urlscan.io logo urlscan.io
SecurityTrails logo

www.mediafire.com Open in urlscan Pro
104.17.150.117  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Submission Tags: falconsandbox
Submission: On December 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 31 HTTP transactions. The main IP is 104.17.150.117, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 42384.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2024. Valid for: a year.
This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 104.17.150.117 13335 (CLOUDFLAR...)
2 172.67.199.186 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.139.29.40 16509 (AMAZON-02)
2 104.18.159.164 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 98.83.224.108 14618 (AMAZON-AES)
1 2 54.157.250.213 14618 (AMAZON-AES)
1 34.214.109.82 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
31 14
13    104.17.150.117 (None, )

ASN13335 (CLOUDFLARENET, US)
www.mediafire.com
static.mediafire.com
sandbox.mediafire.com
2    172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)
the.gatekeeperconsent.com
privacy.gatekeeperconsent.com
3    2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    108.139.29.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-40.jfk50.r.cloudfront.net
cdn.amplitude.com
2    104.18.159.164 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.otnolatrnup.com
otnolatrnup.com
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    98.83.224.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-83-224-108.compute-1.amazonaws.com
ad.crwdcntrl.net
2    54.157.250.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-250-213.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    34.214.109.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-109-82.us-west-2.compute.amazonaws.com
api.amplitude.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
Apex Domain
Subdomains		 Transfer
13 mediafire.com
www.mediafire.com — Cisco Umbrella Rank: 42384
static.mediafire.com — Cisco Umbrella Rank: 66050
sandbox.mediafire.com
99 KB
3 crwdcntrl.net
tags.crwdcntrl.net Failed
ad.crwdcntrl.net — Cisco Umbrella Rank: 19155
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
921 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
299 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
555 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 otnolatrnup.com
cdn.otnolatrnup.com — Cisco Umbrella Rank: 65058
otnolatrnup.com — Cisco Umbrella Rank: 56664
57 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3096
api.amplitude.com — Cisco Umbrella Rank: 2614
22 KB
2 gatekeeperconsent.com
the.gatekeeperconsent.com — Cisco Umbrella Rank: 14028
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 35054
3 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
31 10
Domain Requested by
7 www.mediafire.com 1 redirects www.mediafire.com
static.cloudflareinsights.com
5 static.mediafire.com www.mediafire.com
3 www.googletagmanager.com www.mediafire.com
www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 bcp.crwdcntrl.net 1 redirects www.mediafire.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 api.amplitude.com cdn.amplitude.com
1 ad.crwdcntrl.net cdn.otnolatrnup.com
1 otnolatrnup.com cdn.otnolatrnup.com
1 sandbox.mediafire.com www.mediafire.com
1 cdn.otnolatrnup.com www.mediafire.com
1 cdn.amplitude.com www.mediafire.com
1 privacy.gatekeeperconsent.com the.gatekeeperconsent.com
1 static.cloudflareinsights.com www.mediafire.com
1 the.gatekeeperconsent.com www.mediafire.com
0 tags.crwdcntrl.net Failed cdn.otnolatrnup.com
31 18

This site contains links to these domains. Also see Links.

Domain
download2348.mediafire.com
facebook.com
blog.mediafire.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.mediafire.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-30 -
2025-08-30		 a year crt.sh
gatekeeperconsent.com
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M03		 2024-11-14 -
2025-12-13		 a year crt.sh
otnolatrnup.com
WE1		 2024-11-27 -
2025-02-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Frame ID: BCC39ADD0FC650AF934B170277905832
Requests: 28 HTTP requests in this frame

Frame: https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: DDB03BCB883675E2276568C6D892BE4A
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-K68XP6D85D&gacid=1793838904.1733164360&gtm=45je4bk0v887485693z86304663za200zb6304663&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=376497590
Frame ID: 709F7DD63101E0B7D335F0194B633AA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JoiPlay-1.20.032-patreon-release

