5b4c360cdfa0c2d27b0f330fda9ca8fdc78530b6ef3c8963128ca3dd16831d7d

max time kernel
112s
max time network
116s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
12/04/2023, 12:45 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Stargate_Network_v4.0.html
Size

314KB
MD5

8a90f27d1bd65bb3c1829260560691dc
SHA1

65e4236f1db8c81b49f1201d2f2a902b0a643787
SHA256

5b4c360cdfa0c2d27b0f330fda9ca8fdc78530b6ef3c8963128ca3dd16831d7d
SHA512

e0f7af116c114cc45967d6fbe5aa4a4167bc1a7065a4b5b4b8cde5bdd0418c2e7a4f0e26f775c915844f83b55ae21d3473d257581c90899af33e79ea124f717b
SSDEEP

3072:diggAkHnjPeQ6KSPq4oNF5Te+HcI4aW+LN7DxRLlzglKhHS:TgAkHnjPeQBSPqv9Zj4CN7jBhHS

Score

6^/10

persistence

Malware Config

Signatures

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133257771724048080"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
3132	chrome.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe

Suspicious use of SendNotifyMessage 30 IoCs

pid	Process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe
2016	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3132 wrote to memory of 3204	3132	chrome.exe	84
PID 3132 wrote to memory of 3204	3132	chrome.exe	84
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 220	3132	chrome.exe	85
PID 3132 wrote to memory of 3232	3132	chrome.exe	86
PID 3132 wrote to memory of 3232	3132	chrome.exe	86
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87
PID 3132 wrote to memory of 4296	3132	chrome.exe	87

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Stargate_Network_v4.0.html
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0b619758,0x7ffb0b619768,0x7ffb0b619778
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:2
  2⤵
  PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:8
  2⤵
  PID:3232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3212 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3228 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5068 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:8
  2⤵
  PID:1328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4144 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:8
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5352 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=948 --field-trial-handle=1824,i,2612266913086249620,8607622504084955511,131072 /prefetch:1
  2⤵
  PID:1816

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4000

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:4184
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:2016
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.0.1434880304\467057629" -parentBuildID 20221007134813 -prefsHandle 1852 -prefMapHandle 1812 -prefsLen 20890 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {949503ff-868d-45ed-8c73-4aceadd54ece} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 1928 1dfa9b80158 gpu
    3⤵
    PID:3392
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.1.1415141194\2117421117" -parentBuildID 20221007134813 -prefsHandle 2288 -prefMapHandle 2276 -prefsLen 20926 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e6c8977e-f0ed-4a4f-a854-2083c25e1ea4} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 2300 1df9bc72558 socket
    3⤵
    - Checks processor information in registry
    PID:840
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.2.1834748905\1291112556" -childID 1 -isForBrowser -prefsHandle 3088 -prefMapHandle 3084 -prefsLen 21074 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9981e65b-8a30-46e0-a2dc-685150bb4edf} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 3100 1dfac6f2458 tab
    3⤵
    PID:4252
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.3.701904694\1540382191" -childID 2 -isForBrowser -prefsHandle 1112 -prefMapHandle 3424 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2293a9bc-6db3-48dc-9846-f36ca87fef96} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 3480 1dfab24c958 tab
    3⤵
    PID:3716
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.4.276098177\2044007751" -childID 3 -isForBrowser -prefsHandle 3424 -prefMapHandle 1108 -prefsLen 26519 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2f3870a1-5025-4b27-93b7-9b3f47f898fd} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 3800 1df9bc62558 tab
    3⤵
    PID:1120
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.6.509236952\1598102476" -childID 5 -isForBrowser -prefsHandle 5296 -prefMapHandle 5292 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2809417c-0a58-4e61-adbb-c57ee7ff83bd} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 5212 1dfaf22e558 tab
    3⤵
    PID:5280
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.7.1068512526\1056699434" -childID 6 -isForBrowser -prefsHandle 5324 -prefMapHandle 5316 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {79a0b1fd-c13c-43f8-a309-2754e4c6197c} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 5384 1dfaf22df58 tab
    3⤵
    PID:5288
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.5.261762165\43751970" -childID 4 -isForBrowser -prefsHandle 5080 -prefMapHandle 5084 -prefsLen 26659 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8076eb80-27fa-4048-ba2c-9e2eaf5518a4} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 5100 1dfaf22b258 tab
    3⤵
    PID:5272
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.8.172795478\1818601489" -childID 7 -isForBrowser -prefsHandle 5848 -prefMapHandle 2700 -prefsLen 26738 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {be3faac5-1751-433a-ae1b-065a63642683} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 5940 1dfaa061e58 tab
    3⤵
    PID:5400
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.9.2017848914\177700862" -childID 8 -isForBrowser -prefsHandle 2856 -prefMapHandle 6088 -prefsLen 26930 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {229eba91-19d4-45c8-8d41-3ca8bf2cce41} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 6092 1dfab24d558 tab
    3⤵
    PID:5676
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.10.2073742483\866255041" -childID 9 -isForBrowser -prefsHandle 4948 -prefMapHandle 4836 -prefsLen 26930 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd94138c-f448-46ed-a7ea-9f79bfb2e452} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 2744 1dfafe63b58 tab
    3⤵
    PID:6036
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.11.1821332249\1792979053" -childID 10 -isForBrowser -prefsHandle 10112 -prefMapHandle 10124 -prefsLen 26930 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d8cec63-f84b-4491-8903-7498cd576911} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 10100 1dfb0fac058 tab
    3⤵
    PID:2180
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.12.177220880\1584434819" -childID 11 -isForBrowser -prefsHandle 2800 -prefMapHandle 4384 -prefsLen 26930 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cec00b9-2f01-40f7-95a9-bddb301e8f33} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 2804 1df9bc66558 tab
    3⤵
    PID:5016
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.13.172208934\1748265656" -childID 12 -isForBrowser -prefsHandle 4916 -prefMapHandle 4828 -prefsLen 27195 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c978944a-2e3a-4571-a199-d381f46359ab} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 3468 1df9bc69658 tab
    3⤵
    PID:5540
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.14.1133892250\1148882509" -childID 13 -isForBrowser -prefsHandle 9160 -prefMapHandle 4884 -prefsLen 27195 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04ffc796-6a49-4793-bf32-992cb7406cd2} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 5312 1dfb0aeee58 tab
    3⤵
    PID:5496
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2016.15.798674813\602580548" -childID 14 -isForBrowser -prefsHandle 10128 -prefMapHandle 3760 -prefsLen 27195 -prefMapSize 232675 -jsInitHandle 1460 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {62dbe89b-d642-4cd1-961b-38594e7e16b0} 2016 "\\.\pipe\gecko-crash-server-pipe.2016" 6096 1dfb277b958 tab
    3⤵
    PID:1784

Network

DNS

assets.msn.com

Remote address:

8.8.8.8:53

Request

assets.msn.com

IN A

Response

assets.msn.com

IN CNAME

assets.msn.com.edgekey.net

assets.msn.com.edgekey.net

IN CNAME

e28578.d.akamaiedge.net

e28578.d.akamaiedge.net

IN A

2.16.241.76

e28578.d.akamaiedge.net

IN A

2.16.241.97
DNS

76.241.16.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.241.16.2.in-addr.arpa

IN PTR

Response

76.241.16.2.in-addr.arpa

IN PTR

a2-16-241-76deploystaticakamaitechnologiescom
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

btloader.com

IN A

Response

btloader.com

IN A

104.26.7.139

btloader.com

IN A

104.26.6.139

btloader.com

IN A

172.67.70.134
GET

https://btloader.com/tag?o=5678961798414336&upapi=true

chrome.exe

Remote address:

104.26.7.139:443

Request

GET /tag?o=5678961798414336&upapi=true HTTP/2.0
host: btloader.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:48 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"3232397e3f79acca254b17e7deb50cbf"
last-modified: Wed, 12 Apr 2023 12:34:09 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 527
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v42sR0DXb2v9dZAAksjzIJfsDRgnnJC2a2W1gk4h7FkcJB6lnPvES9q4PSAwlatji0RhzfgvwbMINKGzAfJ6GaVZnLyCcfWjvdxMv%2FJp61TwHCt%2F44GFJkjUY1N8eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b6b918bb9f9b766-AMS
content-encoding: br
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN A

Response

static.cloudflareinsights.com

IN A

104.16.56.101

static.cloudflareinsights.com

IN A

104.16.57.101
DNS

fundingchoicesmessages.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
DNS

cdn.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN A

Response

cdn.amplitude.com

IN A

108.156.61.29

cdn.amplitude.com

IN A

108.156.61.65

cdn.amplitude.com

IN A

108.156.61.101

cdn.amplitude.com

IN A

108.156.61.171
DNS

translate.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate.google.com

IN A

Response

translate.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
GET

https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

chrome.exe

Remote address:

104.16.56.101:443

Request

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/2.0
host: static.cloudflareinsights.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:48 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b918cbf330eae-AMS
content-encoding: gzip
GET

https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

chrome.exe

Remote address:

104.16.56.101:443

Request

GET /beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996 HTTP/2.0
host: static.cloudflareinsights.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.mediafire.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:09 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.1
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b920ac8fb0eae-AMS
content-encoding: gzip
DNS

securepubads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

172.217.168.194
GET

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

chrome.exe

Remote address:

108.156.61.29:443

Request

GET /libs/amplitude-8.5.0-min.gz.js HTTP/2.0
host: cdn.amplitude.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 22154
date: Tue, 21 Mar 2023 01:47:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
etag: "660c3b546f2a131de50b69b91f26c636"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: yeKNPW3N7lvnZcpcJc4jfpRJLvDZ5XpxdtjAWF0WSAAIGuNZaMBW_Q==
age: 1940322
GET

https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

chrome.exe

Remote address:

142.250.179.206:443

Request

GET /f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

chrome.exe

Remote address:

142.250.179.206:443

Request

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/2.0
host: translate.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

chrome.exe

Remote address:

172.217.168.194:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

200.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.179.250.142.in-addr.arpa

IN PTR

Response

200.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f81e100net
DNS

195.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.179.250.142.in-addr.arpa

IN PTR

Response

195.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f31e100net
DNS

139.7.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.7.26.104.in-addr.arpa

IN PTR

Response
DNS

101.56.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

101.56.16.104.in-addr.arpa

IN PTR

Response
DNS

29.61.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.61.156.108.in-addr.arpa

IN PTR

Response

29.61.156.108.in-addr.arpa

IN PTR

server-108-156-61-29ams1r cloudfrontnet
DNS

206.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.179.250.142.in-addr.arpa

IN PTR

Response

206.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f141e100net
DNS

194.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.168.217.172.in-addr.arpa

IN PTR

Response

194.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f21e100net
DNS

cdn.otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.otnolatrnup.com

IN A

Response

cdn.otnolatrnup.com

IN A

104.19.215.37

cdn.otnolatrnup.com

IN A

104.19.214.37
GET

https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

chrome.exe

Remote address:

104.19.215.37:443

Request

GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/2.0
host: cdn.otnolatrnup.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:49 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Wed, 12 Apr 2023 12:41:06 GMT
cf-cache-status: HIT
age: 60
server: cloudflare
cf-ray: 7b6b918f4fa00c69-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=7795&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

chrome.exe

Remote address:

104.19.215.37:443

Request

GET /Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=7795&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone HTTP/2.0
host: otnolatrnup.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:50 GMT
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: __INF_CC=; expires=Sun, 02-Apr-2023 12:45:50 GMT; path=/
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=0427e31d-5f9a-4231-8d3e-802e8e264aa0; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=6A8CF9; path=/; SameSite=None; secure
set-cookie: VMI=; path=/; SameSite=None; secure
set-cookie: CHN=#[]; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP=null; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#False; expires=Wed, 12-Apr-2023 16:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH=#{"101":[{"SId":"6A8CF9","D":"23/4/12T5:45:50"}]}; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[101]; expires=Tue, 12-Apr-2033 12:45:50 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b6b91933a190c69-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

ad-delivery.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ad-delivery.net

IN A

Response

ad-delivery.net

IN A

104.26.3.70

ad-delivery.net

IN A

104.26.2.70

ad-delivery.net

IN A

172.67.69.19
GET

https://ad-delivery.net/px.gif?ch=2

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=2 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:49 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708137
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0CefuMq6plqcfdy3P0efq2v083QH%2FTfWNdBm9aC2XBeOXQbXmoEtqTBybCndRPcqgTjO3nmXFYTZD3SH%2FRPlQGaxReo5VKC7u9%2Bn8qmND1sk1Hb1JkAkcLxFORUsLoToA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b91917f22b760-AMS
GET

https://ad-delivery.net/px.gif?ch=1&e=0.21889058205525136

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.21889058205525136 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:45:49 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708137
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGFhxG6uOQ8Ra1Rm1je0fPN86CCtYAr6JWz5%2BW9A8BvrbmqwJyr4O%2B0Wp8PAeLQf9sNRs7rx6I3c2YWG3zbkmzJMpxyr1R3OKunY3znB0Rdr1k4H4Kl8l3NE2IWDa7AHpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b91917f23b760-AMS
GET

https://ad-delivery.net/px.gif?ch=1&e=0.4618025689887766

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.4618025689887766 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:19 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708167
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2MSyphVes5XZtXCcuH8IcCAslTliuA6Turp%2B5VJaQ0w23uDcvc84%2B55hCQD%2FMIEpn5vsKnZjy46QFnN3v1iGdb6itpAWT8AwsAXs8%2FSTCs3GWT5%2F62zhPtzA%2BfwldEaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b92495b79b760-AMS
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN A

Response

api.amplitude.com

IN A

44.239.150.149

api.amplitude.com

IN A

50.112.114.242

api.amplitude.com

IN A

35.83.25.100

api.amplitude.com

IN A

34.211.209.234

api.amplitude.com

IN A

44.239.189.233

api.amplitude.com

IN A

54.148.207.183

api.amplitude.com

IN A

44.238.14.4

api.amplitude.com

IN A

54.213.220.225
DNS

otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

otnolatrnup.com

IN A

Response

otnolatrnup.com

IN A

104.19.215.37

otnolatrnup.com

IN A

104.19.214.37
DNS

translate.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate.google.com

IN A

Response

translate.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
DNS

112.211.227.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

112.211.227.13.in-addr.arpa

IN PTR

Response

112.211.227.13.in-addr.arpa

IN PTR

server-13-227-211-112ams54r cloudfrontnet
DNS

star-mini.c10r.facebook.com

Remote address:

8.8.8.8:53

Request

star-mini.c10r.facebook.com

IN A

Response

star-mini.c10r.facebook.com

IN A

157.240.5.35
DNS

37.215.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.215.19.104.in-addr.arpa

IN PTR

Response
DNS

102.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.39.251.142.in-addr.arpa

IN PTR

Response

102.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f61e100net
DNS

70.3.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

70.3.26.104.in-addr.arpa

IN PTR

Response
DNS

110.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.39.251.142.in-addr.arpa

IN PTR

Response

110.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f141e100net
DNS

149.150.239.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.150.239.44.in-addr.arpa

IN PTR

Response

149.150.239.44.in-addr.arpa

IN PTR

ec2-44-239-150-149 us-west-2compute amazonawscom
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

download1502.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

download1502.mediafire.com

IN A

Response

download1502.mediafire.com

IN A

205.196.123.190
GET

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

chrome.exe

Remote address:

205.196.123.190:443

Request

GET /17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z HTTP/1.1
Host: download1502.mediafire.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

server: bd-0.1.21
location: https://www.mediafire.com/download_repair.php?flag=4&dkey=17ydfwcx3meg&qkey=83e94f7jhl5jyyf&ip=154%2E61%2E71%2E51
content-length: 0
date: Wed, 12 Apr 2023 12:46:06 GMT
GET

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

chrome.exe

Remote address:

205.196.123.190:443

Request

GET /17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z HTTP/1.1
Host: download1502.mediafire.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ukey=9jcynbiyomn5m093ayelcn56rpcx5hnp; __cf_bm=TN5BE3JHLUDyBTcpEiLtp1Z0vrDFo3QOCR5W44dMk4g-1681303571-0-AYXYjt0wD1pEy5zSDQ+ipu+4nb944YI6ej7749C3O8SsvS7EAH8SPF7M8hs9jVOs8CEYKPeutqYSfy6ji5er48bJKSLu4rmyooQwRTlfRbtZBJbfPRGrDZoYLYMmb3qkkX/vqa9+L8fwroL8uXRZx40iaI41kADYlsUtf6ZnK54a

Response

HTTP/1.1 302 Found

server: bd-0.1.21
location: https://www.mediafire.com/download_repair.php?flag=4&dkey=17ydfwcx3meg&qkey=83e94f7jhl5jyyf&ip=154%2E61%2E71%2E51
content-length: 0
date: Wed, 12 Apr 2023 12:46:24 GMT
DNS

www.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN A

Response

www.mediafire.com

IN A

104.16.53.48

www.mediafire.com

IN A

104.16.54.48
DNS

190.123.196.205.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.123.196.205.in-addr.arpa

IN PTR

Response
DNS

190.123.196.205.in-addr.arpa

Remote address:

8.8.8.8:53

Request

190.123.196.205.in-addr.arpa

IN PTR

Response
DNS

52.212.199.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.212.199.91.in-addr.arpa

IN PTR

Response

52.212.199.91.in-addr.arpa

IN PTR

crtsectigocom
DNS

48.53.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.53.16.104.in-addr.arpa

IN PTR

Response
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.138
DNS

static.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.mediafire.com

IN A

Response

static.mediafire.com

IN A

104.16.54.48

static.mediafire.com

IN A

104.16.53.48
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

chrome.exe

Remote address:

142.250.179.138:443

Request

GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

chrome.exe

Remote address:

142.250.179.138:443

Request

GET /v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/2.0
host: translate-pa.googleapis.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

106.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.208.58.216.in-addr.arpa

IN PTR

Response

106.208.58.216.in-addr.arpa

IN PTR

ams17s08-in-f101e100net

106.208.58.216.in-addr.arpa

IN PTR

sof01s11-in-f106�I
DNS

138.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.179.250.142.in-addr.arpa

IN PTR

Response

138.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f101e100net
DNS

131.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.179.250.142.in-addr.arpa

IN PTR

Response

131.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f31e100net
DNS

translate.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate.googleapis.com

IN A

Response

translate.googleapis.com

IN A

172.217.168.202
GET

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main

chrome.exe

Remote address:

172.217.168.202:443

Request

GET /_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main HTTP/2.0
host: translate.googleapis.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

translate-pa.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate-pa.googleapis.com

IN A

Response

translate-pa.googleapis.com

IN A

142.250.179.202

translate-pa.googleapis.com

IN A

142.251.36.10

translate-pa.googleapis.com

IN A

142.251.39.106

translate-pa.googleapis.com

IN A

216.58.214.10

translate-pa.googleapis.com

IN A

142.250.179.138

translate-pa.googleapis.com

IN A

142.251.36.42

translate-pa.googleapis.com

IN A

142.250.179.170
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

172.217.168.202

content-autofill.googleapis.com

IN A

216.58.208.106

content-autofill.googleapis.com

IN A

216.58.214.10

content-autofill.googleapis.com

IN A

142.250.179.138

content-autofill.googleapis.com

IN A

142.251.36.42

content-autofill.googleapis.com

IN A

172.217.168.234

content-autofill.googleapis.com

IN A

142.250.179.170

content-autofill.googleapis.com

IN A

142.250.179.202

content-autofill.googleapis.com

IN A

142.251.36.10

content-autofill.googleapis.com

IN A

142.251.39.106
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSLAn9uqUg1dGU6RIFDRVQj_4SBQ1a3e0uEgUNUopJoxIFDUC-9V0SBQ1AWQ9b?alt=proto

chrome.exe

Remote address:

172.217.168.202:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSLAn9uqUg1dGU6RIFDRVQj_4SBQ1a3e0uEgUNUopJoxIFDUC-9V0SBQ1AWQ9b?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CPr5ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

202.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.168.217.172.in-addr.arpa

IN PTR

Response

202.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f101e100net
DNS

static.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.mediafire.com

IN A

Response

static.mediafire.com

IN A

104.16.53.48

static.mediafire.com

IN A

104.16.54.48
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

202.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.179.250.142.in-addr.arpa

IN PTR

Response

202.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f101e100net
DNS

62.13.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.13.109.52.in-addr.arpa

IN PTR

Response
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response
DNS

getpocket.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

getpocket.cdn.mozilla.net

IN A

Response

getpocket.cdn.mozilla.net

IN CNAME

getpocket-cdn.prod.mozaws.net

getpocket-cdn.prod.mozaws.net

IN CNAME

prod.pocket.prod.cloudops.mozgcp.net

prod.pocket.prod.cloudops.mozgcp.net

IN A

34.120.5.221
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN A

35.241.9.150
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

44.236.158.174

shavar.prod.mozaws.net

IN A

44.241.53.229

shavar.prod.mozaws.net

IN A

54.214.73.137

shavar.prod.mozaws.net

IN A

35.83.144.93

shavar.prod.mozaws.net

IN A

44.238.157.127

shavar.prod.mozaws.net

IN A

54.148.4.3
GET

https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30

firefox.exe

Remote address:

34.120.5.221:443

Request

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30 HTTP/2.0
host: getpocket.cdn.mozilla.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.117.65.55
DNS

prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.pocket.prod.cloudops.mozgcp.net

