URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Submission Tags: falconsandbox
Submission: On May 08 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 52 HTTP transactions. The main IP is 104.16.53.48, located in and belongs to CLOUDFLARENET, US. The main domain is www.mediafire.com. The Cisco Umbrella rank of the primary domain is 38384.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 30th 2022. Valid for: a year.
This is the only time www.mediafire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
24 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1952
region1.analytics.google.com — Cisco Umbrella Rank: 4365
www.google.com — Cisco Umbrella Rank: 2
97 KB
13 mediafire.com
www.mediafire.com — Cisco Umbrella Rank: 38384
static.mediafire.com — Cisco Umbrella Rank: 63833
169 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
190 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6386
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 otnolatrnup.com
cdn.otnolatrnup.com — Cisco Umbrella Rank: 81649
otnolatrnup.com — Cisco Umbrella Rank: 73515
56 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2429
api.amplitude.com — Cisco Umbrella Rank: 1442
22 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
47 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 897
7 KB
52 10
Domain Requested by
22 fundingchoicesmessages.google.com www.mediafire.com
7 www.mediafire.com 1 redirects www.mediafire.com
static.cloudflareinsights.com
6 static.mediafire.com www.mediafire.com
3 www.googletagmanager.com www.mediafire.com
www.googletagmanager.com
2 www.google.de www.mediafire.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 pagead2.googlesyndication.com
1 www.google.com www.mediafire.com
1 region1.analytics.google.com www.googletagmanager.com
1 otnolatrnup.com cdn.otnolatrnup.com
1 static.cloudflareinsights.com www.mediafire.com
1 cdn.otnolatrnup.com www.mediafire.com
1 api.amplitude.com cdn.amplitude.com
1 cdn.amplitude.com www.mediafire.com
52 16

This site contains links to these domains. Also see Links.

Domain
download2439.mediafire.com
facebook.com
blog.mediafire.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.mediafire.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-30 -
2023-09-30
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01
2023-01-12 -
2024-02-11
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2023-01-23 -
2024-02-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
www.google.de
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Frame ID: 8105C9B0A1AE88D0AD04E38510CB30C1
Requests: 48 HTTP requests in this frame

Frame: https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: AF7B4CDF5FD6F0E653289195268177BA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: A1996E012933EFBE6F34C99B7AD169F3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

