=1585&bih=1200&oid=3&adxs=545&adys=10&adks=2830848859&ucis=1&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&dssz=36&icsg=3670688&std=0&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=728x-1&ga_vid=1783031671.1579883744&ga_sid=1579883744&ga_hid=1006757793&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ff504bbebe025821b3bbe4bf00ecc7f50189f2469da2fd1ea00a5abb85743be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2096
x-xss-protection: 0
google-lineitem-id: 4819124617
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138246275463
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020011601.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 29ms
29ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

547811b7c01a8f67208aca4ed0174bec2379e0c68d4577b1524bbfdc716ace65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Jan 2020 14:06:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24507
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 124ms
124ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958047677618292&correlator=985545404860080&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21065203%2C21065305&vrg=2020011601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200124&iu_parts=183096492%2CMediaFire-Zone2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&prev_scp=buildnumber%3D121423%26dladtemplate%3D30%26button_delay%3Ddisabled&eri=5&cookie_enabled=1&bc=23&abxe=1&lmt=1579883744&dt=1579883744493&dlt=1579883743986&idt=207&frm=20&biw=1585&bih=1200&oid=3&adxs=313&adys=120&adks=1445360826&ucis=2&ifi=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&dssz=37&icsg=137442624160&std=0&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&ga_vid=1783031671.1579883744&ga_sid=1579883744&ga_hid=1006757793&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

6c57bf5cb06a0c1c74f39a6ebd29b4fcc67dd264c66d4bb73ef3ff35934f2198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2092
x-xss-protection: 0
google-lineitem-id: 4819272705
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138246521767
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 131ms
131ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958047677618292&correlator=1424035677150924&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21065203%2C21065305&vrg=2020011601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200124&iu_parts=183096492%2CMediaFire-Zone3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&prev_scp=buildnumber%3D121423%26dladtemplate%3D30%26button_delay%3Ddisabled&eri=5&cookie_enabled=1&bc=23&abxe=1&lmt=1579883744&dt=1579883744496&dlt=1579883743986&idt=207&frm=20&biw=1585&bih=1200&oid=3&adxs=313&adys=420&adks=3543024777&ucis=3&ifi=3&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&dssz=37&icsg=137442624160&std=0&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=336x-1&ga_vid=1783031671.1579883744&ga_sid=1579883744&ga_hid=1006757793&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

4d57bc9fd1c5ada7682f839bb3362ab001a7825d97b46786b5d9cc86e441940a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2102
x-xss-protection: 0
google-lineitem-id: 4819914887
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138246522232
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF89 0
0 33ms
30ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMDVAppM-nrnZAQ7ccaITDsRcFhC5mvAQBP_ViguqD-4_lvuZE49dU-eFE1dVMQrIlppXE9REM2Xp-B9LJxDUoWQ5hDU8gdHgqsG5pa8idvsimxdsrtpkvCb-F_jcTTFDJatfU7lPOZLCX4ZErNHvlxJRQktqwfeLCtJXsv6kXJ2XtOnYvQZCrtuaVaN-ptzTDEUpJGVG_SpExzEfCGxTz5UUyaCfalSZkg_bLUk8wI9fKR_c4kZXJbVle5wZce7tmnYSIkVxK6vo&sai=AMfl-YRLeq2JA2Mrd1R2bn94fEQKfDZVRAb01GPGbfxdWL_jiIMQZNe6AEIC1e36zBifCh1UoYOi3BQdWmnstK3KaGV19ftkICl22vzSNnEN&sig=Cg0ArKJSzPiTdLsBN6EFEAE&urlfix=1&adurl=