IN A

Response

prod.pocket.prod.cloudops.mozgcp.net

IN A

34.120.5.221
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

35.83.144.93

shavar.prod.mozaws.net

IN A

44.241.53.229

shavar.prod.mozaws.net

IN A

54.214.73.137

shavar.prod.mozaws.net

IN A

44.236.158.174

shavar.prod.mozaws.net

IN A

54.148.4.3

shavar.prod.mozaws.net

IN A

44.238.157.127
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN A

Response

autopush.prod.mozaws.net

IN A

34.117.65.55
DNS

prod.pocket.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

Response

prod.pocket.prod.cloudops.mozgcp.net

IN AAAA

2600:1901:0:524c::
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN AAAA

Response
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
GET

https://push.services.mozilla.com/

firefox.exe

Remote address:

34.117.65.55:443

Request

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9TyBerK1pxQOj3labf08DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

Response

HTTP/1.1 101 Switching Protocols

Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vzh2Vq6f1NOYFZPbpN/MonMO//I=
Date: Wed, 12 Apr 2023 12:46:37 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN A

35.241.9.150
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN AAAA

Response
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

239.237.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

239.237.117.34.in-addr.arpa

IN PTR

Response

239.237.117.34.in-addr.arpa

IN PTR

23923711734bcgoogleusercontentcom
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

221.5.120.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.5.120.34.in-addr.arpa

IN PTR

Response

221.5.120.34.in-addr.arpa

IN PTR

221512034bcgoogleusercontentcom
DNS

150.9.241.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.9.241.35.in-addr.arpa

IN PTR

Response

150.9.241.35.in-addr.arpa

IN PTR

150924135bcgoogleusercontentcom
DNS

191.144.160.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

191.144.160.34.in-addr.arpa

IN PTR

Response

191.144.160.34.in-addr.arpa

IN PTR

19114416034bcgoogleusercontentcom
DNS

191.144.160.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

191.144.160.34.in-addr.arpa

IN PTR

Response

191.144.160.34.in-addr.arpa

IN PTR

19114416034bcgoogleusercontentcom
DNS

55.65.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.65.117.34.in-addr.arpa

IN PTR

Response

55.65.117.34.in-addr.arpa

IN PTR

556511734bcgoogleusercontentcom
DNS

55.65.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.65.117.34.in-addr.arpa

IN PTR

Response

55.65.117.34.in-addr.arpa

IN PTR

556511734bcgoogleusercontentcom
DNS

174.158.236.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.158.236.44.in-addr.arpa

IN PTR

Response

174.158.236.44.in-addr.arpa

IN PTR

ec2-44-236-158-174 us-west-2compute amazonawscom
DNS

btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

btloader.com

IN A

Response

btloader.com

IN A

104.26.6.139

btloader.com

IN A

104.26.7.139

btloader.com

IN A

172.67.70.134
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN A

Response

static.cloudflareinsights.com

IN A

104.16.56.101

static.cloudflareinsights.com

IN A

104.16.57.101
DNS

fundingchoicesmessages.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
DNS

securepubads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

172.217.168.194
DNS

www3.l.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www3.l.google.com

IN A

Response

www3.l.google.com

IN A

142.250.179.206
DNS

btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

btloader.com

IN AAAA

Response

btloader.com

IN AAAA

2606:4700:20::681a:78b

btloader.com

IN AAAA

2606:4700:20::ac43:4686

btloader.com

IN AAAA

2606:4700:20::681a:68b
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN AAAA

Response

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:3865

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:3965
DNS

static.cloudflareinsights.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN AAAA

Response

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:3865

static.cloudflareinsights.com

IN AAAA

2606:4700::6810:3965
DNS

cdn.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN A

Response

cdn.amplitude.com

IN A

108.156.61.171

cdn.amplitude.com

IN A

108.156.61.29

cdn.amplitude.com

IN A

108.156.61.101

cdn.amplitude.com

IN A

108.156.61.65
DNS

www3.l.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www3.l.google.com

IN AAAA

Response

www3.l.google.com

IN AAAA

2a00:1450:400e:803::200e
GET

https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

firefox.exe

Remote address:

142.250.179.206:443

Request

GET /f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= HTTP/2.0
host: fundingchoicesmessages.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://btloader.com/tag?o=5678961798414336&upapi=true

firefox.exe

Remote address:

104.26.6.139:443

Request

GET /tag?o=5678961798414336&upapi=true HTTP/2.0
host: btloader.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:47 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"3232397e3f79acca254b17e7deb50cbf"
last-modified: Wed, 12 Apr 2023 12:34:09 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRWSXj5poNcZfPKi94ndFVbEMhpIGc4hVN%2FyaoDw%2BnaX17a2%2BgHxoj%2Bh1AuVYITLIQB0b0g6pAZHcuYgNy5oSqPlfCwg1fAoLQBAgUMmUn5SBWd%2FMiEz4vE7B8VhJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b6b92fc888406c0-AMS
content-encoding: br
GET

https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

firefox.exe

Remote address:

104.16.56.101:443

Request

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/2.0
host: static.cloudflareinsights.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: null
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:47 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b92fc7a1cb794-AMS
content-encoding: gzip
GET

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

firefox.exe

Remote address:

108.156.61.171:443

Request

GET /libs/amplitude-8.5.0-min.gz.js HTTP/2.0
host: cdn.amplitude.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: null
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 22154
date: Tue, 21 Mar 2023 01:47:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
etag: "660c3b546f2a131de50b69b91f26c636"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: F04FFyRPcu0LnQ8DtTC3vtM03rQjhuufl3u2CFzgMjjfhozvVAYTKQ==
age: 1940380
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

firefox.exe

Remote address:

172.217.168.194:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

cdn.otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.otnolatrnup.com

IN A

Response

cdn.otnolatrnup.com

IN A

104.19.215.37

cdn.otnolatrnup.com

IN A

104.19.214.37
DNS

securepubads46.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

securepubads46.g.doubleclick.net

IN A

Response

securepubads46.g.doubleclick.net

IN A

172.217.168.194
DNS

cdn.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN AAAA

Response
DNS

securepubads46.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

securepubads46.g.doubleclick.net

IN AAAA

Response

securepubads46.g.doubleclick.net

IN AAAA

2a00:1450:400e:80c::2002
DNS

cdn.otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.otnolatrnup.com

IN AAAA

Response

cdn.otnolatrnup.com

IN AAAA

2606:4700::6813:d625

cdn.otnolatrnup.com

IN AAAA

2606:4700::6813:d725
GET

https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

firefox.exe

Remote address:

104.19.215.37:443

Request

GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/2.0
host: cdn.otnolatrnup.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:47 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Wed, 12 Apr 2023 12:41:06 GMT
cf-cache-status: HIT
age: 268
server: cloudflare
cf-ray: 7b6b92fdbc53d0b5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

ad-delivery.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ad-delivery.net

IN A

Response

ad-delivery.net

IN A

104.26.3.70

ad-delivery.net

IN A

172.67.69.19

ad-delivery.net

IN A

104.26.2.70
GET

https://ad-delivery.net/px.gif?ch=2

firefox.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=2 HTTP/2.0
host: ad-delivery.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:48 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708196
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaEknPYjFyXqucVwTMOqhzWsSEYXXF4FRXrQGBRUFGSJ1YOmBfX72ru3QkSUXwH8tbzWHgQC8%2ByOAC7yfQZqCx3fRvNgfufFKbZWYrAW%2FbXexjZYjpCzCm9Zyep9Cjy7HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b92ff8c58b7bb-AMS
GET

https://ad-delivery.net/px.gif?ch=1&e=0.056183486263103766

firefox.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.056183486263103766 HTTP/2.0
host: ad-delivery.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:48 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708196
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LePBkaW86KnljhsC33eNE3KkkNnVKhqtkCnXOCCBGzPWvyXwjRnEnThuy19hL3dTyJyhi5MNoIO88CHlEK3G7CFRILVYmkTICuq%2F1jnsbhSqkv5iDev80455mYbU4D7AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b92ff8c60b7bb-AMS
GET

https://ad-delivery.net/px.gif?ch=1&e=0.8154517507619563

firefox.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.8154517507619563 HTTP/2.0
host: ad-delivery.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:47:10 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycduUS_zBSzbe5tmuh5x5V8E-RKj_MFZgYGwSDivT9NMqwgQCq9a1Iyxz-Pb7H_jZZlSLH9Fr1qvxI6IGVi9lLNLbeE5fbsXp
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 23 Mar 2023 18:59:09 GMT
cache-control: public, max-age=86400
age: 1708218
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF71yNKmkhEts0uSV%2BGlqgGU4aYwL7qAU59%2FafHfqggtz5GHh%2FMNi%2BMpiy%2B4HoaF4fzVzbH2r5KTsDZHJS8GnjzUwn75etlU7mQiif0n7zieRl7VBcFLQLxB8ZZrwT7Dew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b9387db80b7bb-AMS
DNS

ad-delivery.net

firefox.exe

Remote address:

8.8.8.8:53

Request

ad-delivery.net

IN AAAA

Response

ad-delivery.net

IN AAAA

2606:4700:20::681a:246

ad-delivery.net

IN AAAA

2606:4700:20::681a:346

ad-delivery.net

IN AAAA

2606:4700:20::ac43:4513
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN A

Response

api.amplitude.com

IN A

52.13.86.78

api.amplitude.com

IN A

52.34.3.55

api.amplitude.com

IN A

52.35.249.60

api.amplitude.com

IN A

44.225.128.118

api.amplitude.com

IN A

52.13.56.114

api.amplitude.com

IN A

35.83.172.14

api.amplitude.com

IN A

34.217.204.4

api.amplitude.com

IN A

35.162.182.85
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN A

Response

api.amplitude.com

IN A

54.185.185.31

api.amplitude.com

IN A

34.212.77.55

api.amplitude.com

IN A

52.32.241.165

api.amplitude.com

IN A

54.68.161.148

api.amplitude.com

IN A

52.26.42.36

api.amplitude.com

IN A

35.167.17.63

api.amplitude.com

IN A

35.162.182.85

api.amplitude.com

IN A

54.188.151.207
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN AAAA

Response
DNS

otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

otnolatrnup.com

IN A

Response

otnolatrnup.com

IN A

104.19.215.37

otnolatrnup.com

IN A

104.19.214.37
DNS

otnolatrnup.com

firefox.exe

Remote address:

8.8.8.8:53

Request

otnolatrnup.com

IN AAAA

Response

otnolatrnup.com

IN AAAA

2606:4700::6813:d725

otnolatrnup.com

IN AAAA

2606:4700::6813:d625
DNS

139.6.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.6.26.104.in-addr.arpa

IN PTR

Response
DNS

171.61.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.61.156.108.in-addr.arpa

IN PTR

Response

171.61.156.108.in-addr.arpa

IN PTR

server-108-156-61-171ams1r cloudfrontnet
DNS

www.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN A

Response

www.mediafire.com

IN A

104.16.53.48

www.mediafire.com

IN A

104.16.54.48
DNS

download1502.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

download1502.mediafire.com

IN A

Response

download1502.mediafire.com

IN A

205.196.123.190
DNS

prf.hn

firefox.exe

Remote address:

8.8.8.8:53

Request

prf.hn

IN A

Response

prf.hn

IN A

5.150.170.4

prf.hn

IN A

5.150.170.5

prf.hn

IN A

5.150.170.6
DNS

www.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN AAAA

Response
DNS

blog.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

blog.mediafire.com

IN A

Response

blog.mediafire.com

IN A

104.16.54.48

blog.mediafire.com

IN A

104.16.53.48
DNS

download1502.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

download1502.mediafire.com

IN AAAA

Response
DNS

download1502.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

download1502.mediafire.com

IN AAAA

Response
DNS

prf.hn

firefox.exe

Remote address:

8.8.8.8:53

Request

prf.hn

IN A

Response

prf.hn

IN A

5.150.170.5

prf.hn

IN A

5.150.170.4

prf.hn

IN A

5.150.170.6
DNS

prf.hn

firefox.exe

Remote address:

8.8.8.8:53

Request

prf.hn

IN AAAA

Response
DNS

blog.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

blog.mediafire.com

IN A

Response

blog.mediafire.com

IN A

104.16.54.48

blog.mediafire.com

IN A

104.16.53.48
DNS

vividengine.com

firefox.exe

Remote address:

8.8.8.8:53

Request

vividengine.com

IN A

Response

vividengine.com

IN A

104.18.19.82

vividengine.com

IN A

104.18.18.82
DNS

mediafire.zendesk.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mediafire.zendesk.com

IN A

Response

mediafire.zendesk.com

IN A

104.16.53.111

mediafire.zendesk.com

IN A

104.16.51.111
DNS

mediafire.zendesk.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mediafire.zendesk.com

IN A

Response

mediafire.zendesk.com

IN A

104.16.53.111

mediafire.zendesk.com

IN A

104.16.51.111
DNS

blog.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

blog.mediafire.com

IN AAAA

Response
DNS

vividengine.com

firefox.exe

Remote address:

8.8.8.8:53

Request

vividengine.com

IN A

Response

vividengine.com

IN A

104.18.19.82

vividengine.com

IN A

104.18.18.82
DNS

mediafire.zendesk.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mediafire.zendesk.com

IN AAAA

Response
DNS

mediafire.zendesk.com

firefox.exe

Remote address:

8.8.8.8:53

Request

mediafire.zendesk.com

IN AAAA

Response
DNS

twitter.com

firefox.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.193
DNS

vividengine.com

firefox.exe

Remote address:

8.8.8.8:53

Request

vividengine.com

IN AAAA

Response

vividengine.com

IN AAAA

2606:4700::6812:1352

vividengine.com

IN AAAA

2606:4700::6812:1252
DNS

www.facebook.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.201.35
DNS

twitter.com

firefox.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.129

twitter.com

IN A

104.244.42.1

twitter.com

IN A

104.244.42.193

twitter.com

IN A

104.244.42.65
DNS

twitter.com

firefox.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.193

twitter.com

IN A

104.244.42.129

twitter.com

IN A

104.244.42.1

twitter.com

IN A

104.244.42.65
DNS

star-mini.c10r.facebook.com

firefox.exe

Remote address:

8.8.8.8:53

Request

star-mini.c10r.facebook.com

IN AAAA

Response

star-mini.c10r.facebook.com

IN AAAA

2a03:2880:f178:89:face:b00c:0:25de
DNS

star-mini.c10r.facebook.com

firefox.exe

Remote address:

8.8.8.8:53

Request

star-mini.c10r.facebook.com

IN AAAA

Response

star-mini.c10r.facebook.com

IN AAAA

2a03:2880:f178:89:face:b00c:0:25de
DNS

78.86.13.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.86.13.52.in-addr.arpa

IN PTR

Response

78.86.13.52.in-addr.arpa

IN PTR

ec2-52-13-86-78 us-west-2compute amazonawscom
GET

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

firefox.exe

Remote address:

205.196.123.190:443

Request

GET /17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z HTTP/1.1
Host: download1502.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

Response

HTTP/1.1 302 Found

server: bd-0.1.21
location: https://www.mediafire.com/download_repair.php?flag=4&dkey=17ydfwcx3meg&qkey=83e94f7jhl5jyyf&ip=154%2E61%2E71%2E51
content-length: 0
date: Wed, 12 Apr 2023 12:46:51 GMT
GET

https://otnolatrnup.com/fp.engine?id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=90953&ver=async&time=0&referrerUrl=&subId=&tid=&abr=false&res=1280x720&stdTime=0&fpe=1&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&spt=0

firefox.exe

Remote address:

104.19.215.37:443

Request

GET /fp.engine?id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=90953&ver=async&time=0&referrerUrl=&subId=&tid=&abr=false&res=1280x720&stdTime=0&fpe=1&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&spt=0 HTTP/2.0
host: otnolatrnup.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=64b35a70-df3f-4922-8aca-36d6a6e5dc01; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=6A8CFA; path=/; SameSite=None; secure
set-cookie: VMI=; path=/; SameSite=None; secure
set-cookie: IPLH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: CHN=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP=null; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#False; expires=Wed, 12-Apr-2023 16:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH=#{}; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH_Q=#[]; expires=Tue, 12-Apr-2033 12:46:51 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b6b93130c50b88e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.138
GET

https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

firefox.exe

Remote address:

104.16.56.101:443

Request

GET /beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996 HTTP/2.0
host: static.cloudflareinsights.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://www.mediafire.com
referer: https://www.mediafire.com/
sec-fetch-dest: script
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.1
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b6b9318ea39b73d-AMS
content-encoding: gzip
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

firefox.exe

Remote address:

142.250.179.138:443

Request

GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mediafire.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

static.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.mediafire.com

IN AAAA

Response
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.251.39.106
DNS

ajax.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN AAAA

Response

ajax.googleapis.com

IN AAAA

2a00:1450:400e:810::200a
GET

http://otnolatrnup.com/hideref.engine?d=https%3a%2f%2fworeppercomming.com%2f90c1a7c4-9526-4fe6-befc-18062e96619e%3fcampaignname%3d2_OperaGX%26placementname%3d2_OperaGX_NL_Win_WL%26bid%3d1.725%26totalcpv%3d0.001725%26channel%3dFile%2bHosting%2b%2526%2bSharing%26subchannel%3dFile%2bHosting%2b%2526%2bSharing%26medianame%3d2_OperaGX_WW_5.22%26keywords%3donline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%2conline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%26sourceid%3d101%26domainid%3d78947%26cpv%3d0.001725%26s2sParam%3d07029594-5d91-4490-9ae1-5ec69472fe03

firefox.exe

Remote address:

104.19.215.37:80

Request

GET /hideref.engine?d=https%3a%2f%2fworeppercomming.com%2f90c1a7c4-9526-4fe6-befc-18062e96619e%3fcampaignname%3d2_OperaGX%26placementname%3d2_OperaGX_NL_Win_WL%26bid%3d1.725%26totalcpv%3d0.001725%26channel%3dFile%2bHosting%2b%2526%2bSharing%26subchannel%3dFile%2bHosting%2b%2526%2bSharing%26medianame%3d2_OperaGX_WW_5.22%26keywords%3donline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%2conline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%26sourceid%3d101%26domainid%3d78947%26cpv%3d0.001725%26s2sParam%3d07029594-5d91-4490-9ae1-5ec69472fe03 HTTP/1.1
Host: otnolatrnup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Response

HTTP/1.1 302 Found

Date: Wed, 12 Apr 2023 12:46:52 GMT
Content-Length: 0
Connection: keep-alive
Location: https://otnolatrnup.com/hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_NL_Win_WL%26bid%3D1.725%26totalcpv%3D0.001725%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D78947%26cpv%3D0.001725%26s2sParam%3D07029594-5d91-4490-9ae1-5ec69472fe03
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b6b931c38fb0df4-AMS
alt-svc: h2=":443"; ma=60
DNS

woreppercomming.com

firefox.exe

Remote address:

8.8.8.8:53

Request

woreppercomming.com

IN A

Response

woreppercomming.com

IN A

13.127.149.1
GET

https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_NL_Win_WL&bid=1.725&totalcpv=0.001725&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=78947&cpv=0.001725&s2sParam=07029594-5d91-4490-9ae1-5ec69472fe03

firefox.exe

Remote address:

13.127.149.1:443

Request

GET /90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_NL_Win_WL&bid=1.725&totalcpv=0.001725&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=78947&cpv=0.001725&s2sParam=07029594-5d91-4490-9ae1-5ec69472fe03 HTTP/2.0
host: woreppercomming.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

server: nginx
date: Wed, 12 Apr 2023 12:46:53 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.ostlon.com/cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=wkvs2m2j1o1vg4vnisjq259c
pragma: no-cache
set-cookie: 90c1a7c4-9526-4fe6-befc-18062e96619e-v4=yThtljsSHn6_Mm0PEsyeLbxnfhjpubfmT3_lTbSrehE; Max-Age=86400; Expires=Thu, 13-Apr-2023 12:46:53 GMT; Domain=woreppercomming.com; Path=/; Secure; HttpOnly;SameSite=None
set-cookie: cc-v4=HDIvTIzmYPVXkO94AGq7XdeqQsxvqedYjY%2BC0GqyuB%2Fax0Z7AKRV435iJNSAjzGuBkEiPLi1H6nLmn8955MZHIBTN9VdzteCSQi9P7r3%2Fbs1%2BVDVu3cXsCevQr2t39j9dX8SUw6Xcf%2BrM2hSG5fxcg%3D%3D; Max-Age=31536000; Expires=Thu, 11-Apr-2024 12:46:53 GMT; Domain=woreppercomming.com; Path=/; Secure; HttpOnly;SameSite=None
DNS

woreppercomming.com

firefox.exe

Remote address:

8.8.8.8:53

Request

woreppercomming.com

IN A

Response

woreppercomming.com

IN A

13.127.149.1
DNS

woreppercomming.com

firefox.exe

Remote address:

8.8.8.8:53

Request

woreppercomming.com

IN AAAA

Response
DNS

1.149.127.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.149.127.13.in-addr.arpa

IN PTR

Response

1.149.127.13.in-addr.arpa

IN PTR

ec2-13-127-149-1 ap-south-1compute amazonawscom
DNS

www.ostlon.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.ostlon.com

IN A

Response

www.ostlon.com

IN A

188.114.97.0

www.ostlon.com

IN A

188.114.96.0
GET

https://www.ostlon.com/cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=wkvs2m2j1o1vg4vnisjq259c

firefox.exe

Remote address:

188.114.97.0:443

Request

GET /cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=wkvs2m2j1o1vg4vnisjq259c HTTP/2.0
host: www.ostlon.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

date: Wed, 12 Apr 2023 12:46:53 GMT
content-type: text/html; charset=utf-8
location: https://www.opera.com/gx?utm_content=2923_c25be22e-ac35-4bba-a2b8-212f01034d26&utm_source=PWNgames&utm_medium=pa&utm_campaign=PWN_IN&utm_id=c1466faeb0dc4095a9a3bf615f4cedc2&edition=std-1
accept-ch: Sec-Ch-Ua-Platform-Version
x-eflow-request-id: c0966764-fa25-4a8e-8724-b7a653fae6c7
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
x-served-by: cache-ams21058-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1681303614.795333,VS0,VE122
vary: Origin
set-cookie: uniqueClick_P5HPHB=e52e0bef-01eb-4c2e-a145-fec622557c61:1681303613; Path=/; Expires=Thu, 13 Apr 2023 12:46:53 GMT; Secure
set-cookie: transaction_id=c1466faeb0dc4095a9a3bf615f4cedc2; Path=/; Expires=Tue, 11 Jul 2023 12:46:53 GMT; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfcygG6kpiFDNZ9f1PssPMgEFMsl87jaDibVKs%2FoCWR6elCayi7Wz%2B40A9nKNb4EXsLQQAdc9S2BMwErJEwAAqTM8efkuxzlp4rPa5%2Bx0DBrui2uDGlRDIAA%2FKDJtvuoTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b6b93222dd41b03-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

www.ostlon.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.ostlon.com

IN A

Response

www.ostlon.com

IN A

188.114.97.0

www.ostlon.com

IN A

188.114.96.0
DNS

www.ostlon.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.ostlon.com

IN AAAA

Response

www.ostlon.com

IN AAAA

2a06:98c1:3120::1

www.ostlon.com

IN AAAA

2a06:98c1:3121::1
DNS

www.ostlon.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.ostlon.com

IN AAAA

Response

www.ostlon.com

IN AAAA

2a06:98c1:3121::

www.ostlon.com

IN AAAA

2a06:98c1:3120::
GET

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

firefox.exe

Remote address:

142.250.179.206:443

Request

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/2.0
host: translate.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mediafire.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

www.opera.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.opera.com

IN A

Response

www.opera.com

IN CNAME

front-geo.production.opera-website.route53.opera.com

front-geo.production.opera-website.route53.opera.com

IN A

18.158.22.43

front-geo.production.opera-website.route53.opera.com

IN A

35.157.148.78

front-geo.production.opera-website.route53.opera.com

IN A

35.156.55.86

front-geo.production.opera-website.route53.opera.com

IN A

18.157.59.108

front-geo.production.opera-website.route53.opera.com

IN A

52.58.13.117

front-geo.production.opera-website.route53.opera.com

IN A

52.28.106.162

front-geo.production.opera-website.route53.opera.com

IN A

3.124.58.221

front-geo.production.opera-website.route53.opera.com

IN A

35.156.116.214
DNS

front-geo.production.opera-website.route53.opera.com

firefox.exe

Remote address:

8.8.8.8:53

Request

front-geo.production.opera-website.route53.opera.com

IN A

Response

front-geo.production.opera-website.route53.opera.com

IN A

3.124.107.0

front-geo.production.opera-website.route53.opera.com

IN A

52.57.43.233

front-geo.production.opera-website.route53.opera.com

IN A

3.124.58.221

front-geo.production.opera-website.route53.opera.com

IN A

18.157.59.108

front-geo.production.opera-website.route53.opera.com

IN A

35.156.57.53

front-geo.production.opera-website.route53.opera.com

IN A

35.156.55.86

front-geo.production.opera-website.route53.opera.com

IN A

35.157.148.78

front-geo.production.opera-website.route53.opera.com

IN A

52.58.147.181
DNS

front-geo.production.opera-website.route53.opera.com

firefox.exe

Remote address:

8.8.8.8:53

Request

front-geo.production.opera-website.route53.opera.com

IN AAAA

Response
DNS

www.googleoptimize.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.googleoptimize.com

IN A

Response

www.googleoptimize.com

IN A

142.251.39.110
DNS

cdn-production-opera-website.operacdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn-production-opera-website.operacdn.com

IN A

Response

cdn-production-opera-website.operacdn.com

IN CNAME

cdn-production-opera-website.operacdn.com.edgekey.net

cdn-production-opera-website.operacdn.com.edgekey.net

IN CNAME

e11604.dscf.akamaiedge.net

e11604.dscf.akamaiedge.net

IN A

23.2.213.218
DNS

cdn-production-opera-website.operacdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn-production-opera-website.operacdn.com

IN A

Response

cdn-production-opera-website.operacdn.com

IN CNAME

cdn-production-opera-website.operacdn.com.edgekey.net

cdn-production-opera-website.operacdn.com.edgekey.net

IN CNAME

e11604.dscf.akamaiedge.net

e11604.dscf.akamaiedge.net

IN A

23.2.213.218
DNS

www.googleoptimize.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.googleoptimize.com

IN A

Response

www.googleoptimize.com

IN A

142.251.39.110
DNS

www.googleoptimize.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.googleoptimize.com

IN AAAA

Response

www.googleoptimize.com

IN AAAA

2a00:1450:400e:811::200e
DNS

www.googleoptimize.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.googleoptimize.com

IN AAAA

Response

www.googleoptimize.com

IN AAAA

2a00:1450:400e:811::200e
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/CACHE/css/output.3cfc35222e33.css HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 3S7zAf4m9zhi7ldOBsIlmXmDXE4Dx9ekH7FOPEt7pxaL5cvaAILIxpRtW4VC4e+eRo64ql44pgY=
x-amz-request-id: JBKGHT7K93FQ72SP
last-modified: Wed, 12 Apr 2023 06:57:11 GMT
etag: "1b752fb481b6970908fc8ff04e7b1d1c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 408229
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/theme-switcher/gx__color-theme--classic.1b752fb481b6.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/theme-switcher/gx__color-theme--classic.1b752fb481b6.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: eBDvIqwxrXrpj5YKE3EXHGcCt+r84Hl0CBgdtfOjZPKoBYBcgIFur1euh8EehubQ8eyUAPkzdPM=
x-amz-request-id: JBKXTAPP44JYVW9K
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "ae3068ee8c01ecefc4b734ff83d72d2a"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 365
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-light-mode.ae3068ee8c01.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-light-mode.ae3068ee8c01.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: ib/Issmm9abkxoJevprGKZIjldvtE/whzb+MBX2qOQZV/miyru8TN85edYt3z3old7WMJTbqVew=
x-amz-request-id: 7JH3YRGJNFZ15NX3
last-modified: Wed, 12 Apr 2023 06:56:12 GMT
etag: "5f4495877f47d6a908eb85cf0297c225"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 65601
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--light-mode.01aad9997fb5.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--light-mode.01aad9997fb5.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: EbxPme2S3KdzL+tHWBgk38zt5vjlM8bKG2NK6hva6vcgGKRAy90jbGm+ad8jwP2ARPJAeaqMAjs=
x-amz-request-id: JBKG98HZC69R4YYG
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "8902d1ec9cef36358778a96db8b2408c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 1000
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-corner.be1333483846.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-corner.be1333483846.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: YcuxvMWplv8sipiA2Os5HFhjrlbQi4+Ewipzrz856pBeh0NUvPxP0lSeZ9FdzjDix3EZ1H9BHDc=
x-amz-request-id: JBKJPQ1S7D38HQQ1
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "513c7c78f5c85b2e1d971bc3496daa4b"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 2240
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--gx-corner.b44c9289e362.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--gx-corner.b44c9289e362.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: fA3f6+FRtO+P6b48No7J9Ls5NYMSjAk+Ex76X5oDPHVRK2QNeZ7/GbDVLNsQLkUlNbB7AVfIXrc=
x-amz-request-id: 7JHC4AVCEHP6RQSF
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "01aad9997fb508b7a5c60ecc88207cad"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 80560
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-twitch.8902d1ec9cef.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-twitch.8902d1ec9cef.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: NAj1IXy6G7+qTNw5wL10k5gvIxep7ttJg8a7MLUUMCXBwOycsY/7oMb2HEXorC0mKt56yxDdCDI=
x-amz-request-id: JBKYWAATPXE2XBMA
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "be133348384697b6ece777f20cabcb28"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 653
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--twitch.5f4495877f47.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--twitch.5f4495877f47.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: IMzmEvV2a0gbno/ff5MDaBm/3HctuSWUd5NB1jf8R/oDYnd/R3DpRydwiLo1O1mDwuH+K5PDzh4=
x-amz-request-id: 7JH7ZH2CSQFTGW6Z
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "b44c9289e36226ff9c0c8e7b9be6b2ee"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 144786
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-discord.513c7c78f5c8.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-discord.513c7c78f5c8.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: xipVCuZUFrQltRD+16nc2iMRmX2KN5D+9E6oS0raDC6yEm+l4FH9QcojFNOtOGkuKwySEvsN43E=
x-amz-request-id: BHT9EDT1DQB4D6AA
last-modified: Wed, 12 Apr 2023 06:56:24 GMT
etag: "d190a54a25f96e1356a94e2a868bd5be"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 112954
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-cleaner@2x.43ff34bf1a7b.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-cleaner@2x.43ff34bf1a7b.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: U0W3fQ//Sdk6Kw2xRRTNrurft4HXis/dtfj+Oh5PcS5F1IKWY1QJIMHPOYgz7qgyfB8OOzfwIb8=
x-amz-request-id: C17KXBAHY4VMETPQ
last-modified: Tue, 11 Apr 2023 09:20:38 GMT
etag: "a069885fbe7ce02feecf2d2ee57c7546"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 1685
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx-mobile__android-iOS@2x.d190a54a25f9.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx-mobile__android-iOS@2x.d190a54a25f9.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: fMeuIjSFAmGyHYMqC9+h8AdgscICC7u9070KXF+rRLJXlIi6oececzERuupbOSbjY6K2ZmD5lfM=
x-amz-request-id: 8NTT5NHWXAQMSC9H
last-modified: Tue, 11 Apr 2023 09:20:38 GMT
etag: "8877a4c85063db32e55bc700b92fb7ef"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 4513
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx__mobile.c8ecc394b852.jpg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx__mobile.c8ecc394b852.jpg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: didHbe8QiyxPGnyRY4dIBls7em6X6581p5RbML+OffdUA5sRx7zu855mHuIqjQUCklR22hvLBnM=
x-amz-request-id: TVRYR4Z6Z1KKSZ4X
last-modified: Tue, 11 Apr 2023 09:20:23 GMT
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 68
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-o.a069885fbe7c.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/logo/logo-o.a069885fbe7c.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: f4sCSbK2EDcjAatJeUJANdFkDZ7F3dCvmPMmFupSEV5Uh28+Qru6CCJgnSOar8gydqPM18HjJrM=
x-amz-request-id: RJJGN6TVQEN4Q0XE
last-modified: Tue, 11 Apr 2023 09:21:50 GMT
etag: "c8ecc394b852869c3f8d196e06a15b44"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 64529
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-and-name--white.8877a4c85063.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/logo/logo-and-name--white.8877a4c85063.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: lZ2+FmfFmOy9DLR3MZuIoRIvkq1sigXwlsqmgtEB33tu26c2ZgXbI4CmMfkvlDZogjeYCLTeij4=
x-amz-request-id: RJJRCP3AZF30SKV8
last-modified: Tue, 11 Apr 2023 09:22:05 GMT
etag: "43ff34bf1a7b9da9262052869fdfe267"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 82120
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/1x1px.91e42db1c66c.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/1x1px.91e42db1c66c.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: unpDVqdVS8bV4afPtrB5oKsdBYd9WWiKGOk7DecO2Eyc8z0GLCv3PV6bp7sCxleRjiNQiebfG/4=
x-amz-request-id: C41XKM10K1J0Y62A
last-modified: Tue, 11 Apr 2023 09:20:26 GMT
etag: "4fbc8629bab05a6abb8fe57934288e51"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 3456
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/icons/arrows/up--black.0bb74469b23f.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/icons/arrows/up--black.0bb74469b23f.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 87zATj2Y71j96dNHrzDVV/+xdLTMJU0TtjNtuYa3/N1xRdoEP3xO5XILT0Emr9+jMkH8UrFh1mQ=
x-amz-request-id: YVRNKYB52NQTZ6XF
last-modified: Tue, 11 Apr 2023 09:20:34 GMT
etag: "0bb74469b23f77e7b8c5d11f8f091465"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 253
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/components/download/googleplay/google-play--en.4fbc8629bab0.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/components/download/googleplay/google-play--en.4fbc8629bab0.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: s6yANYBwVJrGl/iW3Xqq6zoNiRqu9aolOfavNg5TtqBOaCsLgAEDFxUV/6/YprFieVRWx8YlTHk=
x-amz-request-id: JBKH81YG5GQCPXT3
last-modified: Wed, 12 Apr 2023 06:56:06 GMT
etag: "e698406b3212a86ef5ad559ae9149132"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 165077
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/components/download/appstore/app-store--en.97abc7d15cbf.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/components/download/appstore/app-store--en.97abc7d15cbf.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: DFcI4AmACAyM9G72q6T5YyITbjpxhHlo1oKoTrQlcOdlcjL9Pr1wpNf5Nz6jvkYy+3e4vafcPm4=
x-amz-request-id: T2K7KT1VBB3C8ME1
last-modified: Wed, 12 Apr 2023 06:56:25 GMT
etag: "a3a32725c8c8d27c18b89017f2e0689c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 42264
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx.e698406b3212.jpg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx.e698406b3212.jpg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 1rojTPivb3YazMAXmUWYDW3gl7XCqXfxCxk5+PyfSPZXBC4w2yUFZP0FbPwGFHDwQmF0KzHWMHA=
x-amz-request-id: C41VJGCVF33RFJ3J
last-modified: Tue, 11 Apr 2023 09:20:24 GMT
etag: "97abc7d15cbf9bd100f2e7c0e057612a"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 1183
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--mobile@2x.dad38e627140.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--mobile@2x.dad38e627140.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 0qHjxcLoelhauybdkDHCvewX3ekuK2pmn4W/Tvq9bVAEqua/J4//nCrFm+55Opej42OWTaMqWYY=
x-amz-request-id: T2K9C60GQFSSDBXZ
last-modified: Wed, 12 Apr 2023 06:56:25 GMT
etag: "dad38e627140ad0b2d578c37f20e2421"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 47722
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--home.a3a32725c8c8.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--home.a3a32725c8c8.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: uSMw3rGgX6I9lA/gT8vptcYfyQXRf5VYP70FX2EkK1R2HPvv+0LLmvFDUovGacx7TogRLlyHdh8=
x-amz-request-id: RJJRXHNKSNQ62R9P
last-modified: Tue, 11 Apr 2023 09:22:05 GMT
etag: "4aa1a438e946907970930b7f2e04f644"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 37600
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__mobile--hero-section@2x.105801afec18.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx__mobile--hero-section@2x.105801afec18.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: YLCf0GmUR+BwdC2VJj9jdqqnPE4Ky+D/GOsVqvpAUWA+PhV6SOdBLL8yzsk4CnBsYh8xtp0U4Ik=
x-amz-request-id: VAJGYZT7DHJX55WN
last-modified: Tue, 11 Apr 2023 09:22:06 GMT
etag: "105801afec185e88bf124ad6d2618d02"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 109740
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-mobile@2x.4aa1a438e946.webp

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-mobile@2x.4aa1a438e946.webp HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 54Tf/HftFC/YM/J2txvRGezLciWPd5NEwXDocOQuCXfLenYcY+eIC4Ir6fESFih/y9KZQiOLJsU=
x-amz-request-id: B0AR3WAN4A2SSGZZ
last-modified: Wed, 12 Apr 2023 10:34:40 GMT
etag: "75f24dcc38a4b0b041a82266cb2272de"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
content-length: 20654
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--discord.3e893cef8784.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--discord.3e893cef8784.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: Cag4dka19/RKwOLHX7DyeQy5JB1KcD3CzSLuqB636jaCBJowIE3YHp8Y/DPruS39QoGWUfClwPM=
x-amz-request-id: 7JH635TSNR1CCKE0
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "3e893cef87841d8861644972257666ec"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 92620
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:54 GMT
date: Wed, 12 Apr 2023 12:46:54 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-player.416a8e402db6.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-player.416a8e402db6.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 9XwA9VwpYkg4N256cyCL7Tz4A41yIU7OApF85A4OdXsAzrDrJCuv66h7rHNd0C2E+sojv3QKd+M=
x-amz-request-id: RC6BYW4FTR0ZMMA8
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "416a8e402db66ca80a5b249f3a38dc4b"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 553
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--player.694659842717.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--player.694659842717.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: XBNiXspdTZiCKC4GVNGs8heNPA0WAeNBdDF/flQqkCV0OzOvgw8jYoi9ZCQ1NgDCfDtcbS2M7jc=
x-amz-request-id: 7JHB1V7QR511WAZK
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "6946598427171d947cd62f826208d2f3"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 69121
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-messengers.9bd35388afd6.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-messengers.9bd35388afd6.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: ZbiiJzyY0Lq8UGHjIufBGrgJnUJMLiBY0rz+hldljS97iMdDtG4f9mV4jcQvb+4PXpIJS7eCpKE=
x-amz-request-id: JBKXFYJKGS0SHJ52
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "9bd35388afd67f431e55b7f197d83ae2"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 1188
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--messengers.e491d059f927.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--messengers.e491d059f927.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: MyHSj0QUFHe+KSaEyBHN5XSV5HvXJmNNQsPQ8ANO2iougrHX8JezGBBabaAkCwocVAc5q8uaGUE=
x-amz-request-id: 7JH6PKPYVEQYF2F2
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "e491d059f92781879420ebd8fa8bf776"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 60100
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-pinboards.7e83626e788a.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-pinboards.7e83626e788a.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: /YMu3ECVgNCfTpyXF4syK6Y3U+0FXuTiWhXginCclshmSm2QpIVhamT4oSsLuZsypuZx/OVSKlA=
x-amz-request-id: JBKQ1CPSYB07J4FB
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "7e83626e788aa964254ae8244207d8f7"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 553
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--pinboards.aaecb2a9fc24.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--pinboards.aaecb2a9fc24.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: FVRX/2DCoDxa6EX6iMd/XUIPzjxkm9qEwGvLPl8frFMS7uZ4C4tS5yY3SxU/wjNVV+I23tanIFs=
x-amz-request-id: 7JHEHED28K1MARCB
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "aaecb2a9fc24d89805e640eab2bee122"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 114060
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-flow.736ea0e793e4.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-flow.736ea0e793e4.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: KqAZp+JL7PqdnVqdLu3Chnl64AD4t0bgbu9AuczsyrxkSYYoHYBawdLbiyYfDo9dnYV7V5v09nM=
x-amz-request-id: RC69MGZ5F7VVMSQH
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "736ea0e793e4ae9e757818c2628c8177"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 291
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--flow.3dafb84d8d14.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--flow.3dafb84d8d14.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: grqfEmqBpsQaPm5eNl+sogbp1hykjqwSgEscqYht5zHGFQUGgRUleN1eA7eX2C5FqUTH48JZ16k=
x-amz-request-id: JMDQNSDCT5CAE26Z
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "3dafb84d8d14fdd8c1a7825f36387dbf"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 90470
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-fast-navigation.53111f7a4633.svg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx-fast-navigation.53111f7a4633.svg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: C3R3BUzwAQhhEwO4e0N6IUsvNT6FAcfuKCu/t+vqSra8qdvWacCykMeC4pgiMBWhGVDXhTtKfFk=
x-amz-request-id: BHT95F7AZH2VQ2XY
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "53111f7a4633fda3965a3172d92aa798"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 279
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--fast-navigation.cd994c62ac97.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--fast-navigation.cd994c62ac97.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: iuFiVNf1woLy87+ouZeLBRMBmk/qpAMXuhQe1i5iIZalZnWsLsCrXVIvwlNoZowDPdcPQgKWVUw=
x-amz-request-id: 7JH7ZFHF4ACM50RE
last-modified: Wed, 12 Apr 2023 06:56:11 GMT
etag: "cd994c62ac977197fb4119ece99302f1"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 45477
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/gx2021/gaming-inspired-features-bg.cdcfd5388fec.jpg

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/pages/gx2021/gaming-inspired-features-bg.cdcfd5388fec.jpg HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: YgxBCRqgbCo+YoKEcZBUygr+cX5NujMGeXoE06pyyy6/2DCXKYK+GZsHsGl6Z4Khigs3AWt6Yv0=
x-amz-request-id: Q98107KK5GWAYG3R
last-modified: Wed, 12 Apr 2023 06:55:46 GMT
etag: "cdcfd5388fecb2af10a46ee71e9ff5a5"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 274315
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-and-name-negative.51c8dfe30ee2.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/logo/logo-and-name-negative.51c8dfe30ee2.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 8HjPCakJ8lCLXPaFuMb6YyEHT/mcjXNXjigeOVS7slnB9iMWiP5ZFE8ptIe7nSqAAke12emnlYg=
x-amz-request-id: JBKZC3A2683ZZ2SZ
last-modified: Wed, 12 Apr 2023 06:54:38 GMT
etag: "51c8dfe30ee29e9f86622fedcebfe4fb"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 7249
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/js/output.505eae99f3de.js