GTA San Adreas Full En Español

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

52
Requests

98 %
HTTPS

79 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

614 kB
Transfer

1839 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request file
www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/
249 KB
74 KB
Document
General
Full URL
https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf8c27d6b04ac5b7832a05da71fe39e192f66b766e157c8d488408657ffe842
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7c3e927398792c2f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 03:21:21 GMT
expires
0
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=
fundingchoicesmessages.google.com/f/
130 KB
45 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
993017d47622ace7211e4c628754316ad092681c23797c569bf2f4ab04706f32
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XHbaYMH7JaTMxYjZVfKiUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-XHbaYMH7JaTMxYjZVfKiUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a75122c5500e07bc17a48829ee79fecb4f539d1756bf1755a4d88a2407dfc370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45818
x-xss-protection
0
last-modified
Mon, 08 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 03:21:21 GMT
amplitude-8.5.0-min.gz.js
cdn.amplitude.com/libs/
68 KB
22 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 01:47:02 GMT
content-encoding
gzip
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-version-id
NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
x-amz-cf-pop
FRA56-P3
age
4498460
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22154
last-modified
Fri, 13 Aug 2021 22:37:42 GMT
server
AmazonS3
etag
"660c3b546f2a131de50b69b91f26c636"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
435985jpLWeskPvBJU_FAx_TJ8eY3IHGub71hnkD0C8M4C1Eaquehw==
gtm.js
www.googletagmanager.com/
229 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40f5642624ecfe99958bb2924ef8fbe3e8a0f6378cc11442da8e9d0f13c2913c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74650
x-xss-protection
0
last-modified
Mon, 08 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 May 2023 03:21:21 GMT
mf_logo_u1_reversed.svg
static.mediafire.com/images/backgrounds/header/
4 KB
2 KB
Image
General
Full URL
https://static.mediafire.com/images/backgrounds/header/mf_logo_u1_reversed.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79399054b44cdca9b15b0bc784b6acb4be9e94e60fcc8b0e68ee70f642253f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
age
66
etag
W/"62deda56-115c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
7c3e9275598b2c2f-FRA
file-zip-v3.png
static.mediafire.com/images/filetype/
2 KB
2 KB
Image
General
Full URL
https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
age
12328
etag
"62deda56-750"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3e927559882c2f-FRA
content-length
1872
expires
Tue, 06 Jun 2023 23:04:48 GMT
icons_sprite.svg
www.mediafire.com/images/icons/svg_dark/
36 KB
8 KB
Image
General
Full URL
https://www.mediafire.com/images/icons/svg_dark/icons_sprite.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdd0b259b84f4ec7478d7fadabf0514dc8952ae2cf24dfa9520cd6475b91a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
etag
W/"62deda56-90ab"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
7c3e9275497a2c2f-FRA
winzip_circles.svg
static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/
33 KB
13 KB
Image
General
Full URL
https://static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/winzip_circles.svg
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c83ba58e76c32b540663b8e8197eb77b7bd1ec762d606e10ef2fb32debbdf50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
etag
W/"62deda56-8212"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
7c3e9275698e2c2f-FRA
winzip_logo_white.png
static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/
13 KB
13 KB
Image
General
Full URL
https://static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/winzip_logo_white.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e44c0cbb89fd6bec761a3d6c6f3190e5c256e2f9ae258acc776eba2169e771f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
etag
"62deda56-3269"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3e927569902c2f-FRA
content-length
12905
expires
Wed, 07 Jun 2023 01:11:00 GMT
winzip_box.png
static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/
39 KB
39 KB
Image
General
Full URL
https://static.mediafire.com/images/backgrounds/download/affiliate_fullpage/winzip/winzip_box.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0dd994b93eba69c4d991ed185d7a66d636282304cd888b6777f8f849d74546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
etag
"62deda56-9d0d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3e927569922c2f-FRA
content-length
40205
expires
Wed, 07 Jun 2023 00:58:56 GMT
footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/
583 B
686 B
Image
General
Full URL
https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
cf-cache-status
HIT
last-modified
Mon, 25 Jul 2022 18:00:54 GMT
server
cloudflare
age
12825
etag
"62deda56-247"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3e927569932c2f-FRA
content-length
583
expires
Tue, 06 Jun 2023 23:04:41 GMT
/
api.amplitude.com/
7 B
206 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.20.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-20-40.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 May 2023 03:21:22 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-64586ab2-6badf7ef65018e767d861974
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
infinity.js.aspx
cdn.otnolatrnup.com/Scripts/
181 KB
54 KB
Script
General
Full URL
https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742f37b9d04629f3bbf97b676e9ca2040f5bf96782c5f4ea75dbefd674115c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 May 2023 03:16:26 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
cloudflare
age
94
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/x-javascript; charset=utf-8
cache-control
public, no-transform, max-age=900
cf-ray
7c3e927639701907-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://www.mediafire.com/
Origin
https://www.mediafire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7c3e927629911cad-FRA
Tag.engine
otnolatrnup.com/
2 KB
2 KB
Script
General
Full URL
https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=75171&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Ffu8z6d3t7hn7h0h%2FGTA_San_Adreas_Full_En_Espa%2525C3%2525B1ol.rar%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by
Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627bcd0159b9a4de1d9970b205b23549c744c34c3e9aa5c2684ddc9804fcb9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
private, no-transform
cf-ray
7c3e9276b9b81907-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame AF7B
Redirect Chain
  • https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
25 KB
13 KB
Script
General
Full URL
https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15bcb6307a939955d2c8c81fb6c9178ee831c09a3eb8761f6deb0288666a68bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c3e9276fa9a2c2f-FRA