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DF89 105 KB
37 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665e1b5c63d3fb9216175e897de5b7b55bbdee20270990eab84d016092e051b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 18148373411675323811
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37758
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF89 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27829
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 33ms
18ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020011601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd84a822565ae5e53b0067857375158cd812c495285be2d22d54571af33af2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5120
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A9B3 0
0 35ms
33ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWLoQFApVHGFQ3aMFTQ5sNEXOajADMThCGbrH5MJzOFV211jlN_J776K7XT6_h0h8RClmER5uqvhWuGb357Zk9NwSzzPYDVGTo6JL-fqRrEAMndeKkrCcXYG2Qth-XAjz-oWXeE00eKKk0hVdKHyCK-Y1EO2bMvRtCSsVj2uTtOPRDBBRVgiYlZf0TV7ZxWlJ0_zeTiDKyvnk-D-9oXqi7kmJZJJfTFIIHRtBs2PMIbugkVwvoNN6qsfLUZ2yLIZGO-RIF_C1KOFI&sai=AMfl-YT2ejU9Di-q81HJiweHrUEjWoEfjtGynRGQ3I0W7RYQ0Qx8Phl7Wg4FWn-CFmcu4uf91XXWxg-Nbsw09213I_zbSCsC3GToFGdSRglT&sig=Cg0ArKJSzBfH60HvV96sEAE&urlfix=1&adurl=

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A9B3 105 KB
37 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665e1b5c63d3fb9216175e897de5b7b55bbdee20270990eab84d016092e051b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 18148373411675323811
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37758
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9B3 72 KB
27 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27829
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1DF 0
0 34ms
32ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0dSDm2rooitmqFork3Kf2bgBWA70Ozx8U8Ak6aeUgchDf8yXKTKEfn6-dwA8gvVKAr2TfhnuB80-E6_oy9jzUPb7pk5rSbSlfiG-EDDh1Tirqvn3pMneuO9U6MkrZg2j_D7rIiL7ZKV8NG9WvJXF7N7XlKR0uNLWGXckDWmk89lULccpnr0Yjiok9aru_DwB3dwSdJYARbwgVfeCLQDS3p9VTYxt4fEZF6dSg8KSCpYWC8vSuDHHJT4au1HQX-FywXhXDT305oQ&sai=AMfl-YRAjdd5JrwMGiwJCFfkSnYXoYbyS5tXQtedMexN_0JaWY41E_704ube7S1X6o67NLbwUuwJXKFEe78pGiQYqj_rpyihU_zvZ0camOaCzA&sig=Cg0ArKJSzCSmudVdH70oEAE&urlfix=1&adurl=

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E1DF 105 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665e1b5c63d3fb9216175e897de5b7b55bbdee20270990eab84d016092e051b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 18148373411675323811
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37758
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1DF 72 KB
27 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27829
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b68c05b19c101d32f1555ab1b493fc450b958011de86f43b4a5aa60028a2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1574183596005933"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5491
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
DATA 200
OK truncated
/ Frame DF89 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0713865d6ef7a33ed2a2874ed635e56292267ba19abacf7f4caa64d5e065fd04

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DF89 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF89 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ Frame DF89 220 KB
82 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/ Frame B138 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200122/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnjSSi6Q9FqFF4sROxtSdGyLVhCbg6o3s5tdtabG7V7wm4hWjzLsSTHF-_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 22 Jan 2020 20:17:13 GMT
expires: Wed, 05 Feb 2020 20:17:13 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 159511
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame A9B3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cc840c848a465c713a4831cf0851ba98cd798fad4bb5f330fe4de349f810fcc

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A9B3 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A9B3 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ Frame A9B3 220 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E1DF 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E1DF 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ Frame E1DF 220 KB
82 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
DATA 200
OK truncated
/ Frame E1DF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e419ef9c61bfe921115c67e38f86d225be23e6c03ff305cdd03659d2f0192475

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/205/ Frame 4C72 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/205/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/205/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4595
date: Fri, 24 Jan 2020 16:12:25 GMT
expires: Sat, 23 Jan 2021 16:12:25 GMT
last-modified: Tue, 08 Oct 2019 16:22:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1399
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C917 0
0 143ms
143ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=3493405847&adk=2006648550&adf=3173046729&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744780&bpp=15&bdt=127&fdt=65&idt=65&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=2&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=594855648&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=120&biw=1585&bih=1200&isw=336&ish=280&ifk=2221362344&scr_x=0&scr_y=0&eid=21065345&oid=3&pvsid=3831898694877757&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.8bh0h0i7b2bt&fsb=1&dtd=77