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/CACHE/js/output.505eae99f3de.js HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: erYretn2UtyMfkbb5guFvqu+AwizOlNDkIe7/DTNto6GumrNzMTeASIONgQtQ9sdmajWrYmoMis=
x-amz-request-id: 99TPTS8KSC4WAHWJ
last-modified: Wed, 12 Apr 2023 06:54:19 GMT
etag: "fea9b418380d53fc7c9917a75f836856"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:55 GMT
date: Wed, 12 Apr 2023 12:46:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/1cb6d11c2c491cd2f1fd.4bf5cf63e125.jpg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/1cb6d11c2c491cd2f1fd.4bf5cf63e125.jpg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: wAfjzmRF9nRLEi/6JVewysZonQyNXMT7GxuOqStSVUIgzG/OYlvCPr44Dq6dhKXiSL1Q0DwfxwI=
x-amz-request-id: 53SCTH9M8480X3SD
last-modified: Wed, 12 Apr 2023 10:34:26 GMT
etag: "4bf5cf63e12582c4ded0a4b9c4e677c8"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/jpeg
server: AmazonS3
content-length: 257276
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/67e772f5c7c0ff691b84.d5b84517520e.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/67e772f5c7c0ff691b84.d5b84517520e.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: Jhs59j+CZighvscz4dOmM5ucmJOKVrHfAIukURcVP9SNIFtbBgb4wMdby5jBJsFxOGDH8YAayso=
x-amz-request-id: 53S07M0H587Z00KK
last-modified: Wed, 12 Apr 2023 10:34:33 GMT
etag: "d5b84517520e30d992662e722f94d68e"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 472
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/e27705cb3ec237f960f3.f680dae9c9b7.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/e27705cb3ec237f960f3.f680dae9c9b7.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: Swj2oEtnbdjXCJadV31FJ56t0QMxVRQC10Q++AZMNUmugNSlFqC33FTQzhIgGoqF/iCbcb8kqW4=
x-amz-request-id: 53SEQ6SFFJRE23NR
last-modified: Wed, 12 Apr 2023 10:37:40 GMT
etag: "f680dae9c9b774fb8bdc078d79fc68a2"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 249
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/47b3738fc2ea7ddbe1aa.e9f144d88e65.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/47b3738fc2ea7ddbe1aa.e9f144d88e65.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://cdn-production-opera-website.operacdn.com
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: aOmHeC5I5tA60VAlxf8PcTBddE+/xSMQk61wkfQF/wQldO4flfTau0T5A1kCYnpIvfmVPROxnGQ=
x-amz-request-id: 53S5MVTCGVKPV2GP
last-modified: Wed, 12 Apr 2023 10:34:30 GMT
etag: "e9f144d88e65cf412da0f5c4ee25e564"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 297
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/e4e2a9ac3e7495306ef0.61f316276ca6.svg?8b55b0eadd0a

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/e4e2a9ac3e7495306ef0.61f316276ca6.svg?8b55b0eadd0a HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: h88AwY3mji1Lg2VlYil27XKzDDWewSkwx5WuoSYi0FANKaf948/ajXM+6GlZZ/FIWLhVHQpFo70=
x-amz-request-id: 53S28P4PY679JJW9
last-modified: Wed, 12 Apr 2023 10:37:40 GMT
etag: "61f316276ca6188c4f3b70c680d2c38e"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 1229
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/a2f64f0b0b76727a4500.f932611b6573.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/a2f64f0b0b76727a4500.f932611b6573.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 4UZU2KaKrQRQFm4h4iZr1WyU57I58L+yCECHH/9jxK1dra4OZu+TdguLJnE6AdHKBoj4fplwZa4=
x-amz-request-id: 53S19JRR0D72QDQC
last-modified: Wed, 12 Apr 2023 10:35:06 GMT
etag: "f932611b6573baaa7f9e1cbf393b62a9"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 644
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/f629332a6204be810902.16d2b680579e.svg?8b55b0eadd0a

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/f629332a6204be810902.16d2b680579e.svg?8b55b0eadd0a HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: fuyJvw/OVZjMNc6X+s/GK62ExifPp5HXnVmbvQo4PyGSOpz+v93DRNVdb03+v2Zx7QEatFM+0VY=
x-amz-request-id: 53SC97J8RGN3HZCQ
last-modified: Wed, 12 Apr 2023 10:34:26 GMT
etag: "04d22e84247c9962bb5312f55442f52f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 286
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/12a67856463b108d403c.04d22e84247c.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/12a67856463b108d403c.04d22e84247c.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://cdn-production-opera-website.operacdn.com
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: xUDngBkPjTohTaHDO/p+4Z5e749yntleIao/AgHGW6bO0PH1GZzwmB4daF+NcNlejk0WxhjINOY=
x-amz-request-id: 53SF9JKDWMCZ43TC
last-modified: Wed, 12 Apr 2023 10:37:41 GMT
etag: "16d2b680579ead0781d2173022c8ebf3"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 174
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/4bd99d9bd226ba406ccb.9bd90c944fec.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/4bd99d9bd226ba406ccb.9bd90c944fec.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://cdn-production-opera-website.operacdn.com
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: hXCGGj4kK2aFZxftO+w5DZf37VHZfH8LMOaPrwR/HxQpIh3SJb5EU/SN1lSWr+gnUo3lfBth2vc=
x-amz-request-id: 53SB8KXQ41W4QZQB
last-modified: Wed, 12 Apr 2023 10:34:30 GMT
etag: "9bd90c944fec88ff59f279f9c6c01d60"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 284
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/df25d1ade7e0a6d6cb0f.1f01a17b022b.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/df25d1ade7e0a6d6cb0f.1f01a17b022b.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: LcGpEcNtwhgYjO6sqG0gZXiEU7zp0+89xTZ51bbdA3YKJv6zcctG3gDQbSmwbt1suWk98PxqZ94=
x-amz-request-id: 53S969Y56QMWWZEX
last-modified: Wed, 12 Apr 2023 10:37:40 GMT
etag: "1f01a17b022b4cce53bf823025e982b9"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 300
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/acd687f2889cbfbdd533.cc973b32f43e.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/acd687f2889cbfbdd533.cc973b32f43e.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: j4+KtAh1XNVyMwtrK141s078CS1IXnAxqTHxjB+zNFhDN+wBb/iZl4R0HGW6uZ83Tu2SiybE0jw=
x-amz-request-id: 53SEQXCQ5213X3XQ
last-modified: Wed, 12 Apr 2023 10:35:07 GMT
etag: "cc973b32f43e2582787f18aa0b2d1caa"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 712
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/5f4fb6f3bc1167ddd76e.4e22cba3c1d8.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/5f4fb6f3bc1167ddd76e.4e22cba3c1d8.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 2YUmxosCduYHVugvHcGAQ0w1KStGrFrralR70ofNvd3bZFD+5yCUeLSmYFgy7PkD6J5xKieiYAU=
x-amz-request-id: 53S5FYMT7NJ2ZK2D
last-modified: Wed, 12 Apr 2023 10:34:32 GMT
etag: "4e22cba3c1d85ffd7656f0acb0f5ba77"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 171
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/8dd28da7d9c471175a7b.19228cbf00eb.svg?d38655d3961d

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/8dd28da7d9c471175a7b.19228cbf00eb.svg?d38655d3961d HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: kqw0O/tGFdImK5BChpwnNeSZiVRb73FhmylkEC6+/u/KzK1LxJNNqNaSgz4DjXQOnYzLAag8Jyo=
x-amz-request-id: 53SC8KEFD2PKZ8C3
last-modified: Wed, 12 Apr 2023 10:34:36 GMT
etag: "19228cbf00eb6ea1da921a32a5f33986"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/svg+xml
server: AmazonS3
content-length: 171
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:56 GMT
date: Wed, 12 Apr 2023 12:46:56 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-max-age: 0
access-control-allow-credentials: false
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/client/welcomeGx/favicon/apple-touch-icon.7915359f724d.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/pages/client/welcomeGx/favicon/apple-touch-icon.7915359f724d.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: o9R6iURMhvyfHmqroQa85Cb0zhOOmfa7/RgNMqHVlWP99pKKS2mTgryLR5V7CEI69SCIrX7agoM=
x-amz-request-id: X027W3ZV3HT2A282
last-modified: Tue, 11 Apr 2023 09:21:21 GMT
etag: "7915359f724dcb198416b92ff9594481"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 4194
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:57 GMT
date: Wed, 12 Apr 2023 12:46:57 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
GET

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/client/welcomeGx/favicon/favicon-16x16.7e0186031727.png

firefox.exe

Remote address:

23.2.213.218:443

Request

GET /staticfiles/assets/images/pages/client/welcomeGx/favicon/favicon-16x16.7e0186031727.png HTTP/2.0
host: cdn-production-opera-website.operacdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: gK9jApAhx5nj0paInNjH2qTm+k2NznD1cbkVBeCRZAtDdFgLJNv1hRi1Mhk8It/6kXPpcDOpURs=
x-amz-request-id: GNE4944EJCKJRQRQ
last-modified: Tue, 11 Apr 2023 09:21:21 GMT
etag: "7e0186031727085bb222432e61e166b6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 396
cache-control: max-age=31536000
expires: Thu, 11 Apr 2024 12:46:57 GMT
date: Wed, 12 Apr 2023 12:46:57 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
DNS

e11604.dscf.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e11604.dscf.akamaiedge.net

IN A

Response

e11604.dscf.akamaiedge.net

IN A

23.2.213.218
DNS

e11604.dscf.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e11604.dscf.akamaiedge.net

IN AAAA

Response

e11604.dscf.akamaiedge.net

IN AAAA

2a02:26f0:c900:294::2d54

e11604.dscf.akamaiedge.net

IN AAAA

2a02:26f0:c900:299::2d54
DNS

0.97.114.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.97.114.188.in-addr.arpa

IN PTR

Response
DNS

43.22.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.22.158.18.in-addr.arpa

IN PTR

Response

43.22.158.18.in-addr.arpa

IN PTR

ec2-18-158-22-43eu-central-1compute amazonawscom
DNS

218.213.2.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

218.213.2.23.in-addr.arpa

IN PTR

Response

218.213.2.23.in-addr.arpa

IN PTR

a23-2-213-218deploystaticakamaitechnologiescom
DNS

218.213.2.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

218.213.2.23.in-addr.arpa

IN PTR

Response

218.213.2.23.in-addr.arpa

IN PTR

a23-2-213-218deploystaticakamaitechnologiescom
DNS

www.redditstatic.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.redditstatic.com

IN A

Response

www.redditstatic.com

IN CNAME

dualstack.reddit.map.fastly.net

dualstack.reddit.map.fastly.net

IN A

151.101.1.140

dualstack.reddit.map.fastly.net

IN A

151.101.65.140

dualstack.reddit.map.fastly.net

IN A

151.101.129.140

dualstack.reddit.map.fastly.net

IN A

151.101.193.140
GET

https://www.redditstatic.com/ads/pixel.js

firefox.exe

Remote address:

151.101.1.140:443

Request

GET /ads/pixel.js HTTP/2.0
host: www.redditstatic.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 12 Apr 2023 12:46:56 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
DNS

dualstack.reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.reddit.map.fastly.net

IN A

Response

dualstack.reddit.map.fastly.net

IN A

151.101.1.140

dualstack.reddit.map.fastly.net

IN A

151.101.65.140

dualstack.reddit.map.fastly.net

IN A

151.101.129.140

dualstack.reddit.map.fastly.net

IN A

151.101.193.140
DNS

dualstack.reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.reddit.map.fastly.net

IN AAAA

Response

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:200::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:400::396

dualstack.reddit.map.fastly.net

IN AAAA

2a04:4e42:600::396
DNS

static.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static.hotjar.com

IN A

Response

static.hotjar.com

IN CNAME

static-cdn.hotjar.com

static-cdn.hotjar.com

IN A

108.156.60.77

static-cdn.hotjar.com

IN A

108.156.60.37

static-cdn.hotjar.com

IN A

108.156.60.88

static-cdn.hotjar.com

IN A

108.156.60.58
DNS

static-cdn.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static-cdn.hotjar.com

IN A

Response

static-cdn.hotjar.com

IN A

108.156.60.77

static-cdn.hotjar.com

IN A

108.156.60.88

static-cdn.hotjar.com

IN A

108.156.60.37

static-cdn.hotjar.com

IN A

108.156.60.58
DNS

cdn.taboola.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.taboola.com

IN A

Response

cdn.taboola.com

IN CNAME

tls13.taboola.map.fastly.net

tls13.taboola.map.fastly.net

IN A

151.101.1.44

tls13.taboola.map.fastly.net

IN A

151.101.65.44

tls13.taboola.map.fastly.net

IN A

151.101.129.44

tls13.taboola.map.fastly.net

IN A

151.101.193.44
DNS

static-cdn.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

static-cdn.hotjar.com

IN AAAA

Response
DNS

tls13.taboola.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

tls13.taboola.map.fastly.net

IN A

Response

tls13.taboola.map.fastly.net

IN A

151.101.1.44

tls13.taboola.map.fastly.net

IN A

151.101.65.44

tls13.taboola.map.fastly.net

IN A

151.101.129.44

tls13.taboola.map.fastly.net

IN A

151.101.193.44
DNS

connect.facebook.net

firefox.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.201.15
DNS

s.yimg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

s.yimg.com

IN A

Response

s.yimg.com

IN CNAME

edge.gycpi.b.yahoodns.net

edge.gycpi.b.yahoodns.net

IN A

87.248.116.12

edge.gycpi.b.yahoodns.net

IN A

87.248.116.11
DNS

tls13.taboola.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

tls13.taboola.map.fastly.net

IN AAAA

Response
DNS

scontent.xx.fbcdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

scontent.xx.fbcdn.net

IN A

Response

scontent.xx.fbcdn.net

IN A

157.240.5.10
DNS

tags.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tags.creativecdn.com

IN A

Response

tags.creativecdn.com

IN A

34.117.98.198
GET

https://s.yimg.com/wi/ytc.js

firefox.exe

Remote address:

87.248.116.12:443

Request

GET /wi/ytc.js HTTP/2.0
host: s.yimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

edge.gycpi.b.yahoodns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

edge.gycpi.b.yahoodns.net

IN A

Response

edge.gycpi.b.yahoodns.net

IN A

87.248.116.12

edge.gycpi.b.yahoodns.net

IN A

87.248.116.11
DNS

tags.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tags.creativecdn.com

IN A

Response

tags.creativecdn.com

IN A

34.117.98.198
DNS

edge.gycpi.b.yahoodns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

edge.gycpi.b.yahoodns.net

IN AAAA

Response

edge.gycpi.b.yahoodns.net

IN AAAA

2a00:1288:84:800::1002

edge.gycpi.b.yahoodns.net

IN AAAA

2a00:1288:84:800::1001
DNS

scontent.xx.fbcdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

scontent.xx.fbcdn.net

IN AAAA

Response

scontent.xx.fbcdn.net

IN AAAA

2a03:2880:f085:a:face:b00c:0:3
DNS

tags.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

tags.creativecdn.com

IN AAAA

Response
DNS

alb.reddit.com

firefox.exe

Remote address:

8.8.8.8:53

Request

alb.reddit.com

IN A

Response

alb.reddit.com

IN CNAME

reddit.map.fastly.net

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.65.140

reddit.map.fastly.net

IN A

151.101.129.140

reddit.map.fastly.net

IN A

151.101.193.140
DNS

reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

reddit.map.fastly.net

IN A

Response

reddit.map.fastly.net

IN A

151.101.1.140

reddit.map.fastly.net

IN A

151.101.65.140

reddit.map.fastly.net

IN A

151.101.129.140

reddit.map.fastly.net

IN A

151.101.193.140
DNS

reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

reddit.map.fastly.net

IN AAAA

Response
DNS

reddit.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

reddit.map.fastly.net

IN AAAA

Response
GET

https://static.hotjar.com/c/hotjar-445451.js?sv=7

firefox.exe

Remote address:

108.156.60.77:443

Request

GET /c/hotjar-445451.js?sv=7 HTTP/2.0
host: static.hotjar.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 12:45:59 GMT
cache-control: max-age=60
etag: W/cbc44a4d379c5e882ce92e099a493de6
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: NQgZscHnBoglSpGfqCXyxKq0H7ghZqfp0VUE7iGy1kzkcG9l0eNurQ==
age: 58
GET

https://cdn.taboola.com/libtrc/unip/1410119/tfa.js

firefox.exe

Remote address:

151.101.1.44:443

Request

GET /libtrc/unip/1410119/tfa.js HTTP/2.0
host: cdn.taboola.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-amz-id-2: 4baVuMP3DY7z07klrhUPPbSdIBy9UZdng/hKAMCbfbZ6xbnOjGKiayfVniQcNcIssuh67O06Chw=
x-amz-request-id: A41C6YH87Y70HQPD
x-amz-replication-status: PENDING
last-modified: Sun, 09 Apr 2023 11:29:05 GMT
etag: "9f21256332c50619fcd247650f24b665"
x-amz-server-side-encryption: AES256
x-amz-version-id: mrUaZjlDOgMtTx84BJbiDarkdI8nDkPx
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Apr 2023 12:46:57 GMT
via: 1.1 varnish
age: 14
x-served-by: cache-ams21072-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1681303617.183055,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 59
access-control-allow-origin: *
content-length: 18199
GET

https://trc.taboola.com/1410119/trc/3/json?tim=1681303615534&data=%7B%22id%22%3A610%2C%22ii%22%3A%22%2Fgx%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681303615492%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Doperasoftwarees-operasoftwarees-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681303615534%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i

firefox.exe

Remote address:

151.101.1.44:443

Request

GET /1410119/trc/3/json?tim=1681303615534&data=%7B%22id%22%3A610%2C%22ii%22%3A%22%2Fgx%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681303615492%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Doperasoftwarees-operasoftwarees-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681303615534%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/2.0
host: trc.taboola.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Apr 2023 12:46:57 GMT
via: 1.1 varnish
x-served-by: cache-ams21072-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1681303618.681988,VS0,VE81
vary: Accept-Encoding
x-vcl-time-ms: 81
GET

https://tags.creativecdn.com/1gnG4zGXkPW95vXqyMLu.js

firefox.exe

Remote address:

34.117.98.198:443

Request

GET /1gnG4zGXkPW95vXqyMLu.js HTTP/2.0
host: tags.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://tags.creativecdn.com/oA5aPxBEyx4hFQoyTt5C.js

firefox.exe

Remote address:

34.117.98.198:443

Request

GET /oA5aPxBEyx4hFQoyTt5C.js HTTP/2.0
host: tags.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
GET

https://alb.reddit.com/rp.gif?ts=1681303615055&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=009856a1-c05c-4442-b554-a9e2021fc992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_65e23bc4

firefox.exe

Remote address:

151.101.1.140:443

Request

GET /rp.gif?ts=1681303615055&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=009856a1-c05c-4442-b554-a9e2021fc992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_65e23bc4 HTTP/2.0
host: alb.reddit.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 12 Apr 2023 12:46:57 GMT
via: 1.1 varnish
content-length: 42
DNS

analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

analytics.google.com

IN A

Response

analytics.google.com

IN A

216.58.214.14
DNS

analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

analytics.google.com

IN A

Response

analytics.google.com

IN A

216.58.214.14
DNS

analytics.google.com

firefox.exe

Remote address:

8.8.8.8:53

Request

analytics.google.com

IN AAAA

Response

analytics.google.com

IN CNAME

analytics-alv.google.com

analytics-alv.google.com

IN AAAA

2001:4860:4802:36::181

analytics-alv.google.com

IN AAAA

2001:4860:4802:32::181

analytics-alv.google.com

IN AAAA

2001:4860:4802:34::181

analytics-alv.google.com

IN AAAA

2001:4860:4802:38::181
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.250.102.157

stats.g.doubleclick.net

IN A

142.250.102.156

stats.g.doubleclick.net

IN A

142.250.102.154

stats.g.doubleclick.net

IN A

142.250.102.155
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.250.102.156

stats.g.doubleclick.net

IN A

142.250.102.157

stats.g.doubleclick.net

IN A

142.250.102.154

stats.g.doubleclick.net

IN A

142.250.102.155
POST

https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je34a0&_p=500978051&_gaz=1&cid=1462830660.1681303615&ul=en-us&sr=1280x720&_s=1&sid=1681303615&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1&dt=Opera%20GX%20%7C%20Gaming%20Browser%20%7C%20Opera&en=page_view&_fv=1&_nsi=1&_ss=1

firefox.exe

Remote address:

216.58.214.14:443

Request

POST /g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je34a0&_p=500978051&_gaz=1&cid=1462830660.1681303615&ul=en-us&sr=1280x720&_s=1&sid=1681303615&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1&dt=Opera%20GX%20%7C%20Gaming%20Browser%20%7C%20Opera&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/2.0
host: analytics.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
origin: https://www.opera.com
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
content-length: 0
te: trailers
GET

https://s.yimg.com/wi/config/10176867.json

firefox.exe

Remote address:

87.248.116.12:443

Request

GET /wi/config/10176867.json HTTP/2.0
host: s.yimg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
origin: https://www.opera.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

stats.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN AAAA

Response

stats.g.doubleclick.net

IN AAAA

2a00:1450:4025:402::9a

stats.g.doubleclick.net

IN AAAA

2a00:1450:4025:402::9b

stats.g.doubleclick.net

IN AAAA

2a00:1450:4025:402::9c

stats.g.doubleclick.net

IN AAAA

2a00:1450:4025:402::9d
DNS

140.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.1.101.151.in-addr.arpa

IN PTR

Response
DNS

12.116.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.116.248.87.in-addr.arpa

IN PTR

Response

12.116.248.87.in-addr.arpa

IN PTR

e2ycpivipambyahoocom
DNS

77.60.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.60.156.108.in-addr.arpa

IN PTR

Response

77.60.156.108.in-addr.arpa

IN PTR

server-108-156-60-77ams1r cloudfrontnet
DNS

44.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.1.101.151.in-addr.arpa

IN PTR

Response
DNS

15.201.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.201.240.157.in-addr.arpa

IN PTR

Response

15.201.240.157.in-addr.arpa

IN PTR

xx-fbcdn-shv-01-ams4fbcdnnet
DNS

198.98.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.98.117.34.in-addr.arpa

IN PTR

Response

198.98.117.34.in-addr.arpa

IN PTR

1989811734bcgoogleusercontentcom
DNS

trc.taboola.com

firefox.exe

Remote address:

8.8.8.8:53

Request

trc.taboola.com

IN A

Response

trc.taboola.com

IN CNAME

dualstack.tls13.taboola.map.fastly.net

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.1.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.65.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.129.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.193.44
DNS

14.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.214.58.216.in-addr.arpa

IN PTR

Response

14.214.58.216.in-addr.arpa

IN PTR

lhr26s05-in-f141e100net

14.214.58.216.in-addr.arpa

IN PTR

ams17s09-in-f14�H

14.214.58.216.in-addr.arpa

IN PTR

�8
DNS

dualstack.tls13.taboola.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.tls13.taboola.map.fastly.net

IN A

Response

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.1.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.65.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.129.44

dualstack.tls13.taboola.map.fastly.net

IN A

151.101.193.44
DNS

script.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

script.hotjar.com

IN A

Response

script.hotjar.com

IN A

13.227.219.71

script.hotjar.com

IN A

13.227.219.120

script.hotjar.com

IN A

13.227.219.3

script.hotjar.com

IN A

13.227.219.28
DNS

script.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

script.hotjar.com

IN A

Response

script.hotjar.com

IN A

13.227.219.71

script.hotjar.com

IN A

13.227.219.120

script.hotjar.com

IN A

13.227.219.3

script.hotjar.com

IN A

13.227.219.28
DNS

dualstack.tls13.taboola.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.tls13.taboola.map.fastly.net

IN AAAA

Response

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:200::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:400::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:600::300
DNS

dualstack.tls13.taboola.map.fastly.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dualstack.tls13.taboola.map.fastly.net

IN AAAA

Response

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:200::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:400::300

dualstack.tls13.taboola.map.fastly.net

IN AAAA

2a04:4e42:600::300
DNS

ams.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ams.creativecdn.com

IN A

Response

ams.creativecdn.com

IN A

185.184.8.90
DNS

ams.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ams.creativecdn.com

IN A

Response

ams.creativecdn.com

IN A

185.184.8.90
DNS

ams.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ams.creativecdn.com

IN A

Response

ams.creativecdn.com

IN A

185.184.8.90
POST

https://ams.creativecdn.com/tags/v2?type=json

firefox.exe

Remote address:

185.184.8.90:443

Request

POST /tags/v2?type=json HTTP/2.0
host: ams.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 342
origin: https://www.opera.com
referer: https://www.opera.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 307

date: Wed, 12 Apr 2023 12:46:57 GMT
access-control-allow-origin: https://www.opera.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
set-cookie: u=fMO5IvnS80pEczae3oNs;Path=/;Domain=.creativecdn.com;Expires=Thu, 11-Apr-2024 12:46:57 GMT;Max-Age=31536000;Secure;SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: ts=1681303617;Path=/;Domain=.creativecdn.com;Expires=Thu, 11-Apr-2024 12:46:57 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://ams.creativecdn.com/tags/v2?type=json&tc=1
content-length: 0
POST

https://ams.creativecdn.com/tags/v2?type=json&tc=1

firefox.exe

Remote address:

185.184.8.90:443

Request

POST /tags/v2?type=json&tc=1 HTTP/2.0
host: ams.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 342
origin: https://www.opera.com
referer: https://www.opera.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:58 GMT
access-control-allow-origin: https://www.opera.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Wed, 12 Apr 2023 12:46:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-length: 289
GET

https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=YaUKfU1hU_Od8-tWs29ViCtYcQLeIenbH5DEBsXii6vVNM-z2g6BCjqV_uvf3OPq4v6HMUznUiwt2TIS3xzKP-_Ztn7huvNqK_SAqw4X8XEJtpIqwb3HNmOGz_5PZaTzxKM2oEWOjmfwCDUCSFwrZA

firefox.exe

Remote address:

185.184.8.90:443

Request

GET /fledge-igmembership?ntk=YaUKfU1hU_Od8-tWs29ViCtYcQLeIenbH5DEBsXii6vVNM-z2g6BCjqV_uvf3OPq4v6HMUznUiwt2TIS3xzKP-_Ztn7huvNqK_SAqw4X8XEJtpIqwb3HNmOGz_5PZaTzxKM2oEWOjmfwCDUCSFwrZA HTTP/2.0
host: fledge-eu.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:58 GMT
content-type: text/html;charset=utf-8
origin-trial: Asb/UPx4mL0uyG+epAyfY1aIgdr/77bvOsnl0hWQ3Yy5BjKDh+thJ7NYPn2jqP+ghYDnNQcQFJuUng9LzN1SWggAAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjg4MDgzMTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cache-control: public, max-age=86400
date: Wed, 12 Apr 2023 12:46:58 GMT
expires: Thu, 13 Apr 2023 12:46:58 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 499
OPTIONS

https://ams.creativecdn.com/tags/v2?type=json

firefox.exe

Remote address:

185.184.8.90:443

Request

OPTIONS /tags/v2?type=json HTTP/2.0
host: ams.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://www.opera.com/
origin: https://www.opera.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:57 GMT
access-control-allow-origin: https://www.opera.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
access-control-allow-headers: content-type
content-length: 0
OPTIONS

https://ams.creativecdn.com/tags/v2?type=json&tc=1

firefox.exe

Remote address:

185.184.8.90:443

Request

OPTIONS /tags/v2?type=json&tc=1 HTTP/2.0
host: ams.creativecdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://www.opera.com/
origin: https://www.opera.com
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:46:58 GMT
access-control-allow-origin: https://www.opera.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
access-control-allow-headers: content-type
content-length: 0
DNS

ams.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ams.creativecdn.com

IN AAAA

Response
DNS

script.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

script.hotjar.com

IN A

Response

script.hotjar.com

IN A

13.227.219.3

script.hotjar.com

IN A

13.227.219.71

script.hotjar.com

IN A

13.227.219.28

script.hotjar.com

IN A

13.227.219.120
GET

https://script.hotjar.com/modules.294a0ba1597f9e43eb87.js

firefox.exe

Remote address:

13.227.219.71:443

Request

GET /modules.294a0ba1597f9e43eb87.js HTTP/2.0
host: script.hotjar.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 68722
date: Wed, 12 Apr 2023 09:20:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "feec9a1ec3b672c8307211937f1d68f7"
last-modified: Wed, 12 Apr 2023 09:19:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: OlJ05Xb6kc7qai2KFlmA7hzvBsO77gktRfpz7eb-WWNBbooqad7pkg==
age: 12410
DNS

script.hotjar.com

firefox.exe

Remote address:

8.8.8.8:53

Request

script.hotjar.com

IN AAAA

Response
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T18E1GTPQG&cid=1462830660.1681303615&gtm=45je34a0&aip=1

firefox.exe

Remote address:

142.250.102.157:443

Request

POST /g/collect?v=2&tid=G-T18E1GTPQG&cid=1462830660.1681303615&gtm=45je34a0&aip=1 HTTP/2.0
host: stats.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.opera.com/
origin: https://www.opera.com
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
content-length: 0
te: trailers
DNS

www.facebook.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.247.35
DNS

sp.analytics.yahoo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

sp.analytics.yahoo.com

IN A

Response

sp.analytics.yahoo.com

IN CNAME

spdc-global.pbp.gysm.yahoodns.net

spdc-global.pbp.gysm.yahoodns.net

IN A

212.82.100.181
DNS

spdc-global.pbp.gysm.yahoodns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

spdc-global.pbp.gysm.yahoodns.net

IN A

Response

spdc-global.pbp.gysm.yahoodns.net

IN A

212.82.100.181
DNS

bat.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

spdc-global.pbp.gysm.yahoodns.net

firefox.exe

Remote address:

8.8.8.8:53

Request

spdc-global.pbp.gysm.yahoodns.net

IN AAAA

Response
DNS

dual-a-0001.a-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dual-a-0001.a-msedge.net

IN A

Response

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

dual-a-0001.a-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dual-a-0001.a-msedge.net

IN A

Response

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

dual-a-0001.a-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dual-a-0001.a-msedge.net

IN AAAA

Response

dual-a-0001.a-msedge.net

IN AAAA

2620:1ec:c11::200
DNS

dual-a-0001.a-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

dual-a-0001.a-msedge.net

IN AAAA

Response

dual-a-0001.a-msedge.net

IN AAAA

2620:1ec:c11::200
DNS

ib.adnxs.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs.com

IN A

Response

ib.adnxs.com

IN CNAME

g.geogslb.com

g.geogslb.com

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

185.89.210.46

ib.anycast.adnxs.com

IN A

185.89.211.116

ib.anycast.adnxs.com

IN A

185.89.210.212

ib.anycast.adnxs.com

IN A

185.89.210.141

ib.anycast.adnxs.com

IN A

185.89.210.244

ib.anycast.adnxs.com

IN A

185.89.210.122

ib.anycast.adnxs.com

IN A

185.89.210.20

ib.anycast.adnxs.com

IN A

185.89.211.84

ib.anycast.adnxs.com

IN A

185.89.210.90

ib.anycast.adnxs.com

IN A

185.89.211.12

ib.anycast.adnxs.com

IN A

185.83.142.19

ib.anycast.adnxs.com

IN A

185.89.210.153
DNS

ib.anycast.adnxs.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ib.anycast.adnxs.com

IN A

Response

ib.anycast.adnxs.com

IN A

37.252.171.53

ib.anycast.adnxs.com

IN A

37.252.172.123

ib.anycast.adnxs.com

IN A

37.252.171.21

ib.anycast.adnxs.com

IN A

37.252.171.84

ib.anycast.adnxs.com

IN A

37.252.171.52

ib.anycast.adnxs.com

IN A

37.252.173.215

ib.anycast.adnxs.com

IN A

37.252.171.149

ib.anycast.adnxs.com

IN A

37.252.171.22

ib.anycast.adnxs.com

IN A

37.252.171.85
DNS

fledge-eu.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fledge-eu.creativecdn.com

IN A

Response

fledge-eu.creativecdn.com

IN A

185.184.8.90
DNS

ib.anycast.adnxs.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ib.anycast.adnxs.com

IN AAAA

Response
DNS

fledge-eu.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fledge-eu.creativecdn.com

IN A

Response

fledge-eu.creativecdn.com

IN A

185.184.8.90
DNS

fledge-eu.creativecdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

fledge-eu.creativecdn.com

IN AAAA

Response
DNS

157.102.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.102.250.142.in-addr.arpa

IN PTR

Response

157.102.250.142.in-addr.arpa

IN PTR

rb-in-f1571e100net
DNS

71.219.227.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.219.227.13.in-addr.arpa

IN PTR

Response

71.219.227.13.in-addr.arpa

IN PTR

server-13-227-219-71ams54r cloudfrontnet
DNS

35.247.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.247.240.157.in-addr.arpa

IN PTR

Response

35.247.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-ams2facebookcom
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
DNS

90.8.184.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.8.184.185.in-addr.arpa

IN PTR

Response

90.8.184.185.in-addr.arpa

IN PTR

ip-185-184-8-90rtbhousenet
DNS

translate.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate.googleapis.com

IN A

Response

translate.googleapis.com

IN A

142.251.39.106
GET

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main

firefox.exe

Remote address:

142.251.39.106:443

Request

GET /_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main HTTP/2.0
host: translate.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.mediafire.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

translate.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate.googleapis.com

IN AAAA

Response

translate.googleapis.com

IN AAAA

2a00:1450:400e:80f::200a
DNS

100.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

100.39.251.142.in-addr.arpa

IN PTR

Response

100.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f41e100net
DNS

106.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.39.251.142.in-addr.arpa

IN PTR

Response

106.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f101e100net
DNS

www.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN AAAA

Response
DNS

translate-pa.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate-pa.googleapis.com

IN A

Response

translate-pa.googleapis.com

IN A

142.250.179.170

translate-pa.googleapis.com

IN A

142.250.179.202

translate-pa.googleapis.com

IN A

142.251.36.10

translate-pa.googleapis.com

IN A

142.251.39.106

translate-pa.googleapis.com

IN A

216.58.208.106

translate-pa.googleapis.com

IN A

216.58.214.10

translate-pa.googleapis.com

IN A

142.250.179.138

translate-pa.googleapis.com

IN A

142.251.36.42
DNS

translate-pa.googleapis.com

firefox.exe

Remote address:

8.8.8.8:53

Request

translate-pa.googleapis.com

IN AAAA

Response

translate-pa.googleapis.com

IN AAAA

2a00:1450:400e:811::200a

translate-pa.googleapis.com

IN AAAA

2a00:1450:400e:80c::200a

translate-pa.googleapis.com

IN AAAA

2a00:1450:400e:800::200a

translate-pa.googleapis.com

IN AAAA

2a00:1450:400e:801::200a
DNS

170.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.179.250.142.in-addr.arpa

IN PTR

Response

170.179.250.142.in-addr.arpa

IN PTR

ams15s41-in-f101e100net
DNS

cdn.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN A

Response

cdn.amplitude.com

IN A

108.156.61.29

cdn.amplitude.com

IN A

108.156.61.101

cdn.amplitude.com

IN A

108.156.61.65

cdn.amplitude.com

IN A

108.156.61.171
DNS

cdn.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN AAAA

Response
DNS

api.btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.btloader.com

IN A

Response

api.btloader.com

IN A

130.211.23.194
POST

https://api.btloader.com/log?upapi=true&tid=LEOnG5cE67&cv=2.1.10-3-g4120aac

firefox.exe

Remote address:

130.211.23.194:443

Request

POST /log?upapi=true&tid=LEOnG5cE67&cv=2.1.10-3-g4120aac HTTP/2.0
host: api.btloader.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-length: 88
origin: null
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

api.btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.btloader.com

IN A

Response

api.btloader.com

IN A

130.211.23.194
DNS

api.btloader.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.btloader.com

IN AAAA

Response
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN A

Response

api.amplitude.com

IN A

34.216.249.58

api.amplitude.com

IN A

35.164.85.24

api.amplitude.com

IN A

44.232.120.240

api.amplitude.com

IN A

34.215.104.250

api.amplitude.com

IN A

54.191.246.9

api.amplitude.com

IN A

52.26.131.85

api.amplitude.com

IN A

35.82.194.206

api.amplitude.com

IN A

34.218.111.213
DNS

api.amplitude.com

firefox.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN AAAA

Response
DNS

194.23.211.130.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.23.211.130.in-addr.arpa

IN PTR

Response

194.23.211.130.in-addr.arpa

IN PTR

19423211130bcgoogleusercontentcom
DNS

prf.hn

firefox.exe

Remote address:

8.8.8.8:53

Request

prf.hn

IN AAAA

Response
DNS

store.winzip.com

firefox.exe

Remote address:

8.8.8.8:53

Request

store.winzip.com

IN A

Response

store.winzip.com

IN CNAME

winzip-s.cleverbridge.com

winzip-s.cleverbridge.com

IN A

104.16.242.229

winzip-s.cleverbridge.com

IN A

104.16.243.229
GET

https://store.winzip.com/852/purl-mediafire?x-clickref=1100lwHowKb5

firefox.exe

Remote address:

104.16.242.229:443

Request

GET /852/purl-mediafire?x-clickref=1100lwHowKb5 HTTP/2.0
host: store.winzip.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 302

date: Wed, 12 Apr 2023 12:47:14 GMT
content-type: text/html; charset=utf-8
location: https://www.winzip.com/en/pages/partner/mediafire/winzip-trial/?x-source=ojmf_trial&x-publisher-id=1101l145839&x-target=omf2&x-clickref=1100lwHowKb5
vary: Accept-Encoding,User-Agent
content-encoding: gzip
set-cookie: purl-39863=10; domain=.store.winzip.com; expires=Thu, 13-Apr-2023 12:47:14 GMT; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
set-cookie: purl_history_852=39863=10r; domain=.store.winzip.com; expires=Thu, 13-Apr-2023 12:47:14 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: rpurl_852=id=39863&rn=10; domain=.store.winzip.com; expires=Thu, 13-Apr-2023 12:47:14 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: __cflb=02DiuGUwaHeX5xCq1y4Ru7yhMLjpC9nSDzAcSKmtrCaD2; SameSite=Lax; path=/; expires=Thu, 13-Apr-23 11:47:14 GMT; HttpOnly
server: cloudflare
cf-ray: 7b6b93a179cd1c78-AMS
DNS

winzip-s.cleverbridge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

winzip-s.cleverbridge.com

IN A

Response

winzip-s.cleverbridge.com

IN A

104.16.242.229

winzip-s.cleverbridge.com

IN A

104.16.243.229
DNS

winzip-s.cleverbridge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

winzip-s.cleverbridge.com

IN AAAA

Response
DNS

winzip-s.cleverbridge.com

firefox.exe

Remote address:

8.8.8.8:53

Request

winzip-s.cleverbridge.com

IN AAAA

Response
DNS

www.winzip.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.winzip.com

IN A

Response

www.winzip.com

IN CNAME

www.winzip.com.edgekey.net

www.winzip.com.edgekey.net

IN CNAME

e834.d.akamaiedge.net

e834.d.akamaiedge.net

IN A

23.44.232.34
DNS

e834.d.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e834.d.akamaiedge.net

IN A

Response

e834.d.akamaiedge.net

IN A

23.44.232.34
DNS

e834.d.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e834.d.akamaiedge.net

IN AAAA

Response
DNS

4.170.150.5.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.170.150.5.in-addr.arpa

IN PTR

Response
DNS

229.242.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.242.16.104.in-addr.arpa

IN PTR

Response
DNS

34.232.44.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.232.44.23.in-addr.arpa

IN PTR

Response

34.232.44.23.in-addr.arpa

IN PTR

a23-44-232-34deploystaticakamaitechnologiescom
DNS

bat.bing.com

firefox.exe

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.251.36.34
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.251.36.34
GET

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996698607/?random=1681303633956&cv=11&fst=1681303633956&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1280&u_h=720&url=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fpartner%2Fmediafire%2Fwinzip-trial%2F%3Fx-source%3Dojmf_trial%26x-publisher-id%3D1101l145839%26x-target%3Domf2%26x-clickref%3D1100lwHowKb5&hn=www.googleadservices.com&frm=0&tiba=WinZip%20-%20Safely%20and%20easily%20open%20your%20downloaded%20files&auid=1613915826.1681303634&rfmt=3&fmt=4

firefox.exe

Remote address:

142.251.36.34:443

Request

GET /pagead/viewthroughconversion/996698607/?random=1681303633956&cv=11&fst=1681303633956&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1280&u_h=720&url=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fpartner%2Fmediafire%2Fwinzip-trial%2F%3Fx-source%3Dojmf_trial%26x-publisher-id%3D1101l145839%26x-target%3Domf2%26x-clickref%3D1100lwHowKb5&hn=www.googleadservices.com&frm=0&tiba=WinZip%20-%20Safely%20and%20easily%20open%20your%20downloaded%20files&auid=1613915826.1681303634&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.winzip.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

cdn.cookielaw.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.187.97

cdn.cookielaw.org

IN A

104.19.188.97
DNS

cdn.cookielaw.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.188.97

cdn.cookielaw.org

IN A

104.19.187.97
DNS

cdn.cookielaw.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.19.187.97

cdn.cookielaw.org

IN A

104.19.188.97
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

firefox.exe

Remote address:

104.19.187.97:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.winzip.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:47:16 GMT
content-type: application/javascript
content-length: 6741
content-encoding: gzip
content-md5: +GAQ9uZzuyMATxU6dGRBFA==
last-modified: Mon, 10 Apr 2023 20:09:08 GMT
etag: 0x8DB39FF71AEE247
x-ms-request-id: c0f3fe6d-c01e-014f-56f2-6b5aab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 70496
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b6b93adae68b98c-AMS
DNS

googleads.g.doubleclick.net

firefox.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN AAAA

Response

googleads.g.doubleclick.net

IN AAAA

2a00:1450:400e:811::2002
DNS

snap.licdn.com

firefox.exe

Remote address:

8.8.8.8:53

Request

snap.licdn.com

IN A

Response

snap.licdn.com

IN CNAME

od.linkedin.edgesuite.net

od.linkedin.edgesuite.net

IN CNAME

a1916.dscg2.akamai.net

a1916.dscg2.akamai.net

IN A

23.32.238.178

a1916.dscg2.akamai.net

IN A

23.32.238.219
DNS

cdn.cookielaw.org

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN AAAA

Response

cdn.cookielaw.org

IN AAAA

2606:4700::6813:bb61

cdn.cookielaw.org

IN AAAA

2606:4700::6813:bc61
GET

https://snap.licdn.com/li.lms-analytics/insight.min.js

firefox.exe

Remote address:

23.32.238.178:443

Request

GET /li.lms-analytics/insight.min.js HTTP/2.0
host: snap.licdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.winzip.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=75303
date: Wed, 12 Apr 2023 12:47:16 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
DNS

a1916.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1916.dscg2.akamai.net

IN A

Response

a1916.dscg2.akamai.net

IN A

23.32.238.219

a1916.dscg2.akamai.net

IN A

23.32.238.178
DNS

a1916.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1916.dscg2.akamai.net

IN AAAA

Response

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86e8
DNS

a1916.dscg2.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a1916.dscg2.akamai.net