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

90 %
HTTPS

46 %
IPv6

10
Domains

18
Subdomains

14
IPs

2
Countries

509 kB
Transfer

1557 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Request Chain 20
  • https://bcp.crwdcntrl.net/map/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request file
www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/ 		239 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12b3ad97e043d2c31492f67b3f2cab11e2d98e7221a7cb579c2f80274005549
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
OPTIONS, POST, GET
access-control-allow-origin
https://www.mediafire.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8ebd66957e117ae8-SJC
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 18:32:38 GMT
expires
0
pragma
no-cache
priority
u=0,i
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfExtPri
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-mf-env
liveApi
x-mf-fe
mf2
x-robots-tag
noindex, nofollow
cmp.min.js
the.gatekeeperconsent.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp.min.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e35c37f1f90a38d6e2975108d3ea71e43c00e40f8662114b3ff6373e2bdd04d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
HIT
age
35
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YI37fHbB12G01NT6n9i51lJ8nJyAwWnWzqfL9kEiBirWot1x6mQT6%2FNiXlQWX2RX6Iu6K3CDymqalYV6wUnv1JLPC%2BBYTFyRrz1TRwgQBecwq1qVkLTEANAm%2BOWbWwD62c%2Bb4jTdzVLus3lx"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73123&min_rtt=71444&rtt_var=16508&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4171&recv_bytes=4354&delivery_rate=8146&cwnd=12000&unsent_bytes=0&cid=08382a0d49ebf4da&ts=188&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 18:32:38 GMT
x-middleton-display
sol-js
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 18:29:22 GMT
priority
u=1,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ebd66988d6b0fbc-LAX
server
cloudflare
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9158c8528781e14825532b2f4224a3097948d95e64732e72e652efd8b4d3146c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 18:32:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77319
x-xss-protection
0
server
Google Tag Manager
cyber_monday_banner.svg
static.mediafire.com/images/backgrounds/download/affiliate_fullpage/cybermonday/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/affiliate_fullpage/cybermonday/cyber_monday_banner.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960d5f605bccaeeee5dae805eb0704d29de95f3456c049b382e6196c1324645a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"674a0165-3aef"
age
6877
access-control-allow-methods
OPTIONS, POST, GET
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/svg+xml
last-modified
Fri, 29 Nov 2024 18:01:09 GMT
vary
Accept-Encoding
priority
u=2,i
x-mf-fe
mf1
cf-ray
8ebd669818df7ae8-SJC
access-control-allow-origin
*
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mediafire.com
Referer
https://www.mediafire.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ebd669abc9c2f1d-LAX
access-control-allow-origin
*
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
consent_modules.json
privacy.gatekeeperconsent.com/ 		30 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/consent_modules.json
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/cmp.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182bf11a786ed9f3b8590415e512883a3a30966e9edff7f1405c7d59dc815ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
max-age=15780000, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFwoHThVbmy8iyZaVPaYkhovdFUqbt1sHC2VBj6m%2B2eK9l5jlEfTFNnTQml0zw%2B6t3hOdIGGA10OmCJXosqSNA3zj87AAXv8QRfBHcxRYzg3YgdP1qGWjfd7hKNz%2FZHRjwMy7B2DEs%2FCV%2FBiqLYVoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ebd669a7cff78ef-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
30
server-timing
cfL4;desc="?proto=QUIC&rtt=72893&min_rtt=72878&rtt_var=27340&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4125&recv_bytes=4300&delivery_rate=43444&cwnd=12000&unsent_bytes=0&cid=54e4997ff406bb1f&ts=134&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.mediafire.com
Referer
https://www.mediafire.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"660c3b546f2a131de50b69b91f26c636"
x-amz-version-id
NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
age
462282
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
pGaVRJ1yOqGh8rfVylkBwF0POwpFlG6z7W-oqsuMFge4Dc0aQT7HJg==
date
Wed, 27 Nov 2024 10:07:58 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Fri, 13 Aug 2021 22:37:42 GMT
cache-control
max-age=31536000
via
1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
22154
x-amz-cf-pop
JFK50-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		278 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f83876e69eace4c2ff640376cc97cb51bf6324228564822550af064f3a648069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 02 Dec 2024 18:32:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89643
x-xss-protection
0
server
Google Tag Manager
mf_logo_u1_reversed.svg
static.mediafire.com/images/backgrounds/header/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/header/mf_logo_u1_reversed.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79399054b44cdca9b15b0bc784b6acb4be9e94e60fcc8b0e68ee70f642253f08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62deda56-115c"
age
9110
access-control-allow-methods
OPTIONS, POST, GET
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/svg+xml
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=3,i
x-mf-fe
mf2
cf-ray
8ebd6699eb167ae8-SJC
access-control-allow-origin
*
server
cloudflare
file-zip-v3.png
static.mediafire.com/images/filetype/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cf-cache-status
HIT
etag