Redirect headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
cache-control
max-age=300, public
cf-ray
7c3e9276ca7c2c2f-FRA
AGSKWxUsxgBmDn1UOxx6QO7jYXg8mVk8ZNVsbpWBYo3H-BZV6WML8dhYBLfrQwoUlrAZptIeJNhMe3ynKp2asXIm87U=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsxgBmDn1UOxx6QO7jYXg8mVk8ZNVsbpWBYo3H-BZV6WML8dhYBLfrQwoUlrAZptIeJNhMe3ynKp2asXIm87U=?pvid=33B2A7B2-5573-4E12-9003-325BA94A7D51
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0qgknCJ2iz34gtHXN3SKCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-0qgknCJ2iz34gtHXN3SKCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUI4ktZzU_mdf5MATxvE5lPgtcJEEQtDN8Ne5uyBdToOk39_yVBVtEt9-bIOiRb9O1WK4uXXD-xLcgHUIghYA4=
fundingchoicesmessages.google.com/f/
273 KB
43 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUI4ktZzU_mdf5MATxvE5lPgtcJEEQtDN8Ne5uyBdToOk39_yVBVtEt9-bIOiRb9O1WK4uXXD-xLcgHUIghYA4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgzNTE2MDgxLDc0OTAwMDAwMF0sIjMzQjJBN0IyLTU1NzMtNEUxMi05MDAzLTMyNUJBOTRBN0Q1MSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9mdTh6NmQzdDdobjdoMGgvR1RBX1Nhbl9BZHJlYXNfRnVsbF9Fbl9Fc3BhJTI1QzMlMjVCMW9sLnJhci9maWxlIixudWxsLFtbOCwiLTQwTXoxOFIwaFkiXSxbOSwiZGUiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ecb91c2e8adc37ffcc434f22ade1401c6724f51923794ba86bdddec3c629047
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sng3u2HYqbXls2xmH_Pxnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-Sng3u2HYqbXls2xmH_Pxnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 03:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
981
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 08 May 2023 05:05:00 GMT
js
www.googletagmanager.com/gtag/
199 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7c29da1fb96960d0bb9ad849f235bfaba1c10bf49769383c9b42c0340cf25b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 03:21:21 GMT
pica.js
www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame AF7B
5 KB
3 KB
Other
General
Full URL
https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018d2d9b77b49b65005a28e16835d83039f0ab41913a3ea3f2d162ec699a6b40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c3e92774ac12c2f-FRA
collect
region1.analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3530&_p=1888768341&_gaz=1&cid=265766982.1683516082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683516081&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Ffu8z6d3t7hn7h0h%2FGTA_San_Adreas_Full_En_Espa%2525C3%2525B1ol.rar%2Ffile&dt=GTA%20San%20Adreas%20Full%20En%20Espa%C3%B1ol&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Ffu8z6d
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K68XP6D85D&cid=265766982.1683516082&gtm=45je3530&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K68XP6D85D&cid=265766982.1683516082&gtm=45je3530&aip=1&z=1971469589
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==?pvid=33B2A7B2-5573-4E12-9003-325BA94A7D51
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cgccVviO0oTIE5Vl8RFvPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cgccVviO0oTIE5Vl8RFvPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==?pvid=33B2A7B2-5573-4E12-9003-325BA94A7D51
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Yxg6c7YvY-XmPVrYnbuCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-Yxg6c7YvY-XmPVrYnbuCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVkdNOvMbILXI4rToft2K0nzVOllBd1wK1lrG45r4pfIV8hmcKNeuxEN3HGnOnQaDydcJifL3q4Sn5UANLO9tw7Al62trFxSpM3gBlntsmE612yU96HysSjqHyvrw7RYVo4bvdKPA==?pvid=33B2A7B2-5573-4E12-9003-325BA94A7D51
