www.mediafire.com Open in urlscan Pro
104.16.202.237  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bit.ly/3jYodFR HTTP 301
   https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

• https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 HTTP 302
• https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1

Request Chain 83

• https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Y31BfucI1Mh6MD5

Request Chain 84

• https://x.bidswitch.net/sync?ssp=openx HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
• https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=071ee64c-4a2d-42c9-92ff-186d2d4368ee&ssp=openx HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072968&val=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0

Request Chain 85

• https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1961153555994826710

Request Chain 86

• https://match.prod.bidr.io/cookie-sync/ox HTTP 303
• https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCX2FFN0NQNTRBQUJxZG0wME4tZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
• https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_aE7CP54AABqdm00N-g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
• https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB_aE7CP54AABqdm00N-g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_aE7CP54AABqdm00N-g&pid=558502&do=add HTTP 303
• https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_aE7CP54AABqdm00N-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 87

• https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=536872786&val=245c611f-cf37-4800-90a8-e38afe578ca2

Request Chain 88

• https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mB5Xoc1JVfCDTlGlzUlLos1MAPODSwT0nxYQpgnn

Request Chain 89

• https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1942685120198677893

Request Chain 91

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz&google_tc=

Request Chain 92

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnlTPVnEfhUwYBL0gQG46U&google_cver=1

Request Chain 96

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7249378151576977261

Request Chain 98

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zQbYwRibSQ6hXB0p682Qiw%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 99

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=245c611f-cf37-4800-90a8-e38afe578ca2

Request Chain 100

• https://pixel.onaudience.com/?partner=214&mapped=CD06D8C1-189B-490E-A15C-1D29EBCD908B HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=586ef582-8095-443d-9dae-236e1653a842&icm HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=71ef925f166bc138fd9052f65180eae5 HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=88cc7d3ccfdae39f HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd416ce44a6&zcluid=88cc7d3ccfdae39f&zdid=1332 HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESEAKnXWpoQy9o_hI0Onl2RxE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd416ce44a6&zcluid=88cc7d3ccfdae39f&zdid=1332

Request Chain 101

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0QwNkQ4QzEtMTg5Qi00OTBFLUExNUMtMUQyOUVCQ0Q5MDhC&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 102

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAzdwQQsUB1QXsPVXyHowNE&google_cver=1

Request Chain 104

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1942685120198677893

Request Chain 105

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:245c611f-cf37-4800-90a8-e38afe578ca2&gdpr=0&gdpr_consent=

Request Chain 106

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=586ef582-8095-443d-9dae-236e1653a842

Request Chain 107

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1961153555994826710&gdpr=0&gdpr_consent=