"62deda56-750"
age
4644
access-control-allow-methods
OPTIONS, POST, GET
expires
Wed, 01 Jan 2025 13:31:17 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/png
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
x-mf-fe
mf2
cf-ray
8ebd6699eb1b7ae8-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
1872
server
cloudflare
icons_sprite.svg
www.mediafire.com/images/icons/svg_dark/ 		36 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediafire.com/images/icons/svg_dark/icons_sprite.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdd0b259b84f4ec7478d7fadabf0514dc8952ae2cf24dfa9520cd6475b91a7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62deda56-90ab"
age
6323
access-control-allow-methods
OPTIONS, POST, GET
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/svg+xml
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=3,i
cf-ray
8ebd6699eb1e7ae8-SJC
x-mf-fe
mf2
access-control-allow-origin
*
server
cloudflare
infinity.js.aspx
cdn.otnolatrnup.com/Scripts/ 		179 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.159.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d14776d90c5b24e09f404c503ce91741151c8596bc71057a93019b4331b90cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
public, no-transform, max-age=900
content-encoding
gzip
cf-cache-status
HIT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
age
57
cf-ray
8ebd669abdc615d4-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
p3p
CP="CAO PSA OUR IND"
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 02 Dec 2024 18:30:50 GMT
mf_logo_u1_full_color_reversed.svg
sandbox.mediafire.com/images/backgrounds/header/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sandbox.mediafire.com/images/backgrounds/header/mf_logo_u1_full_color_reversed.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a0ec73a3ca7f354865d6b95401c50627fdf5a9b0da763a6f75fa818fd775b55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"62deda56-11ca"
access-control-allow-methods
OPTIONS, POST, GET
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApiSandbox
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/svg+xml
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=1,i
cf-ray
8ebd669a2b657ae8-SJC
x-mf-fe
mfsbx1
access-control-allow-origin
*
server
cloudflare
gold_check_mark.svg
static.mediafire.com/images/backgrounds/download/affiliate_fullpage/blackfriday/ 		170 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/download/affiliate_fullpage/blackfriday/gold_check_mark.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1244fa877854255c15561559a0cd7ead0f1d935ef4302ff9a763c220d9f58c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67476264-aa"
age
426
access-control-allow-methods
OPTIONS, POST, GET
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 18:18:12 GMT
vary
Accept-Encoding
priority
u=3,i
x-mf-fe
mf1
cf-ray
8ebd669a1b5e7ae8-SJC
access-control-allow-origin
*
server
cloudflare
footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 		583 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cf-cache-status
HIT
etag
"62deda56-247"
age
1814
access-control-allow-methods
OPTIONS, POST, GET
expires
Wed, 01 Jan 2025 15:31:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:38 GMT
content-type
image/png
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
x-mf-fe
mf2
cf-ray
8ebd669a1b607ae8-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
583
server
cloudflare
main.js
www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame DDB0
Redirect Chain
  • https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H3
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a606315d74ba6dc45c37f6a70e72dc300b5dec0a3c49c43dc24a99f72c6d8bf6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8ebd669c1d887ae8-SJC
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8ebd669b6cdf7ae8-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:32:38 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
Tag.engine
otnolatrnup.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otnolatrnup.com/Tag.engine?time=600&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=57778&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=-600&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F0zs2l8yz40o0k2p%2FJoiPlay-1.20.032-patreon-release.apk%2Ffile%3Fdkey%3Dtw49fjtomoo%26r%3D1661&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.159.164 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc1caf876fc89c979c5bb28c31a7ad0112d155715169c9666b16b89e1863b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
private, no-transform
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cf-ray
8ebd669d48aa15d4-SJC
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
p3p
CP="CAO PSA OUR IND"
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
8ebd66957e117ae8
www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DDB0 		0
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ebd66957e117ae8
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ebd669d8f127ae8-SJC
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
gzip
age
7138
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 18:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 16:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
cc_af.js
tags.crwdcntrl.net/c/4545/ 		0
0
callback=g367CB268B1094004A3689751E7AC568F.Lotame.CallExtractionAPICallback
ad.crwdcntrl.net/5/c=3722/pe=y/ 		131 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=3722/pe=y/callback=g367CB268B1094004A3689751E7AC568F.Lotame.CallExtractionAPICallback?41661320
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.83.224.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-83-224-108.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3d41b5eccb6d46de2253c6c225a6aef2009f266fc4180385b9d1ad17c19e7329