IN AAAA

Response

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a1916.dscg2.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86e8
DNS

unpkg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

unpkg.com

IN A

Response

unpkg.com

IN A

104.16.125.175

unpkg.com

IN A

104.16.123.175

unpkg.com

IN A

104.16.124.175

unpkg.com

IN A

104.16.126.175

unpkg.com

IN A

104.16.122.175
DNS

unpkg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

unpkg.com

IN A

Response

unpkg.com

IN A

104.16.125.175

unpkg.com

IN A

104.16.123.175

unpkg.com

IN A

104.16.124.175

unpkg.com

IN A

104.16.126.175

unpkg.com

IN A

104.16.122.175
DNS

ws.zoominfo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN A

Response

ws.zoominfo.com

IN A

104.16.168.82

ws.zoominfo.com

IN A

104.16.101.12
DNS

ws.zoominfo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN A

Response

ws.zoominfo.com

IN A

104.16.101.12

ws.zoominfo.com

IN A

104.16.168.82
DNS

munchkin.marketo.net

firefox.exe

Remote address:

8.8.8.8:53

Request

munchkin.marketo.net

IN A

Response

munchkin.marketo.net

IN CNAME

wildcard.marketo.net.edgekey.net

wildcard.marketo.net.edgekey.net

IN CNAME

e10776.b.akamaiedge.net

e10776.b.akamaiedge.net

IN A

23.222.59.50
DNS

munchkin.marketo.net

firefox.exe

Remote address:

8.8.8.8:53

Request

munchkin.marketo.net

IN A

Response

munchkin.marketo.net

IN CNAME

wildcard.marketo.net.edgekey.net

wildcard.marketo.net.edgekey.net

IN CNAME

e10776.b.akamaiedge.net

e10776.b.akamaiedge.net

IN A

23.222.59.50
DNS

a.opmnstr.com

firefox.exe

Remote address:

8.8.8.8:53

Request

a.opmnstr.com

IN A

Response

a.opmnstr.com

IN CNAME

omapp.b-cdn.net

omapp.b-cdn.net

IN A

103.180.115.2
DNS

omapp.b-cdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

omapp.b-cdn.net

IN A

Response

omapp.b-cdn.net

IN A

103.180.115.2
GET

https://a.opmnstr.com/app/js/api.min.js

firefox.exe

Remote address:

103.180.115.2:443

Request

GET /app/js/api.min.js HTTP/2.0
host: a.opmnstr.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.winzip.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:47:16 GMT
content-type: application/javascript
vary: Accept-Encoding
server: BunnyCDN-CEN1-1045
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: IN
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"642485dc-c83d"
last-modified: Wed, 29 Mar 2023 18:39:24 GMT
cdn-storageserver: SG-561
cdn-requestpullsuccess: True
cdn-fileserver: 561
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 04/11/2023 19:29:30
cdn-edgestorageid: 1045
cdn-status: 200
cdn-requestid: 101790f55ba860745c549d788e2390ad
cdn-cache: HIT
content-encoding: br
GET

https://unpkg.com/web-vitals/dist/web-vitals.iife.js

firefox.exe

Remote address:

104.16.125.175:443

Request

GET /web-vitals/dist/web-vitals.iife.js HTTP/2.0
host: unpkg.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://www.winzip.com/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 302

date: Wed, 12 Apr 2023 12:47:16 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@3.3.1/dist/web-vitals.iife.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GXTQJH3DPF5W5D9Y9AKERHDQ-ams
cf-cache-status: HIT
age: 542
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b6b93af7d9e41bc-AMS
DNS

omapp.b-cdn.net

firefox.exe

Remote address:

8.8.8.8:53

Request

omapp.b-cdn.net

IN AAAA

Response
DNS

unpkg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

unpkg.com

IN A

Response

unpkg.com

IN A

104.16.123.175

unpkg.com

IN A

104.16.122.175

unpkg.com

IN A

104.16.125.175

unpkg.com

IN A

104.16.124.175

unpkg.com

IN A

104.16.126.175
DNS

ws.zoominfo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN A

Response

ws.zoominfo.com

IN A

104.16.168.82

ws.zoominfo.com

IN A

104.16.101.12
DNS

unpkg.com

firefox.exe

Remote address:

8.8.8.8:53

Request

unpkg.com

IN AAAA

Response

unpkg.com

IN AAAA

2606:4700::6810:7baf

unpkg.com

IN AAAA

2606:4700::6810:7daf

unpkg.com

IN AAAA

2606:4700::6810:7aaf

unpkg.com

IN AAAA

2606:4700::6810:7eaf

unpkg.com

IN AAAA

2606:4700::6810:7caf
DNS

ws.zoominfo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN AAAA

Response

ws.zoominfo.com

IN AAAA

2606:4700::6810:650c

ws.zoominfo.com

IN AAAA

2606:4700::6810:a852
DNS

ws.zoominfo.com

firefox.exe

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN AAAA

Response

ws.zoominfo.com

IN AAAA

2606:4700::6810:650c

ws.zoominfo.com

IN AAAA

2606:4700::6810:a852
DNS

e10776.b.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e10776.b.akamaiedge.net

IN A

Response

e10776.b.akamaiedge.net

IN A

23.222.59.50
DNS

e10776.b.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e10776.b.akamaiedge.net

IN A

Response

e10776.b.akamaiedge.net

IN A

23.222.59.50
DNS

e10776.b.akamaiedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

e10776.b.akamaiedge.net

IN AAAA

Response
GET

https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json

firefox.exe

Remote address:

104.19.187.97:443

Request

GET /consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json HTTP/2.0
host: cdn.cookielaw.org
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://www.winzip.com
referer: https://www.winzip.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Wed, 12 Apr 2023 12:47:16 GMT
content-type: application/x-javascript
content-length: 1745
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: 6oTmChGIWGCnIvPoKIHvTg==
last-modified: Thu, 15 Sep 2022 17:27:45 GMT
etag: 0x8DA973F9A38527F
x-ms-request-id: 9bf46f4b-601e-0002-34e1-5ada1c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 65472
expires: Thu, 13 Apr 2023 12:47:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b6b93b18b021b06-AMS
DNS

installer.corel.com

firefox.exe

Remote address:

8.8.8.8:53

Request

installer.corel.com

IN A

Response

installer.corel.com

IN A

54.164.253.196

installer.corel.com

IN A

52.22.124.208

installer.corel.com

IN A

18.210.189.65

installer.corel.com

IN A

52.22.2.203
DNS

cdn.linkedin.oribi.io

firefox.exe

Remote address:

8.8.8.8:53

Request

cdn.linkedin.oribi.io

IN A

Response

cdn.linkedin.oribi.io

IN CNAME

d1ni990a184w7d.cloudfront.net

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.9

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.92

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.95

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.81
DNS

installer.corel.com

firefox.exe

Remote address:

8.8.8.8:53

Request

installer.corel.com

IN A

Response

installer.corel.com

IN A

54.164.253.196

installer.corel.com

IN A

52.22.124.208

installer.corel.com

IN A

18.210.189.65

installer.corel.com

IN A

52.22.2.203
GET

https://cdn.linkedin.oribi.io/partner/4043810/domain/winzip.com/token

firefox.exe

Remote address:

52.222.139.9:443

Request

GET /partner/4043810/domain/winzip.com/token HTTP/2.0
host: cdn.linkedin.oribi.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: *
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
origin: https://www.winzip.com
referer: https://www.winzip.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

content-type: application/json
date: Wed, 12 Apr 2023 12:37:26 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: SsTiy285D8aUEMehAXRTgoJiYheItWTI3LCgkGP6svz7oiNmWMisHg==
age: 590
DNS

d1ni990a184w7d.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d1ni990a184w7d.cloudfront.net

IN A

Response

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.95

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.92

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.9

d1ni990a184w7d.cloudfront.net

IN A

52.222.139.81
DNS

installer.corel.com

firefox.exe

Remote address:

8.8.8.8:53

Request

installer.corel.com

IN AAAA

Response
DNS

px.ads.linkedin.com

firefox.exe

Remote address:

8.8.8.8:53

Request

px.ads.linkedin.com

IN A

Response

px.ads.linkedin.com

IN CNAME

www.linkedin.com

www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

l-0005.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0005.l-msedge.net

IN A

Response

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

d1ni990a184w7d.cloudfront.net

firefox.exe

Remote address:

8.8.8.8:53

Request

d1ni990a184w7d.cloudfront.net

IN AAAA

Response

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:2200:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:5c00:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:d600:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:6600:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:6400:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:3000:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:ba00:2:53b2:240:93a1

d1ni990a184w7d.cloudfront.net

IN AAAA

2600:9000:2204:ac00:2:53b2:240:93a1
DNS

34.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.36.251.142.in-addr.arpa

IN PTR

Response

34.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f21e100net
DNS

97.187.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.187.19.104.in-addr.arpa

IN PTR

Response
DNS

178.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.238.32.23.in-addr.arpa

IN PTR

Response

178.238.32.23.in-addr.arpa

IN PTR

a23-32-238-178deploystaticakamaitechnologiescom
DNS

175.125.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.125.16.104.in-addr.arpa

IN PTR

Response
DNS

2.115.180.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.115.180.103.in-addr.arpa

IN PTR

Response
DNS

l-0005.l-msedge.net

firefox.exe

Remote address:

8.8.8.8:53

Request

l-0005.l-msedge.net

IN AAAA

Response

l-0005.l-msedge.net

IN AAAA

2620:1ec:21::14
DNS

9.139.222.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.139.222.52.in-addr.arpa

IN PTR

Response

9.139.222.52.in-addr.arpa

IN PTR

server-52-222-139-9ams50r cloudfrontnet
DNS

www.corel.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.corel.com

IN A

Response

www.corel.com

IN CNAME

www-san.corel.com.edgekey.net

www-san.corel.com.edgekey.net

IN CNAME

e834.d.akamaiedge.net

e834.d.akamaiedge.net

IN A

23.44.232.34
DNS

196.253.164.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.253.164.54.in-addr.arpa

IN PTR

Response

196.253.164.54.in-addr.arpa

IN PTR

ec2-54-164-253-196 compute-1 amazonawscom
GET

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

firefox.exe

Remote address:

205.196.123.190:443

Request

GET /17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z HTTP/1.1
Host: download1502.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ukey=7ktm8ydt32tqq936f9lwe9qtutyf6z89; __cf_bm=VbINILDIh1p.hMLMOwa83dDgGZ865E2ATxa9oXXNn2c-1681303620-0-AesdPDEk3X3A0/eNkXEC9i3/GlYdGMheJv1FVsIA8GsVTPeYpVZhqq1BDOmu0difoVAvdkgbApCU8LZ2bjfh8xZzHYBewUdRRu4E9cQ+5RFpTavZSw6e9kPpZj2RS1rW5n8LCw+rb8VWF2blj/kfe4/DPQFA2KLy5y0hBNjgIj00
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1

Response

HTTP/1.1 302 Found

server: bd-0.1.21
location: https://www.mediafire.com/download_repair.php?flag=4&dkey=17ydfwcx3meg&qkey=83e94f7jhl5jyyf&ip=154%2E61%2E71%2E51
content-length: 0
date: Wed, 12 Apr 2023 12:47:28 GMT
DNS

www.mediafire.com

firefox.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN AAAA

Response

2.16.241.76:443

assets.msn.com

tls

3.3kB
27.5kB
35
33
104.26.7.139:443

https://btloader.com/tag?o=5678961798414336&upapi=true

tls, http2

chrome.exe

1.8kB
10.3kB
17
19

HTTP Request

GET https://btloader.com/tag?o=5678961798414336&upapi=true

HTTP Response

200
104.16.56.101:443

https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

tls, http2

chrome.exe

2.3kB
16.5kB
23
27

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

HTTP Response

200

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

HTTP Response

200
142.250.179.206:445

translate.google.com

260 B
5
108.156.61.29:443

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

tls, http2

chrome.exe

2.5kB
30.3kB
32
32

HTTP Request

GET https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

HTTP Response

200
142.250.179.206:443

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

tls, http2

chrome.exe

3.2kB
50.5kB
39
57

HTTP Request

GET https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

HTTP Request

GET https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
172.217.168.194:443

https://securepubads.g.doubleclick.net/tag/js/gpt.js

tls, http2

chrome.exe

2.3kB
34.4kB
26
37

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js
104.19.215.37:443

https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=7795&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

tls, http2

chrome.exe

3.4kB
64.1kB
41
64

HTTP Request

GET https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

HTTP Response

200

HTTP Request

GET https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=7795&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

HTTP Response

200
93.184.220.29:80

322 B
7
93.184.220.29:80

322 B
7
104.26.3.70:443

https://ad-delivery.net/px.gif?ch=1&e=0.4618025689887766

tls, http2

chrome.exe

2.1kB
5.2kB
18
17

HTTP Request

GET https://ad-delivery.net/px.gif?ch=2

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.21889058205525136

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.4618025689887766

HTTP Response

200
104.26.3.70:443

ad-delivery.net

tls, http2

chrome.exe

943 B
2.9kB
8
6
44.239.150.149:443

api.amplitude.com

tls

chrome.exe

4.4kB
7.0kB
21
25
142.250.179.206:139

translate.google.com

260 B
5
205.196.123.190:443

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

tls, http

chrome.exe

1.7kB
4.9kB
9
10

HTTP Request

GET https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

HTTP Response

302
205.196.123.190:443

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

tls, http

chrome.exe

2.2kB
5.0kB
13
12

HTTP Request

GET https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

HTTP Response

302
104.16.53.48:443

www.mediafire.com

tls

chrome.exe

117.3kB
213.2kB
211
252
142.250.179.138:443

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

tls, http2

chrome.exe

2.7kB
45.0kB
30
45

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

HTTP Request

GET https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
172.217.168.202:443

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main

tls, http2

chrome.exe

3.1kB
87.4kB
42
70

HTTP Request

GET https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main
172.217.168.202:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSLAn9uqUg1dGU6RIFDRVQj_4SBQ1a3e0uEgUNUopJoxIFDUC-9V0SBQ1AWQ9b?alt=proto

tls, http2

chrome.exe

1.8kB
6.9kB
14
14

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSLAn9uqUg1dGU6RIFDRVQj_4SBQ1a3e0uEgUNUopJoxIFDUC-9V0SBQ1AWQ9b?alt=proto
104.16.53.48:445

static.mediafire.com

260 B
5
104.16.54.48:445

static.mediafire.com

260 B
5
104.16.54.48:139

static.mediafire.com

260 B
5
20.189.173.5:443

322 B
7
205.196.123.190:443

download1502.mediafire.com

tls

chrome.exe

1.0kB
800 B
8
7
173.223.113.164:443

322 B
7
173.223.113.131:80

322 B
7
127.0.0.1:49954

firefox.exe
127.0.0.1:49981

firefox.exe
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

1.8kB
7.4kB
15
20

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles
34.120.5.221:443

https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30

tls, http2

firefox.exe

2.2kB
51.4kB
22
49

HTTP Request

GET https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=IE&count=30
44.236.158.174:443

shavar.services.mozilla.com

tls

firefox.exe

2.2kB
4.2kB
10
11
35.241.9.150:443

firefox.settings.services.mozilla.com

tls

firefox.exe

2.8kB
11.1kB
26
36
35.241.9.150:443

firefox.settings.services.mozilla.com

tls, http2

firefox.exe

1.2kB
5.6kB
10
10
34.117.65.55:443

https://push.services.mozilla.com/

tls, http

firefox.exe

1.9kB
6.1kB
13
15

HTTP Request

GET https://push.services.mozilla.com/

HTTP Response

101
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

1.6kB
11.7kB
16
23
8.238.177.126:80

322 B
7
142.250.179.206:443

https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

tls, http2

firefox.exe

1.9kB
21.0kB
17
27

HTTP Request

GET https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=
104.26.6.139:443

https://btloader.com/tag?o=5678961798414336&upapi=true

tls, http2

firefox.exe

1.8kB
11.3kB
15
19

HTTP Request

GET https://btloader.com/tag?o=5678961798414336&upapi=true

HTTP Response

200
104.16.56.101:443

https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

tls, http2

firefox.exe

1.8kB
11.0kB
15
20

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

HTTP Response

200
108.156.61.171:443

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

tls, http2

firefox.exe

1.8kB
30.3kB
16
32

HTTP Request

GET https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

HTTP Response

200
172.217.168.194:443

https://securepubads.g.doubleclick.net/tag/js/gpt.js

tls, http2

firefox.exe

1.9kB
33.1kB
18
34

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js
104.19.215.37:443

https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

tls, http2

firefox.exe

2.0kB
62.2kB
19
60

HTTP Request

GET https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

HTTP Response

200
104.26.3.70:443

https://ad-delivery.net/px.gif?ch=1&e=0.8154517507619563

tls, http2

firefox.exe

2.0kB
5.9kB
17
18

HTTP Request

GET https://ad-delivery.net/px.gif?ch=2

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.056183486263103766

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.8154517507619563

HTTP Response

200
104.26.3.70:443

ad-delivery.net

tls, http2

firefox.exe

1.2kB
3.8kB
10
8
52.13.86.78:443

api.amplitude.com

tls

firefox.exe

4.2kB
6.8kB
19
22
104.19.215.37:443

otnolatrnup.com

tls, http2

firefox.exe

1.3kB
4.0kB
11
9
205.196.123.190:443

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

tls, http

firefox.exe

1.5kB
4.9kB
9
11

HTTP Request

GET https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

HTTP Response

302
104.19.215.37:443

https://otnolatrnup.com/fp.engine?id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=90953&ver=async&time=0&referrerUrl=&subId=&tid=&abr=false&res=1280x720&stdTime=0&fpe=1&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&spt=0

tls, http2

firefox.exe

2.2kB
8.2kB
15
17

HTTP Request

GET https://otnolatrnup.com/fp.engine?id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=90953&ver=async&time=0&referrerUrl=&subId=&tid=&abr=false&res=1280x720&stdTime=0&fpe=1&curl=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FStargate_Network_v4.0.html&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&spt=0

HTTP Response

200
104.16.53.48:443

www.mediafire.com

tls

firefox.exe

87.1kB
240.9kB
181
262
104.16.53.48:443

static.mediafire.com

tls

firefox.exe

1.3kB
6.5kB
11
12
104.16.56.101:443

https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

tls, http2

firefox.exe

1.8kB
10.6kB
14
19

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

HTTP Response

200
142.250.179.138:443

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

tls, http2

firefox.exe

1.9kB
42.0kB
16
39

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
104.19.215.37:80

http://otnolatrnup.com/hideref.engine?d=https%3a%2f%2fworeppercomming.com%2f90c1a7c4-9526-4fe6-befc-18062e96619e%3fcampaignname%3d2_OperaGX%26placementname%3d2_OperaGX_NL_Win_WL%26bid%3d1.725%26totalcpv%3d0.001725%26channel%3dFile%2bHosting%2b%2526%2bSharing%26subchannel%3dFile%2bHosting%2b%2526%2bSharing%26medianame%3d2_OperaGX_WW_5.22%26keywords%3donline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%2conline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%26sourceid%3d101%26domainid%3d78947%26cpv%3d0.001725%26s2sParam%3d07029594-5d91-4490-9ae1-5ec69472fe03

http

firefox.exe

1.9kB
1.7kB
10
8

HTTP Request

GET http://otnolatrnup.com/hideref.engine?d=https%3a%2f%2fworeppercomming.com%2f90c1a7c4-9526-4fe6-befc-18062e96619e%3fcampaignname%3d2_OperaGX%26placementname%3d2_OperaGX_NL_Win_WL%26bid%3d1.725%26totalcpv%3d0.001725%26channel%3dFile%2bHosting%2b%2526%2bSharing%26subchannel%3dFile%2bHosting%2b%2526%2bSharing%26medianame%3d2_OperaGX_WW_5.22%26keywords%3donline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%2conline+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone%26sourceid%3d101%26domainid%3d78947%26cpv%3d0.001725%26s2sParam%3d07029594-5d91-4490-9ae1-5ec69472fe03

HTTP Response

302
13.127.149.1:443

https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_NL_Win_WL&bid=1.725&totalcpv=0.001725&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=78947&cpv=0.001725&s2sParam=07029594-5d91-4490-9ae1-5ec69472fe03

tls, http2

firefox.exe

2.4kB
7.3kB
14
20

HTTP Request

GET https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_NL_Win_WL&bid=1.725&totalcpv=0.001725&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=78947&cpv=0.001725&s2sParam=07029594-5d91-4490-9ae1-5ec69472fe03

HTTP Response

302
188.114.97.0:443

https://www.ostlon.com/cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=wkvs2m2j1o1vg4vnisjq259c

tls, http2

firefox.exe

1.8kB
5.3kB
14
14

HTTP Request

GET https://www.ostlon.com/cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=wkvs2m2j1o1vg4vnisjq259c

HTTP Response

302
142.250.179.206:443

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

tls, http2

firefox.exe

1.9kB
38.3kB
17
42

HTTP Request

GET https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
18.158.22.43:443

www.opera.com

tls

firefox.exe

2.7kB
24.6kB
19
36
23.2.213.218:443

cdn-production-opera-website.operacdn.com

tls, http2

firefox.exe

1.5kB
5.0kB
15
15
23.2.213.218:443

https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/client/welcomeGx/favicon/favicon-16x16.7e0186031727.png

tls, http2

firefox.exe

21.9kB
2.7MB
321
1980

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/css/output.3cfc35222e33.css

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/theme-switcher/gx__color-theme--classic.1b752fb481b6.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-light-mode.ae3068ee8c01.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--light-mode.01aad9997fb5.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-corner.be1333483846.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--gx-corner.b44c9289e362.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-twitch.8902d1ec9cef.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--twitch.5f4495877f47.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-discord.513c7c78f5c8.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-cleaner@2x.43ff34bf1a7b.webp

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx-mobile__android-iOS@2x.d190a54a25f9.webp

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx__mobile.c8ecc394b852.jpg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-o.a069885fbe7c.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-and-name--white.8877a4c85063.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/1x1px.91e42db1c66c.png