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request file Show response www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/ Redirect Chain https://bit.ly/3jYodFR https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file	311 KB 84 KB	480ms 419ms	Document text/html	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8631ccc954cc39ae7140361ac5c7c214fbf8d46a18ea8bfd2232217fd3de5680 Security Headers Name Value Strict-Transport-Security max-age=0 X-Frame-Options SAMEORIGIN Request headers :method GET :authority www.mediafire.com :scheme https :path /file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie ukey=acrec3xh6vfcj25dx4cp1lggzqcm6dud; expires=Tue, 20-Aug-2041 15:50:11 GMT; Max-Age=631152000; path=/; domain=.mediafire.com; HttpOnly conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%22bsgpic6m8fisp1d%22%2C%22mf_term%22%3A%22db48e47589bc2fe617dcc8faf0959270%22%7D; expires=Sun, 19-Sep-2021 15:50:11 GMT; Max-Age=2592000; path=/; domain=.mediafire.com __cf_bm=7db1b5af67e71f0597a626a5a8af94af60f67cd6-1629474611-1800-ATpsRUhiW07zaraPzg3Mm4ediJIOjVx771UKKUyzV+MLujsJ5IQ2owuhCgCrG7Yz9ZkYXDvpqANns5UNeu2eg2E=; path=/; expires=Fri, 20-Aug-21 16:20:11 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None strict-transport-security max-age=0 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0 pragma no-cache expires 0 x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 681cc6a1ce2fcaf8-ARN content-encoding gzip Redirect headers server nginx date Fri, 20 Aug 2021 15:50:11 GMT content-type text/html; charset=utf-8 content-length 158 cache-control private, max-age=90 content-security-policy referrer always; location https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file referrer-policy unsafe-url set-cookie _bit=l7kfOb-a8ffbd0bdef4f30b4a-00p; Domain=bit.ly; Expires=Wed, 16 Feb 2022 15:50:11 GMT via 1.1 google alt-svc clear
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 40 KB	14ms 14ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-829541-1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5590d1eb087ec4cb250ef74260d49832882306c822b4728dc92b7985612a504c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41024 x-xss-protection 0 last-modified Fri, 20 Aug 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 Aug 2021 15:50:11 GMT
GET H2	200	AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= Show response fundingchoicesmessages.google.com/f/	95 KB 36 KB	55ms 35ms	Script application/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 91d24c34c4191efb43bab18a139b59a39f554b28bef819c18d8ce993ef6e4287 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4vGMhJVTm6Kkvm8ER6X9gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4vGMhJVTm6Kkvm8ER6X9gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-4vGMhJVTm6Kkvm8ER6X9gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4vGMhJVTm6Kkvm8ER6X9gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	72 KB 25 KB	187ms 69ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 5b5897650384ddb655de9c1ee233545ad364f6595f606f848f9c6d7973eb917e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "964 / 6 of 1000 / last-modified: 1629457814" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25305 x-xss-protection 0 expires Fri, 20 Aug 2021 15:50:12 GMT
GET H2	200	prebid5.6.0.js Show response www.mediafire.com/js/	201 KB 63 KB	209ms 208ms	Script application/x-javascript	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/js/prebid5.6.0.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da5606bba32a5da1d2a3d024dbd223280f4dcbbac934fcb5a91161a85501f867 Request headers :path /js/prebid5.6.0.js pragma no-cache cookie ukey=acrec3xh6vfcj25dx4cp1lggzqcm6dud; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%22bsgpic6m8fisp1d%22%2C%22mf_term%22%3A%22db48e47589bc2fe617dcc8faf0959270%22%7D; __cf_bm=7db1b5af67e71f0597a626a5a8af94af60f67cd6-1629474611-1800-ATpsRUhiW07zaraPzg3Mm4ediJIOjVx771UKKUyzV+MLujsJ5IQ2owuhCgCrG7Yz9ZkYXDvpqANns5UNeu2eg2E= accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.mediafire.com referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file :scheme https sec-fetch-site same-origin :method GET Referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 28 Jul 2021 20:00:20 GMT server cloudflare etag W/"6101b754-324ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type application/x-javascript access-control-allow-origin * cache-control max-age=2592000 nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a4caf4caf8-ARN expires Sun, 19 Sep 2021 15:50:12 GMT
GET H2	200	aax.js Show response c.aaxads.com/	411 KB 113 KB	222ms 108ms	Script text/javascript	104.111.239.153 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-153.deploy.static.akamaitechnologies.com Software Apache / Resource Hash eba31f3f0f920f277df74387b505a6c881721a11d0001f5291d28f77ec9124d0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip server Apache date Fri, 20 Aug 2021 15:50:12 GMT vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 cache-control max-age=1800 expires Fri, 20 Aug 2021 16:20:12 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	160 KB 56 KB	17ms 16ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 50e2a9b86e8deedb4bc61e606b8ca2bea013b3e8b0dac8ef7ce4d5260f647953 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57304 x-xss-protection 0 last-modified Fri, 20 Aug 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 Aug 2021 15:50:11 GMT
GET H2	200	mf_logo_full_color.svg static.mediafire.com/images/backgrounds/header/	3 KB 2 KB	59ms 51ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 28 Oct 2016 22:22:42 GMT server cloudflare age 4735 etag W/"5813cfb2-d1d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a4db14caf8-ARN
GET H2	200	file-zip-v3.png static.mediafire.com/images/filetype/	2 KB 2 KB	58ms 50ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/filetype/file-zip-v3.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:11 GMT cf-cache-status HIT last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare age 690549 etag "56e35350-750" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 681cc6a4db17caf8-ARN content-length 1872 expires Sat, 11 Sep 2021 16:01:02 GMT
GET H2	200	icons_sprite.svg www.mediafire.com/images/icons/svg_light/	36 KB 8 KB	179ms 178ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 315f5f67f80b413592a970d2d7a3875294be6039956c2edfa0aa9d3095fa6f2d Request headers :path /images/icons/svg_light/icons_sprite.svg pragma no-cache cookie ukey=acrec3xh6vfcj25dx4cp1lggzqcm6dud; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%22bsgpic6m8fisp1d%22%2C%22mf_term%22%3A%22db48e47589bc2fe617dcc8faf0959270%22%7D; __cf_bm=7db1b5af67e71f0597a626a5a8af94af60f67cd6-1629474611-1800-ATpsRUhiW07zaraPzg3Mm4ediJIOjVx771UKKUyzV+MLujsJ5IQ2owuhCgCrG7Yz9ZkYXDvpqANns5UNeu2eg2E= accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.mediafire.com referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file :scheme https sec-fetch-site same-origin :method GET Referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare etag W/"5b4e51d6-8f48" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * cf-ray 681cc6a4cafbcaf8-ARN
GET H2	200	element.js Show response translate.google.com/translate_a/	10 KB 4 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googFooterTranslate Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 7f0a0db543681b121e776bb3d10c0f86b0336b7db25e5cb7203ec98097a35363 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:11 GMT content-encoding gzip x-content-type-options nosniff server HTTP server (unknown) content-language en p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3851 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dl_promo_logo.png static.mediafire.com/images/backgrounds/download/	2 KB 2 KB	46ms 45ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/dl_promo_logo.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 174d0ce23ddaa3923575af7a8e047e1dbf75199ebee7df1aca5e5713c4a1dd62 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 690557 content-length 2240 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-8c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 681cc6a4fb53caf8-ARN expires Sat, 11 Sep 2021 16:00:55 GMT
GET H2	200	apps_list_sprite-v5.png static.mediafire.com/images/backgrounds/download/	7 KB 7 KB	49ms 48ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/apps_list_sprite-v5.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 098d62db427ed5bfd96fa89ef3df63995714478cdcf05ab884ec5d0793fd0106 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 690548 content-length 7188 last-modified Wed, 07 Jul 2021 22:05:09 GMT server cloudflare etag "60e62515-1c14" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 681cc6a4fb54caf8-ARN expires Sat, 11 Sep 2021 16:01:04 GMT