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=3493405847&adk=2006648550&adf=3173046729&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744780&bpp=15&bdt=127&fdt=65&idt=65&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=2&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=594855648&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=120&biw=1585&bih=1200&isw=336&ish=280&ifk=2221362344&scr_x=0&scr_y=0&eid=21065345&oid=3&pvsid=3831898694877757&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.8bh0h0i7b2bt&fsb=1&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnjSSi6Q9FqFF4sROxtSdGyLVhCbg6o3s5tdtabG7V7wm4hWjzLsSTHF-_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:35:45 GMT
server: cafe
content-length: 199
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF89 74 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3F53 0
0 149ms
149ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=7241079169&adk=384215718&adf=3173046728&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744809&bpp=4&bdt=107&fdt=80&idt=80&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=752625539&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=420&biw=1585&bih=1200&isw=336&ish=280&ifk=1886727638&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=3349852944307567&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.54je83k737wo&fsb=1&dtd=83

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7813835778543081&output=html&h=280&slotname=7241079169&adk=384215718&adf=3173046728&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744809&bpp=4&bdt=107&fdt=80&idt=80&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=752625539&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=420&biw=1585&bih=1200&isw=336&ish=280&ifk=1886727638&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=3349852944307567&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.54je83k737wo&fsb=1&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnjSSi6Q9FqFF4sROxtSdGyLVhCbg6o3s5tdtabG7V7wm4hWjzLsSTHF-_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:35:45 GMT
server: cafe
content-length: 199
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9B3 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 152A 0
0 95ms
95ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=3457321791&adk=3807574358&adf=3173046727&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744816&bpp=3&bdt=98&fdt=88&idt=88&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=226613231&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=545&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=3966367602&scr_x=0&scr_y=0&oid=3&pvsid=2384386518000982&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.20pklus0kdxa&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=3457321791&adk=3807574358&adf=3173046727&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883744816&bpp=3&bdt=98&fdt=88&idt=88&shv=r20200122&cbv=r20190131&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=226613231&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=545&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=3966367602&scr_x=0&scr_y=0&oid=3&pvsid=2384386518000982&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.20pklus0kdxa&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnjSSi6Q9FqFF4sROxtSdGyLVhCbg6o3s5tdtabG7V7wm4hWjzLsSTHF-_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:35:45 GMT
server: cafe
content-length: 200
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1DF 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:44 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=205&t=2&li=gpt_2020011601&jk=3958047677618292&bg=!OjmlOSFY6iYsLqi8fDgCAAAAMVIAAAAJmQFcyHc6azleS46SyY00IU3AfK_5lU3TN-YF-23bNPLACFEd_dow7akwSI40eg6t76elTgxA9w7L0dO8JALL_rBvyYXZ5r_uy_LYsH0d0ylNj9WCxLshxStk8wy6rnE6hcDSw19wf4aGnUKu-kgU4tBuqD1jAeaMJEIPWXSrjkdrmteBZGIh3OQYZZ90FiYncWCZYozilnVMXz2NA3-M3sgJ_t2iUgHuXw2o3gnnOf_U5YJjcGgV2goQFkc8LUjyWZ5OCUfoy4EvZiMwfWPmRAYJjC6JKmPGOXywWvvYAKbKhYp2UoYGedJqAfd2Nz3hu9L-jqhspLlM71lXG53qn76afpQ_KSWL38Vu72JQ0sxY5WggJJ_S85-6G8JxHJ4E9Nj5dDq6KGTdN0utQ7QuEz1VQdt8-GmA62w_ohnHdW8RM_T8233g0vBylRfDHfUzxX4HFxF1RoYajccOsppr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:44 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 120ms
120ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958047677618292&correlator=548785259035073&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21065203%2C21065305&vrg=2020011601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200124&iu_parts=183096492%2CMediaFire-Zone4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=buildnumber%3D121423%26dladtemplate%3D30%26button_delay%3Ddisabled&eri=5&cookie=ID%3Dd5900f361acabf1e%3AT%3D1579883744%3AS%3DALNI_MbR2dF3h_0evZ8XkfmV_w15chXpfg&cookie_enabled=1&bc=23&abxe=1&lmt=1579883745&dt=1579883745038&dlt=1579883743986&idt=207&frm=20&biw=1585&bih=1200&oid=3&adxs=313&adys=720&adks=449802585&ucis=4&ifi=4&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&dssz=35&icsg=687198438048&std=0&vis=1&scr_x=0&scr_y=0&psz=960x1500&msz=728x-1&psts=AA2WTGMg-wZW0a_NpeHgNSunCJZaP6oY0I6Ui8umsOmq-b1k8ZX5K_z8po_3oF-41QrRJXT7FuwJb1s9uMrc0kUpRrCedvQ%2CAA2WTGNA_ve5VpRyB2RT6g5nOr9oJnh1FxqoqLIJN5lawmY2j5Loy-_4Nnn5Q4GZQOd0C6y8VmU3LRjkKKqwD7shSfmJP28%2CAA2WTGMjkqOpHr5e7aNjBaTWp-oVge0PVxjpGXVpJDRP31zl0_BFwM2l3aXmVVzz3PfGYdrOJkAjNRkJ_McSE3Grs_Vy1IY&ga_vid=1783031671.1579883744&ga_sid=1579883744&ga_hid=1006757793&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