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/icons/arrows/up--black.0bb74469b23f.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/components/download/googleplay/google-play--en.4fbc8629bab0.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/components/download/appstore/app-store--en.97abc7d15cbf.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/feature-promo/awesome-features--gx.e698406b3212.jpg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--mobile@2x.dad38e627140.webp

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--home.a3a32725c8c8.webp

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__mobile--hero-section@2x.105801afec18.webp

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/hero-top/gx/gx__feature-laptop--gx-mobile@2x.4aa1a438e946.webp

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--discord.3e893cef8784.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-player.416a8e402db6.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--player.694659842717.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-messengers.9bd35388afd6.svg

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--messengers.e491d059f927.png

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-pinboards.7e83626e788a.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--pinboards.aaecb2a9fc24.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-flow.736ea0e793e4.svg

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--flow.3dafb84d8d14.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx-fast-navigation.53111f7a4633.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/sections/2021/gx-features-slider/gx__feature--fast-navigation.cd994c62ac97.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/gx2021/gaming-inspired-features-bg.cdcfd5388fec.jpg

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/logo/logo-and-name-negative.51c8dfe30ee2.png

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/CACHE/js/output.505eae99f3de.js

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/1cb6d11c2c491cd2f1fd.4bf5cf63e125.jpg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/67e772f5c7c0ff691b84.d5b84517520e.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/e27705cb3ec237f960f3.f680dae9c9b7.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/47b3738fc2ea7ddbe1aa.e9f144d88e65.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/e4e2a9ac3e7495306ef0.61f316276ca6.svg?8b55b0eadd0a

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/a2f64f0b0b76727a4500.f932611b6573.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/f629332a6204be810902.16d2b680579e.svg?8b55b0eadd0a

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/12a67856463b108d403c.04d22e84247c.svg?d38655d3961d

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/4bd99d9bd226ba406ccb.9bd90c944fec.svg?d38655d3961d

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/df25d1ade7e0a6d6cb0f.1f01a17b022b.svg?d38655d3961d

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/acd687f2889cbfbdd533.cc973b32f43e.svg?d38655d3961d

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/5f4fb6f3bc1167ddd76e.4e22cba3c1d8.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/8dd28da7d9c471175a7b.19228cbf00eb.svg?d38655d3961d

HTTP Response

200

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/client/welcomeGx/favicon/apple-touch-icon.7915359f724d.png

HTTP Request

GET https://cdn-production-opera-website.operacdn.com/staticfiles/assets/images/pages/client/welcomeGx/favicon/favicon-16x16.7e0186031727.png

HTTP Response

200

HTTP Response

200
23.2.213.218:443

cdn-production-opera-website.operacdn.com

tls, http2

firefox.exe

1.4kB
4.9kB
14
14
23.2.213.218:443

cdn-production-opera-website.operacdn.com

tls, http2

firefox.exe

1.4kB
4.9kB
14
14
23.2.213.218:443

cdn-production-opera-website.operacdn.com

tls, http2

firefox.exe

1.4kB
4.9kB
14
14
23.2.213.218:443

cdn-production-opera-website.operacdn.com

tls, http2

firefox.exe

1.3kB
4.9kB
12
14
151.101.1.140:443

https://www.redditstatic.com/ads/pixel.js

tls, http2

firefox.exe

1.8kB
13.3kB
17
23

HTTP Request

GET https://www.redditstatic.com/ads/pixel.js

HTTP Response

200
87.248.116.12:443

https://s.yimg.com/wi/ytc.js

tls, http2

firefox.exe

1.7kB
13.4kB
15
21

HTTP Request

GET https://s.yimg.com/wi/ytc.js
108.156.60.77:443

https://static.hotjar.com/c/hotjar-445451.js?sv=7

tls, http2

firefox.exe

1.8kB
10.4kB
15
19

HTTP Request

GET https://static.hotjar.com/c/hotjar-445451.js?sv=7

HTTP Response

200
151.101.1.44:443

https://trc.taboola.com/1410119/trc/3/json?tim=1681303615534&data=%7B%22id%22%3A610%2C%22ii%22%3A%22%2Fgx%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681303615492%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Doperasoftwarees-operasoftwarees-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681303615534%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i

tls, http2

firefox.exe

2.9kB
26.3kB
18
33

HTTP Request

GET https://cdn.taboola.com/libtrc/unip/1410119/tfa.js

HTTP Response

200

HTTP Request

GET https://trc.taboola.com/1410119/trc/3/json?tim=1681303615534&data=%7B%22id%22%3A610%2C%22ii%22%3A%22%2Fgx%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1681303615492%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Doperasoftwarees-operasoftwarees-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1681303615534%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i

HTTP Response

200
157.240.201.15:443

connect.facebook.net

tls

firefox.exe

2.0kB
35.1kB
19
38
34.117.98.198:443

https://tags.creativecdn.com/oA5aPxBEyx4hFQoyTt5C.js

tls, http2

firefox.exe

2.0kB
11.2kB
17
23

HTTP Request

GET https://tags.creativecdn.com/1gnG4zGXkPW95vXqyMLu.js

HTTP Request

GET https://tags.creativecdn.com/oA5aPxBEyx4hFQoyTt5C.js
151.101.1.140:443

https://alb.reddit.com/rp.gif?ts=1681303615055&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=009856a1-c05c-4442-b554-a9e2021fc992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_65e23bc4

tls, http2

firefox.exe

2.1kB
5.2kB
17
18

HTTP Request

GET https://alb.reddit.com/rp.gif?ts=1681303615055&id=t2_378pcjv6&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=009856a1-c05c-4442-b554-a9e2021fc992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_65e23bc4

HTTP Response

200
34.117.98.198:443

tags.creativecdn.com

tls, http2

firefox.exe

1.3kB
5.8kB
11
11
216.58.214.14:443

https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je34a0&_p=500978051&_gaz=1&cid=1462830660.1681303615&ul=en-us&sr=1280x720&_s=1&sid=1681303615&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1&dt=Opera%20GX%20%7C%20Gaming%20Browser%20%7C%20Opera&en=page_view&_fv=1&_nsi=1&_ss=1

tls, http2

firefox.exe

2.2kB
8.5kB
15
18

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-T18E1GTPQG&gtm=45je34a0&_p=500978051&_gaz=1&cid=1462830660.1681303615&ul=en-us&sr=1280x720&_s=1&sid=1681303615&sct=1&seg=0&dl=https%3A%2F%2Fwww.opera.com%2Fgx%3Futm_content%3D2923_c25be22e-ac35-4bba-a2b8-212f01034d26%26utm_source%3DPWNgames%26utm_medium%3Dpa%26utm_campaign%3DPWN_IN%26utm_id%3Dc1466faeb0dc4095a9a3bf615f4cedc2%26edition%3Dstd-1&dt=Opera%20GX%20%7C%20Gaming%20Browser%20%7C%20Opera&en=page_view&_fv=1&_nsi=1&_ss=1
87.248.116.12:443

https://s.yimg.com/wi/config/10176867.json

tls, http2

firefox.exe

1.8kB
7.1kB
15
19

HTTP Request

GET https://s.yimg.com/wi/config/10176867.json
151.101.1.44:443

trc.taboola.com

tls, http2

firefox.exe

1.4kB
5.0kB
14
14
185.184.8.90:443

https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=YaUKfU1hU_Od8-tWs29ViCtYcQLeIenbH5DEBsXii6vVNM-z2g6BCjqV_uvf3OPq4v6HMUznUiwt2TIS3xzKP-_Ztn7huvNqK_SAqw4X8XEJtpIqwb3HNmOGz_5PZaTzxKM2oEWOjmfwCDUCSFwrZA

tls, http2

firefox.exe

3.2kB
7.1kB
20
17

HTTP Request

POST https://ams.creativecdn.com/tags/v2?type=json

HTTP Response

307

HTTP Request

POST https://ams.creativecdn.com/tags/v2?type=json&tc=1

HTTP Response

200

HTTP Request

GET https://fledge-eu.creativecdn.com/fledge-igmembership?ntk=YaUKfU1hU_Od8-tWs29ViCtYcQLeIenbH5DEBsXii6vVNM-z2g6BCjqV_uvf3OPq4v6HMUznUiwt2TIS3xzKP-_Ztn7huvNqK_SAqw4X8XEJtpIqwb3HNmOGz_5PZaTzxKM2oEWOjmfwCDUCSFwrZA

HTTP Response

200
185.184.8.90:443

https://ams.creativecdn.com/tags/v2?type=json&tc=1

tls, http2

firefox.exe

1.9kB
5.1kB
15
15

HTTP Request

OPTIONS https://ams.creativecdn.com/tags/v2?type=json

HTTP Response

200

HTTP Request

OPTIONS https://ams.creativecdn.com/tags/v2?type=json&tc=1

HTTP Response

200
13.227.219.71:443

https://script.hotjar.com/modules.294a0ba1597f9e43eb87.js

tls, http2

firefox.exe

2.0kB
77.0kB
19
68

HTTP Request

GET https://script.hotjar.com/modules.294a0ba1597f9e43eb87.js

HTTP Response

200
142.250.102.157:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T18E1GTPQG&cid=1462830660.1681303615&gtm=45je34a0&aip=1

tls, http2

firefox.exe

1.9kB
6.1kB
15
15

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T18E1GTPQG&cid=1462830660.1681303615&gtm=45je34a0&aip=1
157.240.247.35:443

www.facebook.com

tls

firefox.exe

2.0kB
4.7kB
14
15
204.79.197.200:443

bat.bing.com

tls

firefox.exe

3.1kB
22.4kB
23
39
185.184.8.90:443

fledge-eu.creativecdn.com

tls, http2

firefox.exe

1.2kB
4.5kB
9
11
142.251.39.106:443

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main

tls, http2

firefox.exe

2.3kB
87.1kB
23
74

HTTP Request

GET https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.UhV9XYYyxvI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfo0F9HhTw522jRKheptjI9nj-1jMw/m=el_main
142.250.179.170:443

translate-pa.googleapis.com

tls, http2

firefox.exe

1.2kB
5.7kB
10
9
130.211.23.194:443

https://api.btloader.com/log?upapi=true&tid=LEOnG5cE67&cv=2.1.10-3-g4120aac

tls, http2

firefox.exe

1.9kB
6.1kB
15
15

HTTP Request

POST https://api.btloader.com/log?upapi=true&tid=LEOnG5cE67&cv=2.1.10-3-g4120aac
5.150.170.4:443

prf.hn

tls

firefox.exe

1.7kB
6.2kB
11
12
104.16.242.229:443

https://store.winzip.com/852/purl-mediafire?x-clickref=1100lwHowKb5

tls, http2

firefox.exe

1.8kB
6.0kB
14
13

HTTP Request

GET https://store.winzip.com/852/purl-mediafire?x-clickref=1100lwHowKb5

HTTP Response

302
23.44.232.34:443

www.winzip.com

tls

firefox.exe

8.5kB
226.4kB
80
237
204.79.197.200:443

bat.bing.com

tls

firefox.exe

1.9kB
21.2kB
15
31
142.251.36.34:443

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996698607/?random=1681303633956&cv=11&fst=1681303633956&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1280&u_h=720&url=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fpartner%2Fmediafire%2Fwinzip-trial%2F%3Fx-source%3Dojmf_trial%26x-publisher-id%3D1101l145839%26x-target%3Domf2%26x-clickref%3D1100lwHowKb5&hn=www.googleadservices.com&frm=0&tiba=WinZip%20-%20Safely%20and%20easily%20open%20your%20downloaded%20files&auid=1613915826.1681303634&rfmt=3&fmt=4

tls, http2

firefox.exe

2.2kB
8.0kB
16
21

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996698607/?random=1681303633956&cv=11&fst=1681303633956&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1280&u_h=720&url=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fpartner%2Fmediafire%2Fwinzip-trial%2F%3Fx-source%3Dojmf_trial%26x-publisher-id%3D1101l145839%26x-target%3Domf2%26x-clickref%3D1100lwHowKb5&hn=www.googleadservices.com&frm=0&tiba=WinZip%20-%20Safely%20and%20easily%20open%20your%20downloaded%20files&auid=1613915826.1681303634&rfmt=3&fmt=4
104.19.187.97:443

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

tls, http2

firefox.exe

1.7kB
11.6kB
14
19

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

200
23.32.238.178:443

https://snap.licdn.com/li.lms-analytics/insight.min.js

tls, http2

firefox.exe

1.9kB
10.8kB
17
25

HTTP Request

GET https://snap.licdn.com/li.lms-analytics/insight.min.js

HTTP Response

200
157.240.201.15:443

connect.facebook.net

tls

firefox.exe

1.8kB
34.3kB
16
36
103.180.115.2:443

https://a.opmnstr.com/app/js/api.min.js

tls, http2

firefox.exe

2.1kB
26.3kB
21
29

HTTP Request

GET https://a.opmnstr.com/app/js/api.min.js

HTTP Response

200
104.16.125.175:443

https://unpkg.com/web-vitals/dist/web-vitals.iife.js

tls, http2

firefox.exe

1.8kB
4.5kB
15
14

HTTP Request

GET https://unpkg.com/web-vitals/dist/web-vitals.iife.js

HTTP Response

302
104.19.187.97:443

https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json

tls, http2

firefox.exe

1.8kB
6.4kB
14
14

HTTP Request

GET https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json

HTTP Response

200
54.164.253.196:443

installer.corel.com

tls

firefox.exe

2.1kB
7.4kB
17
21
52.222.139.9:443

https://cdn.linkedin.oribi.io/partner/4043810/domain/winzip.com/token

tls, http2

firefox.exe

1.8kB
7.4kB
14
19

HTTP Request

GET https://cdn.linkedin.oribi.io/partner/4043810/domain/winzip.com/token

HTTP Response

200
23.44.232.34:443

www.corel.com

tls

firefox.exe

1.9kB
5.5kB
15
19
205.196.123.190:443

https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

tls, http

firefox.exe

1.9kB
1.1kB
8
9

HTTP Request

GET https://download1502.mediafire.com/17ydfwcx3meg/83e94f7jhl5jyyf/Stargate+Network+v4.0.7z

HTTP Response

302

8.8.8.8:53

assets.msn.com

dns

60 B
166 B
1
1

DNS Request

assets.msn.com

DNS Response

2.16.241.76

2.16.241.97
8.8.8.8:53

76.241.16.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

76.241.16.2.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

btloader.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

btloader.com

DNS Response

104.26.7.139

104.26.6.139

172.67.70.134
8.8.8.8:53

static.cloudflareinsights.com

dns

firefox.exe

75 B
107 B
1
1

DNS Request

static.cloudflareinsights.com

DNS Response

104.16.56.101

104.16.57.101
8.8.8.8:53

fundingchoicesmessages.google.com

dns

firefox.exe

79 B
116 B
1
1

DNS Request

fundingchoicesmessages.google.com

DNS Response

142.250.179.206
8.8.8.8:53

cdn.amplitude.com

dns

firefox.exe

63 B
127 B
1
1

DNS Request

cdn.amplitude.com

DNS Response

108.156.61.29

108.156.61.65

108.156.61.101

108.156.61.171
8.8.8.8:53

translate.google.com

dns

firefox.exe

66 B
103 B
1
1

DNS Request

translate.google.com

DNS Response

142.250.179.206
8.8.8.8:53

securepubads.g.doubleclick.net

dns

firefox.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

172.217.168.194
8.8.8.8:53

200.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

200.179.250.142.in-addr.arpa
8.8.8.8:53

195.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.179.250.142.in-addr.arpa
8.8.8.8:53

139.7.26.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

139.7.26.104.in-addr.arpa
8.8.8.8:53

101.56.16.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

101.56.16.104.in-addr.arpa
8.8.8.8:53

29.61.156.108.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

29.61.156.108.in-addr.arpa
8.8.8.8:53

206.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

206.179.250.142.in-addr.arpa
8.8.8.8:53

194.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.168.217.172.in-addr.arpa
8.8.8.8:53

cdn.otnolatrnup.com

dns

firefox.exe

65 B
97 B
1
1

DNS Request

cdn.otnolatrnup.com

DNS Response

104.19.215.37

104.19.214.37
8.8.8.8:53

ad-delivery.net

dns

firefox.exe

61 B
109 B
1
1

DNS Request

ad-delivery.net

DNS Response

104.26.3.70

104.26.2.70

172.67.69.19
172.217.168.194:443

securepubads.g.doubleclick.net

https

chrome.exe

6.4kB
139.0kB
56
114
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
191 B
1
1

DNS Request

api.amplitude.com

DNS Response

44.239.150.149

50.112.114.242

35.83.25.100

34.211.209.234

44.239.189.233

54.148.207.183

44.238.14.4

54.213.220.225
8.8.8.8:53

otnolatrnup.com

dns

firefox.exe

61 B
93 B
1
1

DNS Request

otnolatrnup.com

DNS Response

104.19.215.37

104.19.214.37
8.8.8.8:53

translate.google.com

dns

firefox.exe

66 B
103 B
1
1

DNS Request

translate.google.com

DNS Response

142.250.179.206
8.8.8.8:53

112.211.227.13.in-addr.arpa

dns

146 B
220 B
2
2

DNS Request

112.211.227.13.in-addr.arpa

DNS Request

star-mini.c10r.facebook.com

DNS Response

157.240.5.35
8.8.8.8:53

37.215.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

37.215.19.104.in-addr.arpa
8.8.8.8:53

102.39.251.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

102.39.251.142.in-addr.arpa
8.8.8.8:53

70.3.26.104.in-addr.arpa

dns

70 B
132 B
1
1

DNS Request

70.3.26.104.in-addr.arpa
8.8.8.8:53

110.39.251.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

110.39.251.142.in-addr.arpa
8.8.8.8:53

149.150.239.44.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

149.150.239.44.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

download1502.mediafire.com

dns

firefox.exe

72 B
88 B
1
1

DNS Request

download1502.mediafire.com

DNS Response

205.196.123.190
8.8.8.8:53

www.mediafire.com

dns

firefox.exe

63 B
95 B
1
1

DNS Request

www.mediafire.com

DNS Response

104.16.53.48

104.16.54.48
8.8.8.8:53

190.123.196.205.in-addr.arpa

dns

148 B
148 B
2
2

DNS Request

190.123.196.205.in-addr.arpa

DNS Request

190.123.196.205.in-addr.arpa
8.8.8.8:53

52.212.199.91.in-addr.arpa

dns

72 B
101 B
1
1

DNS Request

52.212.199.91.in-addr.arpa
8.8.8.8:53

48.53.16.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

48.53.16.104.in-addr.arpa
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.138
8.8.8.8:53

static.mediafire.com

dns

firefox.exe

66 B
98 B
1
1

DNS Request

static.mediafire.com

DNS Response

104.16.54.48

104.16.53.48
8.8.8.8:53

106.208.58.216.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

106.208.58.216.in-addr.arpa
8.8.8.8:53

138.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.179.250.142.in-addr.arpa
8.8.8.8:53

131.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

131.179.250.142.in-addr.arpa
8.8.8.8:53

translate.googleapis.com

dns

firefox.exe

70 B
86 B
1
1

DNS Request

translate.googleapis.com

DNS Response

172.217.168.202
8.8.8.8:53

translate-pa.googleapis.com

dns

firefox.exe

73 B
185 B
1
1

DNS Request

translate-pa.googleapis.com

DNS Response

142.250.179.202

142.251.36.10

142.251.39.106

216.58.214.10

142.250.179.138

142.251.36.42

142.250.179.170
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
237 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

172.217.168.202

216.58.208.106

216.58.214.10

142.250.179.138

142.251.36.42

172.217.168.234

142.250.179.170

142.250.179.202

142.251.36.10

142.251.39.106
8.8.8.8:53

202.168.217.172.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.168.217.172.in-addr.arpa
8.8.8.8:53

static.mediafire.com

dns

firefox.exe

66 B
98 B
1
1

DNS Request

static.mediafire.com

DNS Response

104.16.53.48

104.16.54.48
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
142.250.179.206:443

translate.google.com

https

chrome.exe

4.8kB
47.8kB
29
48
104.19.215.37:443

otnolatrnup.com

https

chrome.exe

5.7kB
9.7kB
14
16
142.250.179.202:443

content-autofill.googleapis.com

https

chrome.exe

3.8kB
8.9kB
14
13
8.8.8.8:53

202.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.179.250.142.in-addr.arpa
172.217.168.202:443

content-autofill.googleapis.com

https

chrome.exe

5.3kB
7.5kB
11
12
8.8.8.8:53

62.13.109.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

62.13.109.52.in-addr.arpa
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com
8.8.8.8:53

getpocket.cdn.mozilla.net

dns

firefox.exe

71 B
174 B
1
1

DNS Request

getpocket.cdn.mozilla.net

DNS Response

34.120.5.221
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
99 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

35.241.9.150
8.8.8.8:53

shavar.services.mozilla.com

dns

firefox.exe

73 B
205 B
1
1

DNS Request

shavar.services.mozilla.com

DNS Response

44.236.158.174

44.241.53.229

54.214.73.137

35.83.144.93

44.238.157.127

54.148.4.3
8.8.8.8:53

push.services.mozilla.com

dns

firefox.exe

71 B
125 B
1
1

DNS Request

push.services.mozilla.com

DNS Response

34.117.65.55
8.8.8.8:53

prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.pocket.prod.cloudops.mozgcp.net

DNS Response

34.120.5.221
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
164 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

35.83.144.93

44.241.53.229

54.214.73.137

44.236.158.174

54.148.4.3

44.238.157.127
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

autopush.prod.mozaws.net

DNS Response

34.117.65.55
8.8.8.8:53

prod.pocket.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
110 B
1
1

DNS Request

prod.pocket.prod.cloudops.mozgcp.net

DNS Response

2600:1901:0:524c::
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
155 B
1
1