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
131
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
application/javascript;charset=utf-8
x-server
10.40.63.234
server
Jetty(9.4.38.v20210224)
tpid=1c5b12285dac42c99ed937cd6ef95bbf
bcp.crwdcntrl.net/map/ct=y/c=3722/tp=ADSP/
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf
  • https://bcp.crwdcntrl.net/map/ct=y/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661
Protocol
H2
Server
54.157.250.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-250-213.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
image/gif
x-server
10.40.10.115
server
Jetty(9.4.38.v20210224)

Redirect headers

cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/ct=y/c=3722/tp=ADSP/tpid=1c5b12285dac42c99ed937cd6ef95bbf
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Mon, 02 Dec 2024 18:32:39 GMT
x-server
10.40.63.82
server
Jetty(9.4.38.v20210224)
/
api.amplitude.com/ 		7 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.214.109.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-109-82.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://www.mediafire.com/

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
7
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
text/html;charset=utf-8
js
www.googletagmanager.com/gtag/ 		425 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He4bk0v6304663za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3d8cfb618969b083e94d10a3487692e51784cd0b178ff46237da30394106906
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 18:32:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137641
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/j/ 		1 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=978093808&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F0zs2l8yz40o0k2p%2FJoiPlay-1.20.032-patreon-release.apk%2Ffile%3Fdkey%3Dtw49fjtomoo%26r%3D1661&ul=en-us&de=UTF-8&dt=JoiPlay-1.20.032-patreon-release&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1445220736&gjid=853162429&cid=1793838904.1733164360&tid=UA-829541-1&_gid=683674295.1733164360&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cd1=unregistered&cd7=legacy&cd3=archive&cd4=61&cd5=apk&cd8=%2F50%2F100%2F&jsscut=1&z=518530347
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.mediafire.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.mediafire.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je4bk0v887485693z86304663za200zb6304663&_p=1733164358638&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1793838904.1733164360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733164359&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F0zs2l8yz40o0k2p%2FJoiPlay-1.20.032-patreon-release.apk%2Ffile%3Fdkey%3Dtw49fjtomoo%26r%3D1661&dt=JoiPlay-1.20.032-patreon-release&en=page_view&_fv=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F0zs2l8yz40o0k2p%2FJoiPlay-1.20.032-patreon-release.apk%2Ffile%3Fdkey%3Dtw49fjtomoo%26r%3D1661&tfd=2073
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He4bk0v6304663za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mediafire.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:40 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K68XP6D85D&cid=1793838904.1733164360&gtm=45je4bk0v887485693z86304663za200zb6304663&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He4bk0v6304663za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mediafire.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:40 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 709F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-K68XP6D85D&gacid=1793838904.1733164360&gtm=45je4bk0v887485693z86304663za200zb6304663&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=376497590
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He4bk0v6304663za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 18:32:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
www.mediafire.com/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ebd66a54fef7ae8-SJC
access-control-allow-origin
https://www.mediafire.com
date
Mon, 02 Dec 2024 18:32:40 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
www.mediafire.com/ 		11 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mediafire.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.150.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"62deda56-2a46"
age
120575
access-control-allow-methods
OPTIONS, POST, GET
expires
Wed, 25 Dec 2024 10:17:12 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-mf-env
liveApi
date
Mon, 02 Dec 2024 18:32:40 GMT
content-type
image/x-icon
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=2592000
cf-ray
8ebd66a54ff17ae8-SJC
x-mf-fe
mf2
access-control-allow-origin
*
server
cloudflare
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je4bk0v887485693za200zb6304663&_p=1733164358638&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1793838904.1733164360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733164359&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F0zs2l8yz40o0k2p%2FJoiPlay-1.20.032-patreon-release.apk%2Ffile%3Fdkey%3Dtw49fjtomoo%26r%3D1661&dt=JoiPlay-1.20.032-patreon-release&en=scroll&epn.percent_scrolled=90&_et=76&tfd=7168
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c&gtm=45He4bk0v6304663za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.mediafire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mediafire.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:32:45 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/c/4545/cc_af.js