23bf86eea53cb2c84cac5e81f7b3b8a4fc6c947af4329b59471b630f931950b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1942
x-xss-protection: 0
google-lineitem-id: 4819913690
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138246522217
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.mediafire.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A9B3 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7716eb07e591826d7eefa81d566d9e4a67432b066df14fb6e2b87d283284d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Origin: http://www.mediafire.com

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5268
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A9B3 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b68c05b19c101d32f1555ab1b493fc450b958011de86f43b4a5aa60028a2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1574183596005933"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5491
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:45 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/205/ Frame 8E36 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/205/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/205/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4595
date: Fri, 24 Jan 2020 16:12:25 GMT
expires: Sat, 23 Jan 2021 16:12:25 GMT
last-modified: Tue, 08 Oct 2019 16:22:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1400
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A4C 0
0 44ms
43ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ0Izswa4gq5Dt8_CrinPVfA4OUtmKwT5vcM7cXgrLw7s_ExGtM5vlPva0kNQPvBDjkI8-qreUxVLoplEN95JvDQ9Jh_FKx9g59bSFcjqaCPVnAaLX4jnb5eAC-UFxc-eaumGQoPQa-5-bHe37m6BJyGA1bu_Ebyc_s1KwLhObQURhmcgGDPeWTFDBp7nF0kWq6h35iWEplibiY6A46BYZ2h0f5LkryMgkYUWvXTxTqunkke84kj_HOqR82xTmpk-A2JXog9CIsQ&sig=Cg0ArKJSzIBlxJHXD5lBEAE&urlfix=1&adurl=

Requested by

Host: www.mediafire.com
URL: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jan 2020 16:35:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4A4C 105 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665e1b5c63d3fb9216175e897de5b7b55bbdee20270990eab84d016092e051b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:35:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 18148373411675323811
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37758
X-XSS-Protection: 0
Expires: Fri, 24 Jan 2020 16:35:45 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A4C 72 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020011601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27829
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:45 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9B3 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=205&t=2&li=gda_r20200122&jk=3349852944307567&bg=!8_Cl8OhYuy2xTm_UU9ACAAAAL1IAAAAKmQFivsHbVYovs3cUitTNRCxPT4uAYGJnXRgvmVlUQGlqy2NEpTEVht30bXo1EFz7jE_lmCm5XFtymeJxwFEaH7MKLdp-1ZJMcmMJdp7U6UE6xCfS--65yzQIGz_aPhQSpLyW66LiGf4CIMm2C5QUtY9Oyb__5RIvTbB0jEW061NkoO2lo0j4dR8qiCObbzz3shPcIgTwcUDoRvITckpaVu3LsObohMb8g5Jb0g_fgzNfLBwtmacuLvvTr1IekEb4vC9I415w-plEJxoTGlmBG3NVxa9DEs0jE4aaPWDchPA7w0ZQOi1Xja9n6HToDm2NTv9MogSaroQgZsOGzHq2yhxc37Yp09tDOWW6_7JfKLTdSl33ukGeh7xJ4e1fsLHIfGaySUuVxS2AUT2cUhpt1KY55FYRK9U-JXKGUEOHUprxEUHdPjenvxFdQjowFb2ahr6gbS68e38kkrEZumrShfBTZ3sy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4A4C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19180aedac45e3bb7e9e1dd95eab19a7edf55f25118f417a1de3407a6cda02db