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-od_cRs2rDLP1_EA84d6lkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-od_cRs2rDLP1_EA84d6lkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUAHsVrUEpNjAXx0M2FTMHZVGoVzMotIeQAOyo4OyH_ovcHpJ37crYaJxplXrBEWAUT05PSEIN9AnmzDMm6r1Wuja9dreByA4vMb8582zkcsNQk1fmmdV8gIP8PSr5IfpY2xgSdsw==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUAHsVrUEpNjAXx0M2FTMHZVGoVzMotIeQAOyo4OyH_ovcHpJ37crYaJxplXrBEWAUT05PSEIN9AnmzDMm6r1Wuja9dreByA4vMb8582zkcsNQk1fmmdV8gIP8PSr5IfpY2xgSdsw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgzNTE2MDgxLDk0MjAwMDAwMF0sIjMzQjJBN0IyLTU1NzMtNEUxMi05MDAzLTMyNUJBOTRBN0Q1MSIsbnVsbCxudWxsLFtudWxsLFs3LDhdLG51bGwsMixudWxsLCJlbiJdLCJodHRwczovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvZnU4ejZkM3Q3aG43aDBoL0dUQV9TYW5fQWRyZWFzX0Z1bGxfRW5fRXNwYSUyNUMzJTI1QjFvbC5yYXIvZmlsZSIsbnVsbCxbWzgsIi00ME16MThSMGhZIl0sWzksImRlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
418a6b499f0cd92aa92480836b423fc6bd375a561dfb55e11ff7a975ed5aac1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EZNmBmB1fVKSL2LFFpQIDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-EZNmBmB1fVKSL2LFFpQIDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
7c3e927398792c2f
www.mediafire.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame AF7B
2 B
373 B
XHR
General
Full URL
https://www.mediafire.com/cdn-cgi/challenge-platform/h/g/cv/result/7c3e927398792c2f
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7c3e92796c202c2f-FRA
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/
2 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1888768341&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Ffu8z6d3t7hn7h0h%2FGTA_San_Adreas_Full_En_Espa%2525C3%2525B1ol.rar%2Ffile&ul=en-us&de=UTF-8&dt=GTA%20San%20Adreas%20Full%20En%20Espa%C3%B1ol&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1233444130&gjid=562272395&cid=265766982.1683516082&tid=UA-829541-1&_gid=659697610.1683516082&_r=1&gtm=457e3530&cd1=unregistered&cd7=legacy&cd3=archive&cd4=27&cd5=rar&cd8=%2F100%2F&jsscut=1&z=1819853535
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ep4k9JO_r_B_CrA730oIGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ep4k9JO_r_B_CrA730oIGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dew_jRLFBZbcVjcYVGI06A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dew_jRLFBZbcVjcYVGI06A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-829541-1&cid=265766982.1683516082&jid=1233444130&gjid=562272395&_gid=659697610.1683516082&_u=YADAAUAAAAAAACAAI~&z=139071937
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediafire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-829541-1&cid=265766982.1683516082&jid=1233444130&_u=YADAAUAAAAAAACAAI~&z=257422669
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-829541-1&cid=265766982.1683516082&jid=1233444130&_u=YADAAUAAAAAAACAAI~&z=257422669
Requested by
Host: www.mediafire.com
URL: https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
www.mediafire.com/cdn-cgi/
0
160 B
XHR
General
Full URL
https://www.mediafire.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar/file
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type
application/json