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ezCMPQueue function| __setCMPv2RequestData function| __getCMPv2InitialSelectedLanguage function| setupEzTcfApi object| _CMPv2RequestData function| gtag object| dataLayer object| amp object| amplitude function| initDownload object| sticky function| isInRect function| getDownloadUrl object| allowed object| el function| rAb function| InfCustomFPSTAMobileFunc function| InfCustomSTAMobileFunc function| InfCustomFPSTAFunc function| InfCustomerCallback function| InfPreFastPopAttachCallback function| InfSkipBindDocumentClick function| InfMediafireMobileFunc number| iAdCountInterval function| acceptCookieFooter function| reloadPage function| noop function| ClearStatusMessages function| setCookieSeconds function| Re function| aU function| setCookie function| getCookie function| loadHotjar function| registerGoogleLang function| trackDownloadEvent function| closeStatusMessage function| showStatusMessage function| downloadOptIn function| showTDOptInDialog function| closeMobileTD function| trackTurboDownload function| showDesktopDownloadArrow function| hideDesktopDownloadArrow function| onLegacyCopyLink function| openShareDialog function| saveToMyfiles function| copyShareLink function| startLazyLoad function| InfPreInterstitialProcessCallback function| InfClickEventCallback function| InfCustomerPopLoadedCallback object| __cfBeacon object| g367CB268B1094004A3689751E7AC568F function| UAParser object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __AMPLITUDE__ object| gaplugins object| gaGlobal object| gaData object| googletag function| onYouTubeIframeAPIReady