GET H2	200	arrow_dropdown.svg www.mediafire.com/images/icons/svg_dark/	315 B 346 B	197ms 196ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26 Request headers :path /images/icons/svg_dark/arrow_dropdown.svg pragma no-cache cookie ukey=acrec3xh6vfcj25dx4cp1lggzqcm6dud; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%22bsgpic6m8fisp1d%22%2C%22mf_term%22%3A%22db48e47589bc2fe617dcc8faf0959270%22%7D; __cf_bm=7db1b5af67e71f0597a626a5a8af94af60f67cd6-1629474611-1800-ATpsRUhiW07zaraPzg3Mm4ediJIOjVx771UKKUyzV+MLujsJ5IQ2owuhCgCrG7Yz9ZkYXDvpqANns5UNeu2eg2E= accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.mediafire.com referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file :scheme https sec-fetch-site same-origin :method GET Referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 18 Dec 2018 18:09:53 GMT server cloudflare etag W/"5c1937f1-13b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * cf-ray 681cc6a4fb57caf8-ARN
GET H2	200	check_circle_green.svg static.mediafire.com/images/icons/svg_dark/	444 B 412 B	136ms 135ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/icons/svg_dark/check_circle_green.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 3752 etag W/"5b4e51d6-1bc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a4fb58caf8-ARN
GET H2	200	fb_16x16.png static.mediafire.com/images/backgrounds/download/social/	181 B 258 B	46ms 46ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/social/fb_16x16.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 720671166ac43aba99e3952b0b9341ab4e0fee1fd891db54e2a07f05db653142 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 690557 content-length 181 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-b5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 681cc6a4fb69caf8-ARN expires Sat, 11 Sep 2021 16:00:55 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	64ms 48ms	Script text/javascript	2606:4700::6810:5f41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip last-modified Wed, 18 Aug 2021 21:41:27 GMT server cloudflare etag W/2021.5.3 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 681cc6a518044ece-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 818 date Fri, 20 Aug 2021 15:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Fri, 20 Aug 2021 17:36:34 GMT
GET H2	200	infinity.js.aspx Show response cdn.otnolatrnup.com/Scripts/	192 KB 66 KB	48ms 18ms	Script application/x-javascript	2606:4700::6813:d725 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 09c3b9525d92b3d7372f6a683d52a167f74210830d26cc8e4b761db4c3457081 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status HIT alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 server cloudflare age 275 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="CAO PSA OUR IND" access-control-allow-origin * cache-control public, no-transform, max-age=900 cf-ray 681cc6a56a1dd6fd-FRA content-type application/x-javascript; charset=utf-8
GET H2	200	footerIcons.png static.mediafire.com/images/backgrounds/footer/social/	583 B 691 B	52ms 51ms	Image image/png	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT cf-cache-status HIT nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} age 690555 content-length 583 last-modified Fri, 11 Mar 2016 23:22:56 GMT server cloudflare etag "56e35350-247" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 681cc6a54be7caf8-ARN expires Sat, 11 Sep 2021 16:00:57 GMT
GET H2	200	translateelement.css translate.googleapis.com/translate_static/css/	18 KB 3 KB	6ms 6ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/css/translateelement.css Requested by Host: translate.google.com URL: https://translate.google.com/translate_a/element.js?cb=googFooterTranslate Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:27:46 GMT content-encoding br x-content-type-options nosniff age 1346 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3130 x-xss-protection 0 last-modified Wed, 24 Feb 2021 19:45:00 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Fri, 20 Aug 2021 16:27:46 GMT
GET H2	200	main.js Show response translate.googleapis.com/translate_static/js/element/	6 KB 2 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/js/element/main.js Requested by Host: translate.google.com URL: https://translate.google.com/translate_a/element.js?cb=googFooterTranslate Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:22:39 GMT content-encoding br x-content-type-options nosniff age 1653 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2154 x-xss-protection 0 last-modified Mon, 24 May 2021 18:08:00 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Fri, 20 Aug 2021 16:22:39 GMT
POST H3-29	204	AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54= Show response fundingchoicesmessages.google.com/el/	0 27 B	43ms 29ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54=?pvid=EF4B92AB-6CBC-4DB6-B366-B75898D547FA&anonid=54DED7CF-CAF7-4DCA-BABE-437EDDE906CC Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.pGxITOdM7Lk.es5.O/d=1/rs=AJlcJMzP-HyD0kwubGOsHQyyyRFOzNPAQQ/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DRxMPVgxpzFOJB38vZM3tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DRxMPVgxpzFOJB38vZM3tQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-DRxMPVgxpzFOJB38vZM3tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DRxMPVgxpzFOJB38vZM3tQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54= Show response fundingchoicesmessages.google.com/el/	0 26 B	33ms 20ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54=?pvid=EF4B92AB-6CBC-4DB6-B366-B75898D547FA&anonid=54DED7CF-CAF7-4DCA-BABE-437EDDE906CC Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.pGxITOdM7Lk.es5.O/d=1/rs=AJlcJMzP-HyD0kwubGOsHQyyyRFOzNPAQQ/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1197tRQB/9hSFLqOyb/gmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1197tRQB/9hSFLqOyb/gmw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-1197tRQB/9hSFLqOyb/gmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1197tRQB/9hSFLqOyb/gmw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54= Show response fundingchoicesmessages.google.com/el/	0 27 B	24ms 24ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54=?pvid=EF4B92AB-6CBC-4DB6-B366-B75898D547FA&anonid=54DED7CF-CAF7-4DCA-BABE-437EDDE906CC Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.pGxITOdM7Lk.es5.O/d=1/rs=AJlcJMzP-HyD0kwubGOsHQyyyRFOzNPAQQ/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-X7fov+IPmPi1Swkt93/0Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-X7fov+IPmPi1Swkt93/0Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-X7fov+IPmPi1Swkt93/0Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-X7fov+IPmPi1Swkt93/0Ew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	AGSKWxXZRKOvKIyDCtad1ga2-p81y7_jG8Sf9N3Pl9Q_sbDrLWCwgT3sPhbuBJQBPHR0kYPZebkJdbpOOIvv5v5Jwcg= Show response fundingchoicesmessages.google.com/f/	184 KB 54 KB	62ms 46ms	Script application/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXZRKOvKIyDCtad1ga2-p81y7_jG8Sf9N3Pl9Q_sbDrLWCwgT3sPhbuBJQBPHR0kYPZebkJdbpOOIvv5v5Jwcg=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI5NDc0NjEyLDg4MDAwMDAwXSwiRUY0QjkyQUItNkNCQy00REI2LUIzNjYtQjc1ODk4RDU0N0ZBIiwiNTRERUQ3Q0YtQ0FGNy00RENBLUJBQkUtNDM3RURERTkwNkNDIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9ic2dwaWM2bThmaXNwMWQvVGVycm9yX01vZF9NZW51LnppcC9maWxlIl0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.pGxITOdM7Lk.es5.O/d=1/rs=AJlcJMzP-HyD0kwubGOsHQyyyRFOzNPAQQ/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 85cf4fedf91052971ee257ba07f8151266bb7f058d7c724d812b60d18b5209a3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-chPS0zjSSWRX9JF/nq8zmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-chPS0zjSSWRX9JF/nq8zmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-chPS0zjSSWRX9JF/nq8zmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-chPS0zjSSWRX9JF/nq8zmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame BE88	0 1 KB	35ms 33ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/like.php?href=http://www.facebook.com/MediaFire&width=193&layout=button_count&action=like&show_faces=false&share=true&height=30&appId=124578887583575 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mediafire.com/ Response headers content-type text/html;charset=utf-8 pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-content-type-options nosniff x-xss-protection 0 x-fb-debug qNtPIPKrmvF4dqnvubU5kc+13CUbXSc7/BFAmtmJKVyxgW/xM/SJgEauYWKYfVJgpGOyvXqffMTAzit3s7k/LA== content-length 0 date Fri, 20 Aug 2021 15:50:12 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H2	200	country-ru.svg static.mediafire.com/images/backgrounds/download/additional_content/	100 KB 39 KB	69ms 67ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/additional_content/country-ru.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26b07e0f98478f783541b68d6e0bfcb86ba668bdb4d5c911d3da83b7eee7d888 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 27 May 2020 17:21:43 GMT server cloudflare age 2651 etag W/"5ecea1a7-190c3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a5bc94caf8-ARN