Response headers

date
Mon, 08 May 2023 03:21:22 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.mediafire.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c3e927aed0f2c2f-FRA
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.7814593590289425
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-2xD2frlMcu3bowHQJRsK3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-2xD2frlMcu3bowHQJRsK3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.1800379075532752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XmfFAm-7_InREQJ--kc-ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-XmfFAm-7_InREQJ--kc-ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aEnXYe3ILN1K1gc6dzTWnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aEnXYe3ILN1K1gc6dzTWnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
vericaladtitle.
fundingchoicesmessages.google.com/f/AGSKWxWDNbzVfYavxcgoY6gpG2NOn-nFuss9o-5nWxhMa4JCFXYm2ExHBhdFUov7ZBTamZM8hYvjSwrrwHj0iuSxzcRNHN6mYuuAgNXRWlpNUEeGIBYQmwZsRVV9rom9Dyh6QdtbS_GvxkJuG8oBM19l7BFbOq_Dw...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWDNbzVfYavxcgoY6gpG2NOn-nFuss9o-5nWxhMa4JCFXYm2ExHBhdFUov7ZBTamZM8hYvjSwrrwHj0iuSxzcRNHN6mYuuAgNXRWlpNUEeGIBYQmwZsRVV9rom9Dyh6QdtbS_GvxkJuG8oBM19l7BFbOq_Dw3BygDlggCpqJRN-bQz6576Bms6QjQIL/_Beitrag/))/ad-stub-/ads468..lazyad-/vericaladtitle.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_wall_executable/ed=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fb664ca812491192bce4610480e0b4829ab2c40ae81c94af9de3862b29f0d1c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QFh_1VNjUQwUpeWzk2oLmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QFh_1VNjUQwUpeWzk2oLmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
136 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_wall_executable/ed=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30c7c5c6f8955404d02fb3ada313dc47c97e401a482b148957a44e4b883cb7fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47288
x-xss-protection
0
server
cafe
etag
17097931730903085157
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 May 2023 03:21:23 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--XfglJs4w4YtaTsOwonEfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
script-src 'report-sample' 'nonce--XfglJs4w4YtaTsOwonEfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f8XlhTSaWdk8i9a2qUViog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f8XlhTSaWdk8i9a2qUViog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame A199
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37611
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 16:54:33 GMT
etag
15057649708203361565
expires
Sun, 21 May 2023 16:54:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wcK2f_0khCaNCqPn9A-kDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wcK2f_0khCaNCqPn9A-kDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUOhHjd0mPmNle31xo5u_DEPxmguJIxbcbnEXruh1qkCxxi6mX3oTY0qp074Kdg1EBbG7hqrqJVCPHnNmOz5UJhjixOLVxLIMmmqtFgzQr2YMzAdAE3T6PXX_1yelxeTKY3CNwDrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XdFGu1HuhBe9WrJrmFDobQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XdFGu1HuhBe9WrJrmFDobQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.mediafire.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWlDiwYx6SLDsx4Al7EMevPazAePvPUJF97fa2NHwVuoLF42Zjcp9fQzeRvYFD1b7oAkTvgxBvIFxAVcGt2EXbBthpeydAy37Gu17S_-tsndjSW0fkj3ZZmoTRvqnikqDDafy7SCw==
fundingchoicesmessages.google.com/f/