32 Cookies

Domain/Path Name / Value
www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk Name: g36FastPopSessionRequestNumber
Value: 1
.mediafire.com/ Name: ukey
Value: rq4xw98ne2ytkb4xinswzjz2m0qbymad
.mediafire.com/ Name: 0z1u
Value: 1
.mediafire.com/ Name: conv_tracking_data-2
Value: %7B%22mf_source%22%3A%22regular_download-61%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22linux%5C%2FChrome%22%2C%22mf_campaign%22%3A%220zs2l8yz40o0k2p%22%2C%22mf_term%22%3A%22b6a68600880814dcb4edb60d77f920c8%22%7D
.mediafire.com/ Name: __cf_bm
Value: L18uXB4ZuqlQlFQYDMUoPPGyTxU0VuJbwK2XvisqnHs-1733164358-1.0.1.1-AoXg15Yi0LBmhSY4AJtJtEg2SoVYIwHJolUuvSCT3QLr4jTWvy2RSLifIsLapOvPO4eOV_sQyc_53g6QChwNkw
otnolatrnup.com/ Name: IKSR
Value: {}
otnolatrnup.com/ Name: INF_DFL8
Value: false
otnolatrnup.com/ Name: IUID
Value: 1c5b1228-5dac-42c9-9ed9-37cd6ef95bbf
otnolatrnup.com/ Name: ISSH
Value: 77BD18
otnolatrnup.com/ Name: VMI
Value:
otnolatrnup.com/ Name: CHN
Value: #[]
otnolatrnup.com/ Name: MSSH
Value: #{}
otnolatrnup.com/ Name: MSRH
Value: #{}
otnolatrnup.com/ Name: ILP
Value: {"Profile":{"Audiences":{"Audience":[],"ThirdPartyAudience":[]}},"CreatedDate":"2024-12-02T18:32:39.276934Z"}
otnolatrnup.com/ Name: ILPLU
Value: #12/2/2024 6:32:39 PM
otnolatrnup.com/ Name: ILEALC
Value: #12/2/2024 6:32:39 PM
otnolatrnup.com/ Name: ILMPF
Value: #True
otnolatrnup.com/ Name: IPMPLU
Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/ Name: IPMUID
Value: #
otnolatrnup.com/ Name: BSWUID
Value: #
otnolatrnup.com/ Name: IBL
Value: #[]
otnolatrnup.com/ Name: IOPT
Value: #[]
otnolatrnup.com/ Name: ISH
Value: #{"101":[{"SId":"77BD18","D":"24/12/2T10:32:39"}]}
otnolatrnup.com/ Name: ISH_Q
Value: #[101]
.mediafire.com/ Name: cf_clearance
Value: QucTaatOJ5jgQchvLledYfWLPu2ErFenO3P9qZs7o4U-1733164359-1.2.1.1-doFQUG9Y3qAZWh8xlXF9S1pC9wxyVzKRTa_UnLimkeJC2mqQtKICz3dTJdrq8sxnpl4zn6KIlZtJwTS6FaGFwzvMPBJIWSmOHfyEiEGHQSZ0duZhijavCwe9FTvRN3tP.H8JR.p79CXCETW2gyPBl2WpAylVhM5rBg6oYJD4UuOUR0UIaB6fDGz.I6GFtUj0ycsTvpNBOzVWNd6_N9mb.Z01UJsAiEBV02YmuCyhDDzl2FaKuAyLbKE69NrcXBOqqaedj9W82N9fX.MsVfjYE3w_HZD_hGt1AO.ZhKvZb8YEcv8Ywhc7jWslcw9vvVeYl0PHaBOfgVH1fR3n1bK8lAIi223CE3vZQO.n3XAGfm4LFe9orDuy.V_fZEian73m
.mediafire.com/ Name: amp_28916b
Value: phF4xnRa5VDjcyr09t5SNb...1ie4aanr9.1ie4aanrb.0.1.1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.mediafire.com/ Name: _gid
Value: GA1.2.683674295.1733164360
.mediafire.com/ Name: _gat_gtag_UA_829541_1
Value: 1
.mediafire.com/ Name: _ga
Value: GA1.1.1793838904.1733164360
.mediafire.com/ Name: _ga_K68XP6D85D
Value: GS1.1.1733164359.1.0.1733164359.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
security warning URL: https://www.mediafire.com/file/0zs2l8yz40o0k2p/JoiPlay-1.20.032-patreon-release.apk/file?dkey=tw49fjtomoo&r=1661(Line 1170)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
analytics.google.com
api.amplitude.com
bcp.crwdcntrl.net
cdn.amplitude.com
cdn.otnolatrnup.com
otnolatrnup.com
privacy.gatekeeperconsent.com
sandbox.mediafire.com
static.cloudflareinsights.com
static.mediafire.com
stats.g.doubleclick.net
tags.crwdcntrl.net
td.doubleclick.net
the.gatekeeperconsent.com
www.google-analytics.com
www.googletagmanager.com
www.mediafire.com
tags.crwdcntrl.net
104.17.150.117
104.18.159.164
108.139.29.40
172.67.199.186
2606:4700::6810:5049
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::200e
34.214.109.82
54.157.250.213
98.83.224.108
182bf11a786ed9f3b8590415e512883a3a30966e9edff7f1405c7d59dc815ef0
1a0ec73a3ca7f354865d6b95401c50627fdf5a9b0da763a6f75fa818fd775b55
1d14776d90c5b24e09f404c503ce91741151c8596bc71057a93019b4331b90cd
1fdd0b259b84f4ec7478d7fadabf0514dc8952ae2cf24dfa9520cd6475b91a7d
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2e35c37f1f90a38d6e2975108d3ea71e43c00e40f8662114b3ff6373e2bdd04d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3d41b5eccb6d46de2253c6c225a6aef2009f266fc4180385b9d1ad17c19e7329
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79399054b44cdca9b15b0bc784b6acb4be9e94e60fcc8b0e68ee70f642253f08
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9158c8528781e14825532b2f4224a3097948d95e64732e72e652efd8b4d3146c
960d5f605bccaeeee5dae805eb0704d29de95f3456c049b382e6196c1324645a
a12b3ad97e043d2c31492f67b3f2cab11e2d98e7221a7cb579c2f80274005549
a606315d74ba6dc45c37f6a70e72dc300b5dec0a3c49c43dc24a99f72c6d8bf6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
cdc78cc8b2994712a041a2a4cb02f488afbab00981771bdd3a8036c2dddf540f
da1244fa877854255c15561559a0cd7ead0f1d935ef4302ff9a763c220d9f58c
dbc1caf876fc89c979c5bb28c31a7ad0112d155715169c9666b16b89e1863b5b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d8cfb618969b083e94d10a3487692e51784cd0b178ff46237da30394106906
f83876e69eace4c2ff640376cc97cb51bf6324228564822550af064f3a648069
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061