GET H2	200	rus.svg static.mediafire.com/images/flags_svg/	265 B 256 B	52ms 51ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/flags_svg/rus.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a522f2a2c90b45c61d0ea15898c102061eb7d72195e1ede1318734979c6c538b Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 5616 etag W/"5b4e51d6-109" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a5bc96caf8-ARN
GET H2	200	flag.svg static.mediafire.com/images/backgrounds/download/additional_content/	234 B 280 B	45ms 44ms	Image image/svg+xml	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 17 Jul 2018 20:30:14 GMT server cloudflare age 3731 etag W/"5b4e51d6-ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]} content-type image/svg+xml access-control-allow-origin * nel {"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01} cf-ray 681cc6a5bc9acaf8-ARN
GET H3-29	200	element_main.js Show response translate.googleapis.com/element/TE_20210503_00/e/js/element/	252 KB 90 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/js/element/main.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 11:27:44 GMT content-encoding gzip x-content-type-options nosniff age 15748 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91906 x-xss-protection 0 last-modified Mon, 03 May 2021 09:56:24 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 20 Aug 2022 11:27:44 GMT
GET H3-29	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:02:59 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 2833 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1306 x-xss-protection 0 expires Fri, 20 Aug 2021 16:02:59 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1738007633&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbsgpic6m8fisp1d%2FTerror_Mod_Menu.zip%2Ffile&ul=en-us&de=UTF-8&dt=Terror%20Mod%20Menu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUALAAAAAC~&jid=1070810818&gjid=1285122857&cid=2036644972.1629474612&tid=UA-829541-1&_gid=938002296.1629474612&_r=1&gtm=2ou8i0&cd1=unregistered&cd7=legacy&cd3=archive&cd4=34&cd5=zip&cd8=%2F100%2F&z=1190889205 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	40ms 19ms	Script text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding br cf-cache-status HIT server cloudflare age 5347978 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 681cc6a5faf4176a-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Mon, 20 Sep 2021 15:50:12 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 89 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-829541-1&cid=2036644972.1629474612&jid=1070810818&gjid=1285122857&_gid=938002296.1629474612&_u=YEBAAUAKAAAAAC~&z=106000874 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 20 Aug 2021 15:50:12 GMT content-type text/plain access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 24 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1738007633&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbsgpic6m8fisp1d%2FTerror_Mod_Menu.zip%2Ffile&ul=en-us&de=UTF-8&dt=Terror%20Mod%20Menu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUALAAAAAC~&jid=1866362982&gjid=821220249&cid=2036644972.1629474612&tid=UA-86547571-4&_gid=938002296.1629474612&_r=1&gtm=2wg8i053LP4T&z=561050250 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/1x/	825 B 886 B	6ms 6ms	Image image/png	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/1x/translate_24dp.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:47:27 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 165 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 825 x-xss-protection 0 expires Sat, 20 Aug 2022 15:47:27 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 972 B	7ms 6ms	Image image/png	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 00:48:22 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 54110 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 910 x-xss-protection 0 expires Sat, 20 Aug 2022 00:48:22 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	31ms 30ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-829541-1&cid=2036644972.1629474612&jid=1070810818&_u=YEBAAUAKAAAAAC~&z=1450629177 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 30ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-829541-1&cid=2036644972.1629474612&jid=1070810818&_u=YEBAAUAKAAAAAC~&z=1450629177 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ 6.adsco.re/	0 454 B	39ms 13ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://www.mediafire.com Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.mediafire.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 681cc6a67af04eaa-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/	0 463 B	294ms 64ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://www.mediafire.com Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3-29	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	7ms 6ms	Image image/png	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/css/translateelement.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translate.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:31:56 GMT x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 1096 vary Origin content-type image/png cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1847 x-xss-protection 0 expires Sat, 20 Aug 2022 15:31:56 GMT
POST H3-29	204	AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos Show response fundingchoicesmessages.google.com/el/	0 27 B	27ms 27ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos?dmid=8d3d38bf03b536d0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.DDz5gpkawWM.es5.O/d=1/rs=AJlcJMx8gKVNjAT6Rc73XCcmNf0weqBP2Q/m=iabtcfv2wallscript Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-PJojlkjAwHf8a12UC4GOcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PJojlkjAwHf8a12UC4GOcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-PJojlkjAwHf8a12UC4GOcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PJojlkjAwHf8a12UC4GOcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos Show response fundingchoicesmessages.google.com/el/	0 27 B	29ms 29ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos?dmid=8d3d38bf03b536d0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.DDz5gpkawWM.es5.O/d=1/rs=AJlcJMx8gKVNjAT6Rc73XCcmNf0weqBP2Q/m=iabtcfv2wallscript Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wifYHS0/ogSCTXPwhLpW0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wifYHS0/ogSCTXPwhLpW0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-wifYHS0/ogSCTXPwhLpW0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wifYHS0/ogSCTXPwhLpW0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	52 KB 3 KB	18ms 18ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.DDz5gpkawWM.es5.O/d=1/rs=AJlcJMx8gKVNjAT6Rc73XCcmNf0weqBP2Q/m=iabtcfv2wallscript Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32269c19e9a51ab919c9a27a5d5ccaffe38f8ec34f3ffd9cbe79e9b89751ac7f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 Aug 2021 15:50:12 GMT server ESF date Fri, 20 Aug 2021 15:50:12 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 Aug 2021 15:50:12 GMT
GET H2	200	YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 lh3.googleusercontent.com/	12 KB 12 KB	8ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/YxmihnhFt54cZYUpI8Vki3ux02R2TgdxT2JLItC4sk0NMsB8q5xXuZr3KKhXns_325CVgfI3IAWpwJrMtsUf1HdwXaWps_lxmzvqH8R5aBB2P50trKqeLQ=h60 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash cf7137aae8e21d7b4a5d0a322b25dfc27c7a1e9b1a06bb4d5f813ef9e3459df3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 14:29:42 GMT x-content-type-options nosniff age 4830 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12249 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 21 Aug 2021 14:29:42 GMT
GET H3-29	200	pubads_impl_2021081701.js Show response securepubads.g.doubleclick.net/gpt/	328 KB 114 KB	125ms 62ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 17 Aug 2021 08:38:29 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 117161 x-xss-protection 0 expires Fri, 20 Aug 2021 15:50:12 GMT
GET H3-29	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	339 B 186 B	131ms 66ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafire.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 0ec47383b2dbdefc49b74d00351f225657afbbaf3946816fc05b78380ef67d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 161 x-xss-protection 0 expires Fri, 20 Aug 2021 15:50:12 GMT