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4A4C 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4A4C 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ Frame 4A4C 220 KB
82 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:35:45 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6AA8 0
0 87ms
87ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=1988752482&adk=2500333461&adf=3173046725&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883745226&bpp=3&bdt=64&fdt=49&idt=49&shv=r20200122&cbv=r20190131&ptt=9&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=952309233&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=720&biw=1585&bih=1200&isw=728&ish=90&ifk=1755995248&scr_x=0&scr_y=0&eid=21065275%2C21065304&oid=3&pvsid=3136842748768979&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.7c5vcnussmc8&fsb=1&dtd=53

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7813835778543081&output=html&h=90&slotname=1988752482&adk=2500333461&adf=3173046725&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&ea=0&flash=0&wgl=1&adsid=NT&dt=1579883745226&bpp=3&bdt=64&fdt=49&idt=49&shv=r20200122&cbv=r20190131&ptt=9&saldr=aa&correlator=5338848200059&frm=23&ife=4&pv=1&ga_vid=1783031671.1579883744&ga_sid=1579883745&ga_hid=952309233&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=720&biw=1585&bih=1200&isw=728&ish=90&ifk=1755995248&scr_x=0&scr_y=0&eid=21065275%2C21065304&oid=3&pvsid=3136842748768979&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.7c5vcnussmc8&fsb=1&dtd=53
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnjSSi6Q9FqFF4sROxtSdGyLVhCbg6o3s5tdtabG7V7wm4hWjzLsSTHF-_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:35:45 GMT
server: cafe
content-length: 200
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A4C 74 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:35:45 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A9B3 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmEJZytRkz0IW3BCgLzC2_ozqv6H2b16PIEvDe7_qd-4rictGKtFMgX5N8TDqcxIj9_PGOz8D6LVgd0UmKugfC5rwfdC86wFtK-JKajiU&sig=Cg0ArKJSzD_PwaPADrnoEAE&adk=3543024777&tt=-1&bs=1585%2C1200&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&p=420,313,700,649&mcvt=1021&rs=0&ht=0&tfs=116&tls=1137&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1579883744709&dlt&rpt=111&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C1842&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1136&is=336%2C280&iframe_loc=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E1DF 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_rI-JLLhurqMgOfoH69hCG0o0s9NXXowdLwu3qfS2XX_O22zdgcInQ9LfBaTD_PZNmLOxfiNIdG3l6PKcbR6oQ6OKUFlR60GNVkTAN8I&sig=Cg0ArKJSzBT1FpF95WA-EAE&adk=2830848859&tt=-1&bs=1585%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=10,545,100,1273&mcvt=1009&rs=0&ht=0&tfs=106&tls=1115&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1579883744722&dlt&rpt=113&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C1842&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1114&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DF89 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8gMWfRSif5GYKAZD10_JGg0kT0_9AR8XgvKlp-Oxc5NVS-p8RynElcLKXVAfr4E7nVW_lEq7eUrunAH5donNmTKJ6VajO7dZz4fQaNP8&sig=Cg0ArKJSzMXeZx0r65xWEAE&adk=1445360826&tt=-1&bs=1585%2C1200&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&p=120,313,400,649&mcvt=1042&rs=0&ht=0&tfs=252&tls=1294&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1579883744670&dlt&rpt=208&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C1842&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-8-12-12-0-0-0&tvt=1287&is=336%2C280&iframe_loc=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4A4C 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfj7zwjPaJ0Tj7ogtiNEu17ovHA1Z9DGWBUsI8T8vpRR4EQp03Qtsh8n0bGePuByzdhN8pdpTH3vR6aDkoHWY92cWMBoG-8pMyHoW0pNE&sig=Cg0ArKJSzMviY5NXaXSPEAE&adk=449802585&tt=-1&bs=1585%2C1200&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&p=720,313,810,1041&gcm=1&lcs=1&mcvt=1010&rs=0&ht=0&tfs=102&tls=1112&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1579883745165&dlt&rpt=52&isd=0&msd=0&ext&imams=1&xdi=0&msp=1&ps=1585%2C1842&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1111&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.mediafire.com%2Ffile%2Fu9cujuijgaense3%2Fpandariptv.apk%2Ffile%3Fspm%3Da2g0s.imconversation.0.0.4a493e5frH9VAm&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:35:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame EDA5 0
0 55ms
41ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid2.44.1.js
Protocol: HTTP/1.1
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.11.5 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
Accept-Encoding: gzip, deflate
Cookie: icu=ChgIkbVJEAoYASABKAEw4rms8QU4AUABSAEQ4rms8QUYAA..; uuid2=3734600092950573743
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.11.5
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 23 Jan 2021 16:35:47 GMT
Date: Fri, 24 Jan 2020 16:35:47 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 4F17 0
0 32ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Requested by: Host: www.mediafire.com
URL: http://www.mediafire.com/js/prebid2.44.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm
accept-encoding: gzip, deflate, br
cookie: i=4b34b02e-a39b-0d8e-089b-ff157437267d|1579883744
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk/file?spm=a2g0s.imconversation.0.0.4a493e5frH9VAm