4 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWlDiwYx6SLDsx4Al7EMevPazAePvPUJF97fa2NHwVuoLF42Zjcp9fQzeRvYFD1b7oAkTvgxBvIFxAVcGt2EXbBthpeydAy37Gu17S_-tsndjSW0fkj3ZZmoTRvqnikqDDafy7SCw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgzNTE2MDg0LDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOCw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2Z1OHo2ZDN0N2huN2gwaC9HVEFfU2FuX0FkcmVhc19GdWxsX0VuX0VzcGElMjVDMyUyNUIxb2wucmFyL2ZpbGUiLG51bGwsW1s4LCItNDBNejE4UjBoWSJdLFs5LCJkZSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa4e9ad725b4fc066acc16ab98be519b55d4568e6dc2e4b46dbe7450613f7b3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nXkGGHM1IVJFoayKWAEJtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mediafire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-nXkGGHM1IVJFoayKWAEJtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XHcDMTuXJylqk5ZoyOcUkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XHcDMTuXJylqk5ZoyOcUkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rNtDsDJ6j38-2PPGk4oosw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rNtDsDJ6j38-2PPGk4oosw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW0bjFQhcQ5FTn00gyq-rKFgmDMe_xD-fUBoWGi20nxfWSIp22vy19TjEtZ3j6wRvwQ5jQnVfmCVVjzDHlfN5Fq88XJ5TSrhEoAoTZvnsf7miYdUC1B9p1suP6J5AULvZ-RK8LfhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UK5e-47ggxXYAKZFwpJ3xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UK5e-47ggxXYAKZFwpJ3xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsxgBmDn1UOxx6QO7jYXg8mVk8ZNVsbpWBYo3H-BZV6WML8dhYBLfrQwoUlrAZptIeJNhMe3ynKp2asXIm87U=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsxgBmDn1UOxx6QO7jYXg8mVk8ZNVsbpWBYo3H-BZV6WML8dhYBLfrQwoUlrAZptIeJNhMe3ynKp2asXIm87U=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.-40Mz18R0hY.es5.O/d=1/rs=AJlcJMwCCkG6xO4CdoFOUP8g7Vz_sdTRiA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r0OItG1wtmV83S-gjfzD6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mediafire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 08 May 2023 03:21:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r0OItG1wtmV83S-gjfzD6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediafire.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless boolean| displayAds function| __d3lUW8vwsKlB__ object| googlefc function| gtag object| dataLayer object| amp object| amplitude function| initDownload object| sticky object| __AMPLITUDE__ function| isInRect function| getDownloadUrl boolean| InfShowNewAds object| allowed undefined| current boolean| isAllowed object| el function| rAb function| InfCustomFPSTAMobileFunc function| InfCustomSTAMobileFunc function| InfCustomFPSTAFunc function| InfCustomerCallback function| InfPreFastPopAttachCallback function| InfSkipBindDocumentClick function| InfMediafireMobileFunc function| acceptCookieFooter function| reloadPage function| noop function| ClearStatusMessages function| setCookieSeconds function| Re function| aU function| setCookie function| getCookie function| loadHotjar function| registerGoogleLang function| closeStatusMessage function| showStatusMessage function| downloadOptIn function| showTDOptInDialog function| closeMobileTD function| trackTurboDownload function| showDesktopDownloadArrow function| hideDesktopDownloadArrow function| onLegacyCopyLink function| openShareDialog function| saveToMyfiles function| copyShareLink function| startLazyLoad object| g367CB268B1094004A3689751E7AC568F undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature function| UAParser object| __cfBeacon object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef object| MmU5YmQ0NTEzNWY5MDRiYWxvYWRlcl9qcw== string| MmU5YmQ0NTEzNWY5MDRiYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData boolean| 83d80915-b2f8-47f1-9da5-37a42c8f9568 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint

30 Cookies

Domain/Path Name / Value
www.mediafire.com/file/fu8z6d3t7hn7h0h/GTA_San_Adreas_Full_En_Espa%25C3%25B1ol.rar Name: g36FastPopSessionRequestNumber
Value: 1
.mediafire.com/ Name: ukey
Value: hr98zr1aokxx3cbdovxlg4i1vy4p1trr
.mediafire.com/ Name: fuk7
Value: 1
.mediafire.com/ Name: ad_count
Value: 1
.mediafire.com/ Name: conv_tracking_data-2
Value: %7B%22mf_source%22%3A%22regular_download-27%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FChrome%22%2C%22mf_campaign%22%3A%22fu8z6d3t7hn7h0h%22%2C%22mf_term%22%3A%22a088edcfcceba3acf0666ebc7cef0eea%22%7D
.mediafire.com/ Name: amp_28916b
Value: l7ukinAaBHSXyB0u5jfr9h...1gvsm1hcg.1gvsm1hch.0.1.1
.mediafire.com/ Name: _ga_K68XP6D85D
Value: GS1.1.1683516081.1.0.1683516081.60.0.0
otnolatrnup.com/ Name: IKSR
Value: {}
otnolatrnup.com/ Name: INF_DFL8
Value: false
otnolatrnup.com/ Name: IUID
Value: 4d0e3c1c-0775-4804-9e53-74cd4b6ffd87
otnolatrnup.com/ Name: ISSH
Value: 6B1D05
otnolatrnup.com/ Name: VMI
Value:
otnolatrnup.com/ Name: CHN
Value: #[]
otnolatrnup.com/ Name: MSSH
Value: #{}
otnolatrnup.com/ Name: MSRH
Value: #{}
otnolatrnup.com/ Name: ILP
Value: null
otnolatrnup.com/ Name: ILPLU
Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/ Name: ILEALC
Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/ Name: ILMPF
Value: #False
otnolatrnup.com/ Name: IPMPLU
Value: #
otnolatrnup.com/ Name: IPMUID
Value: #
otnolatrnup.com/ Name: BSWUID
Value: #
otnolatrnup.com/ Name: IBL
Value: #[]
otnolatrnup.com/ Name: ISH
Value: #{"101":[{"SId":"6B1D05","D":"23/5/7T20:21:21"}]}
otnolatrnup.com/ Name: ISH_Q
Value: #[101]
.mediafire.com/ Name: _ga
Value: GA1.2.265766982.1683516082
.mediafire.com/ Name: _gid
Value: GA1.2.659697610.1683516082
.mediafire.com/ Name: _gat_gtag_UA_829541_1
Value: 1
.mediafire.com/ Name: __cf_bm
Value: RZ5nFc57MwlvkucYG4dkWci83ZZHUN.BSMMqbHO.fck-1683516082-0-AYMB3Ck0D587envEga+IAowuamebIVEyI6Ww1GZahhtdd/p4acSDjQAGKGcaeV62Zu9m0+O4NYSPFZ8GbxB+ugyBCOZBGb9Vj0DH2csn3HLc5s4bpdhMX/NisyTnWE7whN8sxREpRu+wJeIubpyDUQY=
.mediafire.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8xRxZFSU4tUYoZNrJC3EFuyO888SfqQN5uy_lrz6NNiEKm0q34SEyQsBRtljOLIvVgNA4orwUljGGP8nN99l6ObhNSODHaidnSnjGYkP-CKnDHNudG-o-J7No2S0m2OU8NlRzW-A9lDHFQ6g72Li0k5kkkYw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
cdn.amplitude.com
cdn.otnolatrnup.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
otnolatrnup.com
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
static.mediafire.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mediafire.com
104.16.53.48
2001:4860:4802:32::36
2606:4700::6810:3965
2606:4700::6813:d725
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
52.222.206.118
52.26.20.40
018d2d9b77b49b65005a28e16835d83039f0ab41913a3ea3f2d162ec699a6b40
0ecb91c2e8adc37ffcc434f22ade1401c6724f51923794ba86bdddec3c629047
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15bcb6307a939955d2c8c81fb6c9178ee831c09a3eb8761f6deb0288666a68bc
1fdd0b259b84f4ec7478d7fadabf0514dc8952ae2cf24dfa9520cd6475b91a7d
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e44c0cbb89fd6bec761a3d6c6f3190e5c256e2f9ae258acc776eba2169e771f
30c7c5c6f8955404d02fb3ada313dc47c97e401a482b148957a44e4b883cb7fe
40f5642624ecfe99958bb2924ef8fbe3e8a0f6378cc11442da8e9d0f13c2913c
418a6b499f0cd92aa92480836b423fc6bd375a561dfb55e11ff7a975ed5aac1a
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
5fb664ca812491192bce4610480e0b4829ab2c40ae81c94af9de3862b29f0d1c
627bcd0159b9a4de1d9970b205b23549c744c34c3e9aa5c2684ddc9804fcb9d2
742f37b9d04629f3bbf97b676e9ca2040f5bf96782c5f4ea75dbefd674115c9a
79399054b44cdca9b15b0bc784b6acb4be9e94e60fcc8b0e68ee70f642253f08
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f0dd994b93eba69c4d991ed185d7a66d636282304cd888b6777f8f849d74546
993017d47622ace7211e4c628754316ad092681c23797c569bf2f4ab04706f32
9c83ba58e76c32b540663b8e8197eb77b7bd1ec762d606e10ef2fb32debbdf50
a75122c5500e07bc17a48829ee79fecb4f539d1756bf1755a4d88a2407dfc370
aa4e9ad725b4fc066acc16ab98be519b55d4568e6dc2e4b46dbe7450613f7b3f
acf8c27d6b04ac5b7832a05da71fe39e192f66b766e157c8d488408657ffe842
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c29da1fb96960d0bb9ad849f235bfaba1c10bf49769383c9b42c0340cf25b8
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061