GET H2	200	arj Show response mediafire-d.openx.net/w/1.0/	172 B 559 B	133ms 61ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://mediafire-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbsgpic6m8fisp1d%2FTerror_Mod_Menu.zip%2Ffile&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2a40fdf8-9d2f-415d-bb83-9b0680828932%2C053d3c3b-666b-48ac-877c-7830ed9e425a%2C91c2453b-bad5-4d7b-9544-9c0e9dbe497a%2C4472257e-7be8-4f80-b33e-75e7cbe82753%2Cd7d95c9a-f1e4-46b3-a76b-5cd4ffe16c31&nocache=1629474612262&aus=728x90%7C336x280%2C300x250%7C336x280%2C300x250%7C728x90%7C728x90&divids=div-gpt-ad-1579280679906-0%2Cdiv-gpt-ad-1579280773917-0%2Cdiv-gpt-ad-1579280808862-0%2Cdiv-gpt-ad-1579280901640-0%2Cdiv-gpt-ad-1579281349230-0&aucs=%2C%2C%2C%2C&auid=539074863%2C539074864%2C539074865%2C539074866%2C539074866 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 25def860963f54048d6e175d428d70098ef5e798a0847fdbe172c98744944a3b Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip server OXGW/16.214.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.mediafire.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	595 B 1 KB	231ms 134ms	XHR application/json	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 00d58d402a5e282da60ec4c61b6cba34b7b02050e6f45fd3738e95eeb23afcb4 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.236.42.25; 185.236.42.25; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 365ec44e-1a12-4a60-913c-5eb80f64f36a Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 117 B	261ms 158ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.mediafire.com date Fri, 20 Aug 2021 15:50:12 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H3-29	204	AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos Show response fundingchoicesmessages.google.com/el/	0 26 B	25ms 25ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUzp8QfcdnpDRBtZjGtVndIUJsYwVAxF0ZfaQ1yhGbaggMjSHWBXGNSa5RBakqmjuzN5ySA_zs6lq0mxpKYGMxrTkMzHUcnR17D7l00eCPbkotXqZBCfSqq_TL8bOkbarlscc0FXVTM-TGEDQ_K0vSqeFNmBKnBbwe5ct8miBUZsJCn-4h0-G7n4zos?dmid=8d3d38bf03b536d0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.DDz5gpkawWM.es5.O/d=1/rs=AJlcJMx8gKVNjAT6Rc73XCcmNf0weqBP2Q/m=iabtcfv2wallscript Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-VhJUE2oIkf8sfqoI2In3XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VhJUE2oIkf8sfqoI2In3XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-VhJUE2oIkf8sfqoI2In3XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VhJUE2oIkf8sfqoI2In3XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	p Show response adsco.re/	0 419 B	229ms 64ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin https://www.mediafire.com Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 463 B	130ms 64ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 246ad11063f7d871fe3023845e8732edb7ba7d50fcb2e035fb4d387cce523ce9 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.mediafire.com Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3-29	200	/ Show response 6.adsco.re/	53 B 418 B	33ms 13ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.mediafire.com access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 681cc6a70f504e1f-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H/1.1	200 OK	/ lertofajvbqd.l4.adsco.re/	0 464 B	191ms 58ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://lertofajvbqd.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ lertofajvbqd.n4.adsco.re/	0 464 B	1491ms 131ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://lertofajvbqd.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 20 Aug 2021 15:50:13 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ lertofajvbqd.s4.adsco.re/	0 464 B	857ms 210ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://lertofajvbqd.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 20 Aug 2021 15:50:13 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H3-29	200	/ Show response c.adsco.re/ Frame 95D1	62 KB 22 KB	42ms 20ms	Document text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers :method GET :authority c.adsco.re :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mediafire.com/ Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Mon, 20 Sep 2021 15:50:12 GMT etag W/"2Ma3006J78KgzL0RD+7gUg==" cf-cache-status HIT age 5347978 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 681cc6a71df14ecd-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v98/	108 KB 108 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v98/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a26885fa790a28741d66db5d23dafe4bf6475cc38f92a5060bed877ab3bb981 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mediafire.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 01:03:46 GMT x-content-type-options nosniff age 139586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110212 x-xss-protection 0 last-modified Thu, 19 Aug 2021 00:49:49 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Aug 2022 01:03:46 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v23/	14 KB 14 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mediafire.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 17 Aug 2021 00:29:17 GMT x-content-type-options nosniff age 314455 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14440 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:25 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Aug 2022 00:29:17 GMT
GET H3-29	200	mem5YaGs126MiZpBA-UNirkOUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mediafire.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 17 Aug 2021 00:36:10 GMT x-content-type-options nosniff age 314042 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14956 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:40 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Aug 2022 00:36:10 GMT
GET H3-29	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mediafire.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 06:13:50 GMT x-content-type-options nosniff age 120982 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15112 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:34 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Aug 2022 06:13:50 GMT
GET H2	200	pxusr.gif c.aaxads.com/	43 B 206 B	53ms 53ms	Image image/gif	104.111.239.153 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.aaxads.com/pxusr.gif Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-153.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT last-modified Mon, 26 Feb 2018 13:29:58 GMT server Apache strict-transport-security max-age=604800 content-type image/gif cache-control max-age=1043347 accept-ranges bytes content-length 43 expires Wed, 01 Sep 2021 17:39:19 GMT
GET H/1.1	200 OK	pxext.gif www.aaxdetect.com/	43 B 323 B	172ms 55ms	Image image/gif	104.111.243.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aaxdetect.com/pxext.gif Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-142.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Last-Modified Mon, 26 Feb 2018 13:29:58 GMT Server Apache Content-Type image/gif Cache-Control max-age=524860 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Thu, 26 Aug 2021 17:37:52 GMT
GET H3-29	200	/ 6.adsco.re/ Frame 95D1	0 377 B	22ms 21ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://c.adsco.re Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://c.adsco.re access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 681cc6a829bb4e1f-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 95D1	0 456 B	64ms 64ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://c.adsco.re Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 15:50:12 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H3-29	200	l Show response translate.googleapis.com/translate_a/ Frame EE70	3 KB 963 B	18ms 18ms	Script application/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback Requested by Host: srcdoc URL: about:srcdoc Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w6XwremOvBZjJnPxuQpMdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache content-security-policy script-src 'report-sample' 'nonce-w6XwremOvBZjJnPxuQpMdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin; report-to="TranslateApiHttp" date Fri, 20 Aug 2021 15:50:12 GMT x-frame-options SAMEORIGIN report-to {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54= Show response fundingchoicesmessages.google.com/el/	0 26 B	20ms 20ms	XHR text/html	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWPz4MGJ5eHzSm-XD4l9Eb4kej0h3vaRv-UNrsNVMEnMvw_lkCsnY1ocxQu5y4q0b-G0F5erEZBmRIW1veuo54=?pvid=EF4B92AB-6CBC-4DB6-B366-B75898D547FA&anonid=54DED7CF-CAF7-4DCA-BABE-437EDDE906CC Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.pGxITOdM7Lk.es5.O/d=1/rs=AJlcJMzP-HyD0kwubGOsHQyyyRFOzNPAQQ/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-lxUhCBfyiMBkVp3rMSajFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lxUhCBfyiMBkVp3rMSajFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://www.mediafire.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-lxUhCBfyiMBkVp3rMSajFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-lxUhCBfyiMBkVp3rMSajFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/	56 KB 21 KB	53ms 52ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash f88f3d9916d23136f41cc7587b6d1398583bcca71e68b38c828d6dbb41086f5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 14:50:37 GMT content-encoding gzip x-content-type-options nosniff age 3575 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21544 x-xss-protection 0 server cafe etag 17504199737071481790 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Fri, 20 Aug 2021 15:50:37 GMT