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=4b34b02e-a39b-0d8e-089b-ff157437267d|1579883744; Version=1; Expires=Sat, 23-Jan-2021 16:35:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1579883747|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 08-Feb-2020 16:35:47 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 24 Jan 2020 16:35:47 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mediafire.com/	1970-01-19 06:51:23	Name: _gat_UA-86547571-4 Value: 1
.mediafire.com/	1970-01-19 06:51:23	Name: _gat_gtag_UA_829541_1 Value: 1
.mediafire.com/	1970-01-19 06:55:42	Name: u9s0 Value: 1
www.mediafire.com/	1969-12-31 23:59:59	Name: __aaxsc Value: 0
.mediafire.com/	1970-01-19 23:39:23	Name: ukey Value: zilq38djnh1fqwnp1aqpuogk0w51mauh
.mediafire.com/	1970-01-19 07:34:35	Name: __cfduid Value: db5a02471eb428fb7197d3f0560a7e0851579883743
.mediafire.com/	1970-01-20 00:22:35	Name: _ga Value: GA1.2.1783031671.1579883744
www.mediafire.com/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1579883744352
.mediafire.com/	1970-01-19 06:52:50	Name: _gid Value: GA1.2.110808680.1579883744
www.mediafire.com/file/u9cujuijgaense3/pandariptv.apk	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaxdetect.com
acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
b.scorecardresearch.com
c.aaxads.com
cdn.otnolatrnup.com
eu-u.openx.net
googleads.g.doubleclick.net
ib.adnxs.com
l3.aaxads.com
mediafire-d.openx.net
otnolatrnup.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.mediafire.com
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mediafire.com
104.16.203.237
2.16.186.80
2.20.10.114
2.21.217.111
2.21.218.77
216.58.207.66
23.210.249.83
2606:4700::6813:d725
2a00:1450:4001:806::2001
2a00:1450:4001:809::200a
2a00:1450:4001:814::200e
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2008
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9c
2a03:2880:f12d:83:face:b00c:0:25de
34.95.120.147
37.252.173.38
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0713865d6ef7a33ed2a2874ed635e56292267ba19abacf7f4caa64d5e065fd04
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
0a7e39087bed30f124a891216762b67addf2644e1c730bc5e94fa9d0ad733266
19180aedac45e3bb7e9e1dd95eab19a7edf55f25118f417a1de3407a6cda02db
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
23bf86eea53cb2c84cac5e81f7b3b8a4fc6c947af4329b59471b630f931950b8
2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190
281c1ae097994abebf0c1e56a84620b5b636092607f4709450f1580d38f315be
2c5c025509524a5c0a73bf56e53457f02dff136842191aaa2cba3f5cf2331594
315f5f67f80b413592a970d2d7a3875294be6039956c2edfa0aa9d3095fa6f2d
3b6e780ed7ed3d9165b386b32fe7b64f3f6e259ecfbb43ccbf8b6df01a3f20b5