GET H3-29	200	/ Show response c.adsco.re/ Frame 95D1	62 KB 22 KB	16ms 15ms	XHR text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding br cf-cache-status HIT server cloudflare age 5347978 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 681cc6a899764ecd-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Mon, 20 Sep 2021 15:50:12 GMT
GET		/ 6.adsco.re/ Frame 95D1	0 0
GET		/ 4.adsco.re/ Frame 95D1	0 0
GET H2	200	log l3.aaxads.com/	35 B 194 B	54ms 53ms	Image image/gif	104.111.239.153 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT_delay300&dgeg=0&dgw=desktop&flg=AAX3221EY&fw=STOCKHOLM&ff=SE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=mediafire.com&vhuyqdph=ssp-serving-54c794cfd4-qx5q4&vg=-1&vyu=081912_281_081912_251_ssp&vf=AB&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001629474612499031192622083488&vvsDeExfnhw=CONTROL&qsd=0&oz=1&gdss=green&uwbsh=&oeu=0&lwbshlg=6&pqny=&sdewh=&iorf_lg=&iorf_yhu=&jgsu=1&fvvwu=&wfi_fps=300&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=1---&xifd=0&frssd_vwdwxv=&frssd_dssolhg=&jixqgo=300&jwg=100&lqlg=&qjixqgo=300&ugo=800&lg_ghwdlov=&deg=2&gvwduw=22&ghqg=197&sf=&uhtxuo=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbsgpic6m8fisp1d%2FTerror_Mod_Menu.zip%2Ffile&nzui= Requested by Host: www.mediafire.com URL: https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.239.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-153.deploy.static.akamaitechnologies.com Software Jetty(9.4.35.v20201120) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT server Jetty(9.4.35.v20201120) content-type image/gif access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 35 expires Fri, 20 Aug 2021 15:50:12 GMT
POST H2	200	rum Show response www.mediafire.com/cdn-cgi/	0 243 B	56ms 55ms	XHR text/plain	104.16.202.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mediafire.com/cdn-cgi/rum?req_id=681cc6a1ce2fcaf8 Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.202.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-fetch-mode cors origin https://www.mediafire.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie ukey=acrec3xh6vfcj25dx4cp1lggzqcm6dud; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-34%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FGoogle%20Chrome%22%2C%22mf_campaign%22%3A%22bsgpic6m8fisp1d%22%2C%22mf_term%22%3A%22db48e47589bc2fe617dcc8faf0959270%22%7D; __cf_bm=7db1b5af67e71f0597a626a5a8af94af60f67cd6-1629474611-1800-ATpsRUhiW07zaraPzg3Mm4ediJIOjVx771UKKUyzV+MLujsJ5IQ2owuhCgCrG7Yz9ZkYXDvpqANns5UNeu2eg2E=; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1629474612069]]; _ga=GA1.2.2036644972.1629474612; _gid=GA1.2.938002296.1629474612; _gat_gtag_UA_829541_1=1; _gat_UA-86547571-4=1; a=QPwVhkRr8d8FAt6qulGhqxos5iawsMR4; __aaxsc=2 content-length 21589 :path /cdn-cgi/rum?req_id=681cc6a1ce2fcaf8 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority www.mediafire.com referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file :scheme https sec-fetch-site same-origin :method POST Referer https://www.mediafire.com/file/bsgpic6m8fisp1d/Terror_Mod_Menu.zip/file User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Fri, 20 Aug 2021 15:50:12 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.mediafire.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 681cc6a9ab30caf8-ARN vary Origin
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 463 B	58ms 38ms	Image image/gif	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.mediafire.com&doc=complete&pg_h=1901&pg_w=1600&pg_hs=1901&c=5&aa_c=0&av_h=166&av_w=571.200&av_a=76944&s=20&all_s=20&b=401&all_b=401&d=0.437&all_d=0.437&ard=0.126&all_ard=0.126&dt=d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	p Show response adsco.re/	259 B 782 B	78ms 77ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 02a7c0109d4f6d681fa0c0d90860e623c87ec3140772623bf4d790701da8cc9f Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers AS-P-G OK Date Fri, 20 Aug 2021 15:50:12 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin https://www.mediafire.com Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H2	200	verify Show response otnolatrnup.com/	17 B 373 B	49ms 25ms	XHR application/json	2606:4700::6813:d625 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://otnolatrnup.com/verify?sig=BAoAYR_PNAFhH880gAGBAcAAIJDGuK742jQG7LsZVp3QfH5k1TckZtPFKCD7w37LxCMGwQAg2J7FSL423_BUkxTV-M5b5syiLvlehPMWPbcMb34UyyLCACCBlSmG6g8J-C3BiYdg8SBmZtUkNTV8m2W0Yucaz0taT8QAECoBBPgBklQUAAAAAAAAAALFABBJpwqFyADgrSAOszMynjZSwwAgdq9RY_UaIp8kCrFkmnNtA8Wodw96W4W3w_gwYWJ6jsM Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT server cloudflare x-adscore-status bot expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control no-cache access-control-allow-headers Content-Type cf-ray 681cc6aaffa7c290-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 17
GET H2	204	Tag.engine Show response otnolatrnup.com/	0 33 B	21ms 21ms	Script text/plain	2606:4700::6813:d725 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://otnolatrnup.com/Tag.engine?time=-120&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=19894&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fbsgpic6m8fisp1d%2FTerror_Mod_Menu.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAoAYR_PNAFhH880gAGBAcAAIJDGuK742jQG7LsZVp3QfH5k1TckZtPFKCD7w37LxCMGwQAg2J7FSL423_BUkxTV-M5b5syiLvlehPMWPbcMb34UyyLCACCBlSmG6g8J-C3BiYdg8SBmZtUkNTV8m2W0Yucaz0taT8QAECoBBPgBklQUAAAAAAAAAALFABBJpwqFyADgrSAOszMynjZSwwAgdq9RY_UaIp8kCrFkmnNtA8Wodw96W4W3w_gwYWJ6jsM Requested by Host: cdn.otnolatrnup.com URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:12 GMT server cloudflare cf-ray 681cc6aaebe7d6fd-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding
POST H2	204	csi csi.gstatic.com/	0 348 B	49ms 28ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kskj41w3&c=1644742293439395&e=22316438%2C20211866%2C31061691%2C31061693%2C31062297&ctx=1&met.9=1.tt~13.11d~2.12d&met.3=831.12j~827.12j~5.12l~74.12m_2~43.12o_1~49.12o~49.12p~49.12p~74.12p_1~43.12q~49.12q~49.12q~49.12q~74.12q_1~43.12r~49.12r~49.12r~49.12r~74.12r_1~43.12s~49.12s~49.12s~49.12s~74.12s_1~43.12t~49.12t~49.12t~49.12t~21.12t~6.12t~91.12t~95.12t_1~95.12v~95.12v~95.12v~95.12w~631.12w~77.12k_d~724.12y_1~724.12z~724.12z~724.12z~724.130~724.130~724.130~724.130~724.130~724.130~724.130~724.130~724.130~724.130~724.130~895.131~894.131~573.13m~573.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13n~54.13n~598.13o~54.13o~598.13o~54.13o~598.13o~54.13o~598.13o~54.13o~598.13o~573.13o~598.13o~49.13o~49.13o~598.13o~49.13o~49.13o~598.13o~49.13o~49.13o~598.13o~49.13o~49.13o~598.13o~49.13o~49.13p~573.13p~598.13p~11.13p_2~573.13q~598.13q~598.13q~11.13q_1~573.13r~598.13r~598.13r~598.13r~11.13r_1~76.13k_7~725.13s~725.13s~725.13s~872.13u~872.13u~872.13u~895.13y~895.13y~895.13y~660.140~660.141~660.141~112.14k_2~573.15z~598.15z~598.15z~598.15z~598.15z~598.15z~86.160~76.160~94.17j~573.17o~598.17o~598.17o~598.17p~598.17p~598.17p~113.17n_5~573.1fz~598.1fz~598.1fz~598.1fz~598.1fz~11.1fz_1~76.1fz_1~725.1g0~872.1g0~895.1g1~660.1g1&met.10=1_5.IIILEAAI8P8DGICYdSgA~1_1.IIILEPD_Awjw_wMYgJh1KAE~1_3.IIILEIDfBQiA3wUYgJh1KAE~1_2.IIILEIDfBQiA3wUYgJh1KAE~1_4.IIILEPD_Awjw_wMYgJh1KAE~1_1.IJgLEAAIABgAKAA~1_2.IJgLEAAIABgAKAA~1_3.IJgLEAAIABgAKAA~1_38.IKQLEIDfBQiA3wUYgJh1KAE~1_32.IKQLEIDfBQiA3wUYgJh1KAE~1_26.IKQLEPD_Awjw_wMYgJh1KAE~1_4.INAOEAAIABgAKAA~1_44.INgOEPD_Awjw_wMYgJh1KAE&met.7=CBsQCMAByYO5gQU~CBsQChgBIIQGKIQGMJUGOBHAAYzV2OsE~CD8QChgBIIsGKIsGMMsGOEDAAYaz-8EK~CDsQChgBIIwGKIwGMOsHON8BQI4GSI8GUI8GWIMHYKkGaIQHcMgHePzIAYAB2cUBiAGIvwSwAQG4AQPAAeLN6pYJ~CBsQCiCMBjjnAcABr8Lm0gs~CBsQCiCNBjioAsABoeDigAY~CBsQChgBII0GKI0GMKgGOBvAAdWe06YM~CBsQAiCPBjg8wAGole_QBw~CBsQAiCPBjg7wAGUwuSlBw~CBsQAiCQBjjDAcAB9dS5uwM~CBsQChgBIKkGKKkGMLsGOBLAAfThltoM~CBsQAiCuBjgvwAGsjLvuBw~CBsQAiCvBjgywAGV-YfQDg~CBsQAiCvBjjFAcAB7sfC2gs~CBsQAiCvBjiIAcAB4timbg~CBsQAiCyBjgvwAG26uzjDw~CBsQCiDFBjhBwAH6vrGOAg~CBsQCiDgBjgIwAHZ67DzCg~CBsQCiDlBjg3wAGTqqnUCA~CBsQAiDmBjg0wAGUnvXpDw~CBsQBxgBIO8GKO8GMPYGOAfAAZ-LzswO~CBsQChgBIO8GKO8GMPYGOAfAAdWBi9gJ~CD8QDRgBIPQGKPQGMKAHOCzAAdGElqsP~CD8QDRgBIPUGKPUGMJcHOCLAAdGElqsP~CD8QDRgBIIcHKIcHMKAHOBnAAdGElqsP~CD8QChgBIJoHKJoHMOQHOErAAcPkn7AH~CBsQBSCnBzgkwAHn1_KOCQ~CBsQAiCoBzhKwAGkpN3ACw~CBsQAiCoBzg2wAGvvujVDw~CBsQAiCoBzgvwAH7qIj1Aw~CBsQChgBIK0HKK0HMMkHOB3AAd-Rzp8P~CBsQCiCvBzgHwAHbu-WNDQ~CBsQDSC5BzgOwAGAkfKHCA~CBsQCiDEBzgpwAGqypu-Ag~CCgQDRgBINwHKNwHMOoHOA_AAeKygLkD~CBsQDSDjBzgOwAGAkfKHCA~CBsQBhgBIIsIKIsIMJIIOAfAAca4uZ4O~CBsQBhgBIIsIKIsIMJIIOAfAAZi5gsgM~CBsQBhgBIIwIKIwIMKsIOB9ojQhwqwh4a4ABKogBKrABAbgBA8AB_-bozAs~CBsQBhgBIIwIKIwIMKsIOB5ojQhwqgh4a4ABKogBKrABAbgBA8AB_beM5gE~CBsQByCPCDgnwAHduamuAw~CBsQByCPCDinAsABtIC-6QI~CBsQAhgBIJIIKJIIMJoIOAjAAbXEvKIC~CD8QDRgBIJwIKJwIMLcIOBvAAY6X-W8~CD8QDRgBIJwIKJwIMLoIOB7AAY6X-W8~CBIQBxgBIKEIKKEIMLQIOBNooQhwswh4-BqAAfMZiAG-oAOqAewCCgdBcmNoaXZvCgVBcmltbwoGQml0dGVyCgtFQitHYXJhbW9uZAoETGF0bwoRTGlicmUrQmFza2VydmlsbGUKDkxpYnJlK0ZyYW5rbGluCgRMb3JhChpHb29nbGUrU2FuczpyZWd1bGFyLG1lZGl1bQoOTWF0ZXJpYWwrSWNvbnMKDE1lcnJpd2VhdGhlcgoKTW9udHNlcnJhdAoFTXVrdGEKBE11bGkKBk51bml