3b7716eb07e591826d7eefa81d566d9e4a67432b066df14fb6e2b87d283284d3
3fa99d88ac410da01b545aac3fa9e4125908e748a462a39434aff420230655f6
404f91af6f0fb5e9e780bb1410d390073cbfcb3961f83b77cd21fa6bdec8be75
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
4d57bc9fd1c5ada7682f839bb3362ab001a7825d97b46786b5d9cc86e441940a
547811b7c01a8f67208aca4ed0174bec2379e0c68d4577b1524bbfdc716ace65
5487b10be6f68c7c4c203e5bb3bacc4860a81a97d7267aba4608a1c6718b4b66
549a0e6a0c8c127c94637ef0c08cf81270509d7339e1b95b6ec5de813fb329d2
54c05d108ce5e65e51412d1667e583e90a8d22233e33e78deea09b903530a0e4
577702e69d2e090bb4e3666134f5c9e7edec9de0000143384cc1465c35551b91
58684b67d40f7a8107796974bea44297e1fc6573fb0c0564b52a2ec17f17d577
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
665e1b5c63d3fb9216175e897de5b7b55bbdee20270990eab84d016092e051b6
6c57bf5cb06a0c1c74f39a6ebd29b4fcc67dd264c66d4bb73ef3ff35934f2198
720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cc840c848a465c713a4831cf0851ba98cd798fad4bb5f330fe4de349f810fcc
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
863fd031f8bb86b29df08866f391017743b81a1439fbd7bb9f98e5fef8d10411
872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
aed0bb7e61cc17475b859f1ee647f79b55ac178a8a24d53781c6c8cd11782473
b73893d9d2d3a1f02801f88c14e54c768a70dc041a54744c01043747fb97c929
bd84a822565ae5e53b0067857375158cd812c495285be2d22d54571af33af2e4
bf88cf6cb57da22e6c21c31ef760cb629f5b44d6b294547388b12768fb658fd6
d10680154bdc65dcfc89df439a45ef3aacc5dd8b4dc2aa4bd852a5e30a9152cf
d1b68c05b19c101d32f1555ab1b493fc450b958011de86f43b4a5aa60028a2a2
d796fd53a11527e0d5c8d84bb9b96e08b1138dd7bd73b00d96ff9f13e38a417a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e419ef9c61bfe921115c67e38f86d225be23e6c03ff305cdd03659d2f0192475
e61816e7c0be10882ec227cb672cb9bf0236f48fe160331472257e468203b6eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22320501f74c0109a7a36061b237f0f0dc3f5d61c3aa99e6e9846f29b52a845
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f5e937b5fe1aa8ea03d1ed85cde6f9e4b3470fabf49159c5fe2e44c3d7f4ee57
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
ff504bbebe025821b3bbe4bf00ecc7f50189f2469da2fd1ea00a5abb85743be8

www.mediafire.com Open in urlscan Pro 104.16.203.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

67 %HTTPS

63 %IPv6

18 Domains

29 Subdomains

23 IPs

6 Countries

1498 kBTransfer

4103 kBSize

10 Cookies

9 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mediafire.com Open in urlscan Pro
104.16.203.237 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

67 %
HTTPS

63 %
IPv6

18
Domains

29
Subdomains

23
IPs

6
Countries

1498 kB
Transfer

4103 kB
Size

10
Cookies

98 HTTP transactions
4 data transactions