0bwoVT3BlbitTYW5zOjQwMCw2MDAsNzAwCiNPcGVuK1NhbnMrQ29uZGVuc2VkOjMwMCw0MDAsNjAwLDcwMAoGT3N3YWxkChBQbGF5ZmFpcitEaXNwbGF5CgdQb3BwaW5zCgdSYWxld2F5CgZSb2JvdG8KEFJvYm90bytDb25kZW5zZWQKC1JvYm90bytTbGFiCgpTbGFibysyN3B4Cg9Tb3VyY2UrU2FucytQcm8KBlVidW50dQoHVm9sa2hvdrABAbgBA8AB1se7yAo~CBsQBhgBIKcIKKcIMLAIOApopwhwrwh4uWCAAdlfiAHZX7ABAbgBA8AB_tDRpgw~CA4QChgBILIIKLIIMJ0KOOwBULIIWPEIYLIIaPEIcK8JeNiTB4ABqZMHiAGcwxSwAQG4AQPAAcPGsZYL~CDwQDRgBILIIKLIIMLYJOIQBULMIWPMIYLMIaPQIcLYJeLoBgAGhAYgB0wKwAQG4AQPAAejUr80J~CBsQDSDKCDiFAcAByrKt2gw~CBsQDSDLCDjoAcAB6fz9qQw~CBsQDSDNCDiGAsAB8bXgGA~CD8QDRgBIOwIKOwIMIcJOBrAAY6X-W8~CBsQDSDyCDjmAcAB69nN6AM~CBsQDSDyCDiDAcABtIC-6QI~CBsQDSDzCDgiwAHduamuAw~CBsQBSD4CDgxwAGqypu-Ag~CBMQAhgBIJoJKJoJMKQJOApomwlwoQl4ht4GgAGE3QaIAYTdBqoBEwoNbWF0ZXJpYWxpY29ucxBiGAKwAQG4AQPAAYWt2LoJ~CBMQAhgBIJ8JKJ8JMKUJOAZonwlwpQl4t3GAAehwiAHocKoBDgoIb3BlbnNhbnMQFxgCsAEBuAEDwAHLl6_PCw~CBMQAhgBIMIJKMIJMMkJOAdowglwyQl4hXWAAex0iAHsdKoBDgoIb3BlbnNhbnMQFxgCsAEBuAEDwAHahc-_Dw~CBMQAhgBIMQJKMQJMMwJOAhoxQlwywl4oXaAAYh2iAGIdqoBDgoIb3BlbnNhbnMQFxgCsAEBuAEDwAGH24ifCg~CBsQBiC4Cjg2wAGZ8oyTBg~CD8QDRgBIPgKKPgKMI0LOBXAAdGElqsP~CCgQChgBIPoKKPoKMLELODdo-gpwrwt4xKgBgAGoqAGIAau_A7ABAbgBA8ABm-H6cA~CBsQBiC4CjitAcABzrmt4Qk~CBsQBiDnCzg3wAG2o8-nAw~CBsQCDifDMAByYO5gQU~CBsQDSCjDDg4wAHZntWhBw~CBwQBhgBIKgMKKgMMOMMODtAqQxIqgxQqgxYvAxgrwxovAxw4wx4zwOwAQG4AQPAAZSE4rUO~CBsQDSDUDDhOwAHr2c3oAw~CBsQCiDzDTgWwAHZlcqxDw~CBsQDSDlDTgywAHV0r-aAw~~&met.1=1.kskj40rj~6.6r~7.6s~8.6t~9.6t~10.8g~11.7j~12.8h~13.k3~14.lv~15.k6~16.od~17.q4~18.q4~19.17j~20.17j~21.17j~22.mq~23.mq&met.2=19.3~17.ui~18.11v Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mediafire.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:13 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame D77C	14 KB 5 KB	168ms 56ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?kdntuid=1&p=158936 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mediafire.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=126841 expires Sun, 22 Aug 2021 03:04:16 GMT date Fri, 20 Aug 2021 15:50:15 GMT vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 5DA9	52 KB 17 KB	200ms 81ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.mediafire.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mediafire.com/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sat, 21 Aug 2021 15:50:17 GMT Date Fri, 20 Aug 2021 15:50:15 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	pd Show response eu-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1	1006 B 858 B	59ms 59ms	Document text/html	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Requested by Host: www.mediafire.com URL: https://www.mediafire.com/js/prebid5.6.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash b69c18529aec4c18bfa365321e218496aefc8921977d2143f04d149ad5343b8d Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mediafire.com/ accept-encoding gzip, deflate, br accept-language en-US cookie i=17ee3b54-366b-0277-051b-c6df37fc502e|1629474615 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mediafire.com/ Response headers vary Accept, Accept-Encoding set-cookie i=17ee3b54-366b-0277-051b-c6df37fc502e|1629474615; Version=1; Expires=Sat, 20-Aug-2022 15:50:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629474615|mOgeginskin0vNomiygu; Version=1; Expires=Sat, 04-Sep-2021 15:50:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.214.0 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 20 Aug 2021 15:50:15 GMT content-type text/html content-length 541 content-encoding gzip via 1.1 google alt-svc clear Redirect headers set-cookie i=17ee3b54-366b-0277-051b-c6df37fc502e|1629474615; Version=1; Expires=Sat, 20-Aug-2022 15:50:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.214.0 p3p CP="CUR ADM OUR NOR STA NID" location https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 date Fri, 20 Aug 2021 15:50:15 GMT content-length 0 via 1.1 google alt-svc clear
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Y31BfucI1Mh6MD5	43 B 106 B	55ms 55ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Y31BfucI1Mh6MD5 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 15:50:15 GMT Server PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0f2ae110f5f605c82@eu-central-1b@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=604800; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://eu-u.openx.net/w/1.0/sd?id=537072979&val=Y31BfucI1Mh6MD5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://x.bidswitch.net/sync?ssp=openx https://x.bidswitch.net/ul_cb/sync?ssp=openx https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=071ee64c-4a2d-42c9-92ff-186d2d4368ee&ssp=openx https://us-u.openx.net/w/1.0/sd?id=537072968&val=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0	43 B 106 B	55ms 55ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072968&val=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:16 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location //us-u.openx.net/w/1.0/sd?id=537072968&val=5e3db165-bf68-4416-b25b-7bd1cdf1b1c0 date Fri, 20 Aug 2021 15:50:16 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1961153555994826710	43 B 106 B	58ms 57ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1961153555994826710 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 15:50:15 GMT X-Proxy-Origin 185.236.42.25; 185.236.42.25; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 96e13b58-3118-42bb-a021-a9c4bf214cd2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1961153555994826710 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	redir rtb-csync.smartadserver.com/ Frame 54A6 Redirect Chain https://match.prod.bidr.io/cookie-sync/ox https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCX2FFN0NQNTRBQUJxZG0wME4tZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b... https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB_aE7CP54AABqdm00N-g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB_aE7CP54AABqdm00N-g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_aE7CP54AABqdm00N-g&pid=558502&do=add https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_aE7CP54AABqdm00N-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...	43 B 163 B	182ms 59ms	Image image/gif	185.86.139.115 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_aE7CP54AABqdm00N-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT transfer-encoding chunked content-type image/gif Redirect headers location https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_aE7CP54AABqdm00N-g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID Date Fri, 20 Aug 2021 15:50:16 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D https://eu-u.openx.net/w/1.0/sd?id=536872786&val=245c611f-cf37-4800-90a8-e38afe578ca2	43 B 106 B	55ms 54ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=536872786&val=245c611f-cf37-4800-90a8-e38afe578ca2 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Fri, 20 Aug 2021 15:49:34 GMT Server MT3 3853 9552a83 master cdg-pixel-x9 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://eu-u.openx.net/w/1.0/sd?id=536872786&val=245c611f-cf37-4800-90a8-e38afe578ca2 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 20 Aug 2021 15:49:33 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mB5Xoc1JVfCDTlGlzUlLos1MAPODSwT0nxYQpgnn	43 B 122 B	57ms 56ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mB5Xoc1JVfCDTlGlzUlLos1MAPODSwT0nxYQpgnn Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=mB5Xoc1JVfCDTlGlzUlLos1MAPODSwT0nxYQpgnn cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://c1.adform.net/serving/cookie/match?party=22 https://c1.adform.net/serving/cookie/match?CC=1&party=22 https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1942685120198677893	43 B 106 B	59ms 58ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1942685120198677893 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server nginx location https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1942685120198677893 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	openx match.adsrvr.org/track/cmf/ Frame 54A6	70 B 265 B	202ms 66ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/openx?oxid=c442040d-9fec-3d80-5fcd-0e3753db63d3&gdpr=1 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 54A6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz&google_tc=	170 B 188 B	71ms 70ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz&google_tc= Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTgyZGQ3YzctNTY5Yi02MzI0LTRhMmQtNTQ4ZTk5MzlhZGIz&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 54A6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnlTPVnEfhUwYBL0gQG46U&google_cver=1	43 B 106 B	57ms 56ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnlTPVnEfhUwYBL0gQG46U&google_cver=1 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.214.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT via 1.1 google server OXGW/16.214.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFnlTPVnEfhUwYBL0gQG46U&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame D77C	2 KB 3 KB	185ms 60ms	Script text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53791201&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 1087a107bd779bc294bbb6f89c20afc3e65370fb90bdf1ca6d0b8970e9b1b1a5 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:14 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 5DA9	0 731 B	94ms 49ms	Script text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 15:50:15 GMT X-Proxy-Origin 185.236.42.25; 185.236.42.25; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7bd71975-d447-4095-8ea5-580e0f23f519 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame 64F1	35 B 467 B	36ms 36ms	Document image/gif	37.157.6.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?party=14&cid=CD06D8C1-189B-490E-A15C-1D29EBCD908B Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?party=14&cid=CD06D8C1-189B-490E-A15C-1D29EBCD908B pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US cookie C=1; uid=1942685120198677893 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers server nginx date Fri, 20 Aug 2021 15:50:15 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=1942685120198677893; expires=Tue, 19 Oct 2021 15:50:15 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 62F8 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7249378151576977261	42 B 520 B	126ms 60ms	Document image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7249378151576977261 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers :method GET :authority image2.pubmatic.com :scheme https :path /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7249378151576977261 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US cookie KADUSERCOOKIE=CD06D8C1-189B-490E-A15C-1D29EBCD908B; chkChromeAb67Sec=1; DPSync3=1630627200%3A197_219_201%7C1629504000%3A174; SyncRTB3=1630627200%3A220_13_161_56_7_3_21_54_71%7C1630713600%3A35 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers server nginx date Fri, 20 Aug 2021 15:50:16 GMT content-type image/gif; charset=utf-8 content-length 42 set-cookie KRTBCOOKIE_336=5844-7249378151576977261; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 15:50:16 GMT; path=/ PugT=1629474616; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 19-Sep-2021 15:50:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 18-Nov-2021 15:50:16 GMT; path=/ x-lat lhrpug016:0:422 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7249378151576977261 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 415C	43 B 360 B	169ms 53ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers cache-control no-cache pragma no-cache content-type image/gif expires Fri, 20 Aug 2021 00:00:00 GMT server Microsoft-IIS/10.0 x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1577 x-powered-by ASP.NET date Fri, 20 Aug 2021 15:50:15 GMT content-length 43
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame D77C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zQbYwRibSQ6hXB0p682Qiw%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	56ms 55ms	Image text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=126840 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Sun, 22 Aug 2021 03:04:16 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=245c611f-cf37-4800-90a8-e38afe578ca2	0 260 B	165ms 51ms	Image text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=245c611f-cf37-4800-90a8-e38afe578ca2 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:15 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Fri, 20 Aug 2021 15:49:35 GMT Server MT3 3853 9552a83 master cdg-pixel-x27 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=245c611f-cf37-4800-90a8-e38afe578ca2 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 20 Aug 2021 15:49:34 GMT
GET H2	200	mw mwzeom.zeotap.com/ Frame D77C Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=CD06D8C1-189B-490E-A15C-1D29EBCD908B https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=586ef582-8095-443d-9dae-236e1653a842&icm https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://pixel.onaudience.com/?partner=104&icm&cver&mapped=71ef925f166bc138fd9052f65180eae5 https://spl.zeotap.com/?zdid=1332&zcluid=88cc7d3ccfdae39f https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd416ce44a6&zclui... https://mwzeom.zeotap.com/mw?google_gid=CAESEAKnXWpoQy9o_hI0Onl2RxE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd...	95 B 164 B	40ms 33ms	Image image/png	2606:4700:10::ac43:db6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESEAKnXWpoQy9o_hI0Onl2RxE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd416ce44a6&zcluid=88cc7d3ccfdae39f&zdid=1332 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:17 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://ads.pubmatic.com access-control-allow-credentials true cf-ray 681cc6c4cce205b3-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://mwzeom.zeotap.com/mw?google_gid=CAESEAKnXWpoQy9o_hI0Onl2RxE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=54633946-349f-4a8e-4ba5-a500591e9b20&reqId=da4d519b-e488-4973-483b-9fd416ce44a6&zcluid=88cc7d3ccfdae39f&zdid=1332 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 469 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0QwNkQ4QzEtMTg5Qi00OTBFLUExNUMtMUQyOUVCQ0Q5MDhC&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 110 B	172ms 61ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT cache-control no-store, no-cache, private x-lat lhrpug003:0:301 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAzdwQQsUB1QXsPVXyHowNE&google_cver=1	42 B 284 B	172ms 61ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAzdwQQsUB1QXsPVXyHowNE&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT cache-control no-store, no-cache, private x-lat lhrpug005:0:523 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAzdwQQsUB1QXsPVXyHowNE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame D77C	43 B 609 B	149ms 48ms	Image image/gif	159.253.128.188 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US), Reverse DNS bc.80.fd9f.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Thu, 19 Aug 2021 15:50:16 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1942685120198677893	42 B 543 B	154ms 51ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1942685120198677893 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:14 GMT cache-control no-store, no-cache, private x-lat amspug010:0:402 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:15 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1942685120198677893 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:245c611f-cf37-4800-90a8-e38afe578ca2&gdpr=0&gdpr_consent=	42 B 495 B	82ms 52ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:245c611f-cf37-4800-90a8-e38afe578ca2&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:15 GMT cache-control no-store, no-cache, private x-lat amspug009:0:430 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Fri, 20 Aug 2021 15:49:35 GMT Server MT3 3853 9552a83 master cdg-pixel-x27 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:245c611f-cf37-4800-90a8-e38afe578ca2&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 20 Aug 2021 15:49:34 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=586ef582-8095-443d-9dae-236e1653a842	42 B 294 B	58ms 52ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=586ef582-8095-443d-9dae-236e1653a842 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:15 GMT cache-control no-store, no-cache, private x-lat amspug008:0:410 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 20 Aug 2021 15:50:16 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=586ef582-8095-443d-9dae-236e1653a842 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame D77C Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1961153555994826710&gdpr=0&gdpr_consent=	42 B 211 B	182ms 61ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1961153555994826710&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT cache-control no-store, no-cache, private x-lat lhrpug004:0:839 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 15:50:15 GMT X-Proxy-Origin 185.236.42.25; 185.236.42.25; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ddf5b8ed-0962-4cd8-9fe9-a367503f30a0 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1961153555994826710&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	CD06D8C1-189B-490E-A15C-1D29EBCD908B pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D77C	43 B 838 B	103ms 34ms	Image image/gif	2a00:1288:110:c305::8000 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/pubmatic/CD06D8C1-189B-490E-A15C-1D29EBCD908B?gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:15 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 content-type image/gif x-xss-protection 1; mode=block content-length 43 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame D77C	0 128 B	58ms 51ms	Script text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 15:50:16 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/