DNS Request

autopush.prod.mozaws.net
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
153 B
1
1

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
99 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

35.241.9.150
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
167 B
1
1

DNS Request

firefox.settings.services.mozilla.com
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

239.237.117.34.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

239.237.117.34.in-addr.arpa
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

221.5.120.34.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

221.5.120.34.in-addr.arpa
8.8.8.8:53

150.9.241.35.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

150.9.241.35.in-addr.arpa
8.8.8.8:53

191.144.160.34.in-addr.arpa

dns

146 B
252 B
2
2

DNS Request

191.144.160.34.in-addr.arpa

DNS Request

191.144.160.34.in-addr.arpa
8.8.8.8:53

55.65.117.34.in-addr.arpa

dns

142 B
244 B
2
2

DNS Request

55.65.117.34.in-addr.arpa

DNS Request

55.65.117.34.in-addr.arpa
8.8.8.8:53

174.158.236.44.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

174.158.236.44.in-addr.arpa
8.8.8.8:53

btloader.com

dns

firefox.exe

58 B
106 B
1
1

DNS Request

btloader.com

DNS Response

104.26.6.139

104.26.7.139

172.67.70.134
8.8.8.8:53

static.cloudflareinsights.com

dns

firefox.exe

75 B
107 B
1
1

DNS Request

static.cloudflareinsights.com

DNS Response

104.16.56.101

104.16.57.101
8.8.8.8:53

fundingchoicesmessages.google.com

dns

firefox.exe

79 B
116 B
1
1

DNS Request

fundingchoicesmessages.google.com

DNS Response

142.250.179.206
8.8.8.8:53

securepubads.g.doubleclick.net

dns

firefox.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

172.217.168.194
8.8.8.8:53

www3.l.google.com

dns

firefox.exe

63 B
79 B
1
1

DNS Request

www3.l.google.com

DNS Response

142.250.179.206
8.8.8.8:53

btloader.com

dns

firefox.exe

58 B
142 B
1
1

DNS Request

btloader.com

DNS Response

2606:4700:20::681a:78b

2606:4700:20::ac43:4686

2606:4700:20::681a:68b
8.8.8.8:53

static.cloudflareinsights.com

dns

firefox.exe

150 B
262 B
2
2

DNS Request

static.cloudflareinsights.com

DNS Response

2606:4700::6810:3865

2606:4700::6810:3965

DNS Request

static.cloudflareinsights.com

DNS Response

2606:4700::6810:3865

2606:4700::6810:3965
8.8.8.8:53

cdn.amplitude.com

dns

firefox.exe

63 B
127 B
1
1

DNS Request

cdn.amplitude.com

DNS Response

108.156.61.171

108.156.61.29

108.156.61.101

108.156.61.65
8.8.8.8:53

www3.l.google.com

dns

firefox.exe

63 B
91 B
1
1

DNS Request

www3.l.google.com

DNS Response

2a00:1450:400e:803::200e
8.8.8.8:53

cdn.otnolatrnup.com

dns

firefox.exe

65 B
97 B
1
1

DNS Request

cdn.otnolatrnup.com

DNS Response

104.19.215.37

104.19.214.37
8.8.8.8:53

securepubads46.g.doubleclick.net

dns

firefox.exe

78 B
94 B
1
1

DNS Request

securepubads46.g.doubleclick.net

DNS Response

172.217.168.194
8.8.8.8:53

cdn.amplitude.com

dns

firefox.exe

63 B
145 B
1
1

DNS Request

cdn.amplitude.com
8.8.8.8:53

securepubads46.g.doubleclick.net

dns

firefox.exe

78 B
106 B
1
1

DNS Request

securepubads46.g.doubleclick.net

DNS Response

2a00:1450:400e:80c::2002
8.8.8.8:53

cdn.otnolatrnup.com

dns

firefox.exe

65 B
121 B
1
1

DNS Request

cdn.otnolatrnup.com

DNS Response

2606:4700::6813:d625

2606:4700::6813:d725
142.250.179.206:443

www3.l.google.com

https

firefox.exe

2.3kB
20.6kB
9
22
104.19.215.37:443

cdn.otnolatrnup.com

https

firefox.exe

4.0kB
12.0kB
9
19
172.217.168.194:443

securepubads46.g.doubleclick.net

https

firefox.exe

2.7kB
139.5kB
16
105
8.8.8.8:53

ad-delivery.net

dns

firefox.exe

61 B
109 B
1
1

DNS Request

ad-delivery.net

DNS Response

104.26.3.70

172.67.69.19

104.26.2.70
8.8.8.8:53

ad-delivery.net

dns

firefox.exe

61 B
145 B
1
1

DNS Request

ad-delivery.net

DNS Response

2606:4700:20::681a:246

2606:4700:20::681a:346

2606:4700:20::ac43:4513
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
191 B
1
1

DNS Request

api.amplitude.com

DNS Response

52.13.86.78

52.34.3.55

52.35.249.60

44.225.128.118

52.13.56.114

35.83.172.14

34.217.204.4

35.162.182.85
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
191 B
1
1

DNS Request

api.amplitude.com

DNS Response

54.185.185.31

34.212.77.55

52.32.241.165

54.68.161.148

52.26.42.36

35.167.17.63

35.162.182.85

54.188.151.207
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
145 B
1
1

DNS Request

api.amplitude.com
8.8.8.8:53

otnolatrnup.com

dns

firefox.exe

61 B
93 B
1
1

DNS Request

otnolatrnup.com

DNS Response

104.19.215.37

104.19.214.37
8.8.8.8:53

otnolatrnup.com

dns

firefox.exe

61 B
117 B
1
1

DNS Request

otnolatrnup.com

DNS Response

2606:4700::6813:d725

2606:4700::6813:d625
8.8.8.8:53

139.6.26.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

139.6.26.104.in-addr.arpa
8.8.8.8:53

171.61.156.108.in-addr.arpa

dns

73 B
130 B
1
1

DNS Request

171.61.156.108.in-addr.arpa
104.19.215.37:443

otnolatrnup.com

https

firefox.exe

2.2kB
11.9kB
8
26
8.8.8.8:53

www.mediafire.com

dns

firefox.exe

63 B
95 B
1
1

DNS Request

www.mediafire.com

DNS Response

104.16.53.48

104.16.54.48
8.8.8.8:53

download1502.mediafire.com

dns

firefox.exe

72 B
88 B
1
1

DNS Request

download1502.mediafire.com

DNS Response

205.196.123.190
8.8.8.8:53

prf.hn

dns

firefox.exe

52 B
100 B
1
1

DNS Request

prf.hn

DNS Response

5.150.170.4

5.150.170.5

5.150.170.6
8.8.8.8:53

www.mediafire.com

dns

firefox.exe

63 B
121 B
1
1

DNS Request

www.mediafire.com
8.8.8.8:53

blog.mediafire.com

dns

firefox.exe

64 B
96 B
1
1

DNS Request

blog.mediafire.com

DNS Response

104.16.54.48

104.16.53.48
8.8.8.8:53

download1502.mediafire.com

dns

firefox.exe

144 B
260 B
2
2

DNS Request

download1502.mediafire.com

DNS Request

download1502.mediafire.com
8.8.8.8:53

prf.hn

dns

firefox.exe

52 B
100 B
1
1

DNS Request

prf.hn

DNS Response

5.150.170.5

5.150.170.4

5.150.170.6
8.8.8.8:53

prf.hn

dns

firefox.exe

52 B
134 B
1
1

DNS Request

prf.hn
8.8.8.8:53

blog.mediafire.com

dns

firefox.exe

64 B
96 B
1
1

DNS Request

blog.mediafire.com

DNS Response

104.16.54.48

104.16.53.48
8.8.8.8:53

vividengine.com

dns

firefox.exe

61 B
93 B
1
1

DNS Request

vividengine.com

DNS Response

104.18.19.82

104.18.18.82
8.8.8.8:53

mediafire.zendesk.com

dns

firefox.exe

134 B
198 B
2
2

DNS Request

mediafire.zendesk.com

DNS Response

104.16.53.111

104.16.51.111

DNS Request

mediafire.zendesk.com

DNS Response

104.16.53.111

104.16.51.111
8.8.8.8:53

blog.mediafire.com

dns

firefox.exe

64 B
122 B
1
1

DNS Request

blog.mediafire.com
8.8.8.8:53

vividengine.com

dns

firefox.exe

61 B
93 B
1
1

DNS Request

vividengine.com

DNS Response

104.18.19.82

104.18.18.82
8.8.8.8:53

mediafire.zendesk.com

dns

firefox.exe

134 B
290 B
2
2

DNS Request

mediafire.zendesk.com

DNS Request

mediafire.zendesk.com
8.8.8.8:53

twitter.com

dns

firefox.exe

57 B
73 B
1
1

DNS Request

twitter.com

DNS Response

104.244.42.193
8.8.8.8:53

vividengine.com

dns

firefox.exe

61 B
117 B
1
1

DNS Request

vividengine.com

DNS Response

2606:4700::6812:1352

2606:4700::6812:1252
8.8.8.8:53

www.facebook.com

dns

firefox.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.201.35
8.8.8.8:53

twitter.com

dns

firefox.exe

114 B
242 B
2
2

DNS Request

twitter.com

DNS Response

104.244.42.129

104.244.42.1

104.244.42.193

104.244.42.65

DNS Request

twitter.com

DNS Response

104.244.42.193

104.244.42.129

104.244.42.1

104.244.42.65
8.8.8.8:53

star-mini.c10r.facebook.com

dns

firefox.exe

146 B
202 B
2
2

DNS Request

star-mini.c10r.facebook.com

DNS Response

2a03:2880:f178:89:face:b00c:0:25de

DNS Request

star-mini.c10r.facebook.com

DNS Response

2a03:2880:f178:89:face:b00c:0:25de
8.8.8.8:53

78.86.13.52.in-addr.arpa

dns

70 B
131 B
1
1

DNS Request

78.86.13.52.in-addr.arpa
104.19.215.37:443

otnolatrnup.com

https

firefox.exe

10.6kB
19.1kB
17
29
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.138
8.8.8.8:53

static.mediafire.com

dns

firefox.exe

66 B
124 B
1
1

DNS Request

static.mediafire.com
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.251.39.106
8.8.8.8:53

ajax.googleapis.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

2a00:1450:400e:810::200a
142.250.179.138:443

ajax.googleapis.com

https

firefox.exe

2.0kB
7.4kB
8
9
8.8.8.8:53

woreppercomming.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

woreppercomming.com

DNS Response

13.127.149.1
8.8.8.8:53

woreppercomming.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

woreppercomming.com

DNS Response

13.127.149.1
8.8.8.8:53

woreppercomming.com

dns

firefox.exe

65 B
149 B
1
1

DNS Request

woreppercomming.com
8.8.8.8:53

1.149.127.13.in-addr.arpa

dns

71 B
134 B
1
1

DNS Request

1.149.127.13.in-addr.arpa
8.8.8.8:53

www.ostlon.com

dns

firefox.exe

60 B
92 B
1
1

DNS Request

www.ostlon.com

DNS Response

188.114.97.0

188.114.96.0
8.8.8.8:53

www.ostlon.com

dns

firefox.exe

60 B
92 B
1
1

DNS Request

www.ostlon.com

DNS Response

188.114.97.0

188.114.96.0
8.8.8.8:53

www.ostlon.com

dns

firefox.exe

120 B
232 B
2
2

DNS Request

www.ostlon.com

DNS Request

www.ostlon.com

DNS Response

2a06:98c1:3120::1

2a06:98c1:3121::1

DNS Response

2a06:98c1:3121::

2a06:98c1:3120::
142.250.179.206:443

www3.l.google.com

https

firefox.exe

3.5kB
10.0kB
11
12
188.114.97.0:443

www.ostlon.com

https

firefox.exe

1.8kB
6.3kB
5
10
8.8.8.8:53

www.opera.com

dns

firefox.exe

59 B
244 B
1
1

DNS Request

www.opera.com

DNS Response

18.158.22.43

35.157.148.78

35.156.55.86

18.157.59.108

52.58.13.117

52.28.106.162

3.124.58.221

35.156.116.214
8.8.8.8:53

front-geo.production.opera-website.route53.opera.com

dns

firefox.exe

98 B
226 B
1
1

DNS Request

front-geo.production.opera-website.route53.opera.com

DNS Response

3.124.107.0

52.57.43.233

3.124.58.221

18.157.59.108

35.156.57.53

35.156.55.86

35.157.148.78

52.58.147.181
8.8.8.8:53

front-geo.production.opera-website.route53.opera.com

dns

firefox.exe

98 B
180 B
1
1

DNS Request

front-geo.production.opera-website.route53.opera.com
8.8.8.8:53

www.googleoptimize.com

dns

firefox.exe

68 B
84 B
1
1

DNS Request

www.googleoptimize.com

DNS Response

142.251.39.110
8.8.8.8:53

cdn-production-opera-website.operacdn.com

dns

firefox.exe

174 B
414 B
2
2

DNS Request

cdn-production-opera-website.operacdn.com

DNS Response

23.2.213.218

DNS Request

cdn-production-opera-website.operacdn.com

DNS Response

23.2.213.218
8.8.8.8:53

www.googleoptimize.com

dns

firefox.exe

68 B
84 B
1
1

DNS Request

www.googleoptimize.com

DNS Response

142.251.39.110
8.8.8.8:53

www.googleoptimize.com

dns

firefox.exe

136 B
192 B
2
2

DNS Request

www.googleoptimize.com

DNS Response

2a00:1450:400e:811::200e

DNS Request

www.googleoptimize.com

DNS Response

2a00:1450:400e:811::200e
8.8.8.8:53

e11604.dscf.akamaiedge.net

dns

firefox.exe

72 B
88 B
1
1

DNS Request

e11604.dscf.akamaiedge.net

DNS Response

23.2.213.218
8.8.8.8:53

e11604.dscf.akamaiedge.net

dns

firefox.exe

72 B
128 B
1
1

DNS Request

e11604.dscf.akamaiedge.net

DNS Response

2a02:26f0:c900:294::2d54

2a02:26f0:c900:299::2d54
8.8.8.8:53

0.97.114.188.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

0.97.114.188.in-addr.arpa
8.8.8.8:53

43.22.158.18.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

43.22.158.18.in-addr.arpa
8.8.8.8:53

218.213.2.23.in-addr.arpa

dns

142 B
270 B
2
2

DNS Request

218.213.2.23.in-addr.arpa

DNS Request

218.213.2.23.in-addr.arpa
8.8.8.8:53

www.redditstatic.com

dns

firefox.exe

66 B
175 B
1
1

DNS Request

www.redditstatic.com

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
8.8.8.8:53

dualstack.reddit.map.fastly.net

dns

firefox.exe

77 B
141 B
1
1

DNS Request

dualstack.reddit.map.fastly.net

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
8.8.8.8:53

dualstack.reddit.map.fastly.net

dns

firefox.exe

77 B
189 B
1
1

DNS Request

dualstack.reddit.map.fastly.net

DNS Response

2a04:4e42::396

2a04:4e42:200::396

2a04:4e42:400::396

2a04:4e42:600::396
8.8.8.8:53

static.hotjar.com

dns

firefox.exe

63 B
152 B
1
1

DNS Request

static.hotjar.com

DNS Response

108.156.60.77

108.156.60.37

108.156.60.88

108.156.60.58
8.8.8.8:53

static-cdn.hotjar.com

dns

firefox.exe

67 B
131 B
1
1

DNS Request

static-cdn.hotjar.com

DNS Response

108.156.60.77

108.156.60.88

108.156.60.37

108.156.60.58
8.8.8.8:53

cdn.taboola.com

dns

firefox.exe

61 B
167 B
1
1

DNS Request

cdn.taboola.com

DNS Response

151.101.1.44

151.101.65.44

151.101.129.44

151.101.193.44
8.8.8.8:53

static-cdn.hotjar.com

dns

firefox.exe

67 B
151 B
1
1

DNS Request

static-cdn.hotjar.com
8.8.8.8:53

tls13.taboola.map.fastly.net

dns

firefox.exe

74 B
138 B
1
1

DNS Request

tls13.taboola.map.fastly.net

DNS Response

151.101.1.44

151.101.65.44

151.101.129.44

151.101.193.44
8.8.8.8:53

connect.facebook.net

dns

firefox.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.201.15
8.8.8.8:53

s.yimg.com

dns

firefox.exe

56 B
127 B
1
1

DNS Request

s.yimg.com

DNS Response

87.248.116.12

87.248.116.11
8.8.8.8:53

tls13.taboola.map.fastly.net

dns

firefox.exe

74 B
135 B
1
1

DNS Request

tls13.taboola.map.fastly.net
8.8.8.8:53

scontent.xx.fbcdn.net

dns

firefox.exe

67 B
83 B
1
1

DNS Request

scontent.xx.fbcdn.net

DNS Response

157.240.5.10
8.8.8.8:53

tags.creativecdn.com

dns

firefox.exe

66 B
82 B
1
1

DNS Request

tags.creativecdn.com

DNS Response

34.117.98.198
8.8.8.8:53

edge.gycpi.b.yahoodns.net

dns

firefox.exe

71 B
103 B
1
1

DNS Request

edge.gycpi.b.yahoodns.net

DNS Response

87.248.116.12

87.248.116.11
8.8.8.8:53

tags.creativecdn.com

dns

firefox.exe

66 B
82 B
1
1

DNS Request

tags.creativecdn.com

DNS Response

34.117.98.198
8.8.8.8:53

edge.gycpi.b.yahoodns.net

dns

firefox.exe

71 B
127 B
1
1

DNS Request

edge.gycpi.b.yahoodns.net

DNS Response

2a00:1288:84:800::1002

2a00:1288:84:800::1001
8.8.8.8:53

scontent.xx.fbcdn.net

dns

firefox.exe

67 B
95 B
1
1

DNS Request

scontent.xx.fbcdn.net

DNS Response

2a03:2880:f085:a:face:b00c:0:3
8.8.8.8:53

tags.creativecdn.com

dns

firefox.exe

66 B
137 B
1
1

DNS Request

tags.creativecdn.com
8.8.8.8:53

alb.reddit.com

dns

firefox.exe

60 B
159 B
1
1

DNS Request

alb.reddit.com

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
8.8.8.8:53

reddit.map.fastly.net

dns

firefox.exe

67 B
131 B
1
1

DNS Request

reddit.map.fastly.net

DNS Response

151.101.1.140

151.101.65.140

151.101.129.140

151.101.193.140
8.8.8.8:53

reddit.map.fastly.net

dns

firefox.exe

134 B
256 B
2
2

DNS Request

reddit.map.fastly.net

DNS Request

reddit.map.fastly.net
157.240.201.15:443

connect.facebook.net

https

firefox.exe

2.9kB
125.7kB
18
105
8.8.8.8:53

analytics.google.com

dns

firefox.exe

66 B
82 B
1
1

DNS Request

analytics.google.com

DNS Response

216.58.214.14
8.8.8.8:53

analytics.google.com

dns

firefox.exe

66 B
82 B
1
1

DNS Request

analytics.google.com

DNS Response

216.58.214.14
8.8.8.8:53

analytics.google.com

dns

firefox.exe

66 B
206 B
1
1

DNS Request

analytics.google.com

DNS Response

2001:4860:4802:36::181

2001:4860:4802:32::181

2001:4860:4802:34::181

2001:4860:4802:38::181
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

142.250.102.157

142.250.102.156

142.250.102.154

142.250.102.155
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

142.250.102.156

142.250.102.157

142.250.102.154

142.250.102.155
34.117.98.198:443

tags.creativecdn.com

https

firefox.exe

1.9kB
5.9kB
7
7
216.58.214.14:443

analytics.google.com

https

firefox.exe

2.5kB
9.9kB
8
14
8.8.8.8:53

stats.g.doubleclick.net

dns

firefox.exe

69 B
181 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

2a00:1450:4025:402::9a

2a00:1450:4025:402::9b

2a00:1450:4025:402::9c

2a00:1450:4025:402::9d
8.8.8.8:53

140.1.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

140.1.101.151.in-addr.arpa
8.8.8.8:53

12.116.248.87.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

12.116.248.87.in-addr.arpa
8.8.8.8:53

77.60.156.108.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

77.60.156.108.in-addr.arpa
8.8.8.8:53

44.1.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

44.1.101.151.in-addr.arpa
8.8.8.8:53

15.201.240.157.in-addr.arpa

dns

73 B
117 B
1
1

DNS Request

15.201.240.157.in-addr.arpa
8.8.8.8:53

198.98.117.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

198.98.117.34.in-addr.arpa
8.8.8.8:53

trc.taboola.com

dns

firefox.exe

61 B
177 B
1
1

DNS Request

trc.taboola.com

DNS Response

151.101.1.44

151.101.65.44

151.101.129.44

151.101.193.44
8.8.8.8:53

14.214.58.216.in-addr.arpa

dns

72 B
155 B
1
1

DNS Request

14.214.58.216.in-addr.arpa
8.8.8.8:53

dualstack.tls13.taboola.map.fastly.net

dns

firefox.exe

84 B
148 B
1
1

DNS Request

dualstack.tls13.taboola.map.fastly.net

DNS Response

151.101.1.44

151.101.65.44

151.101.129.44

151.101.193.44
8.8.8.8:53

script.hotjar.com

dns

firefox.exe

126 B
254 B
2
2

DNS Request

script.hotjar.com

DNS Response

13.227.219.71

13.227.219.120

13.227.219.3

13.227.219.28

DNS Request

script.hotjar.com

DNS Response

13.227.219.71

13.227.219.120

13.227.219.3

13.227.219.28
8.8.8.8:53

dualstack.tls13.taboola.map.fastly.net

dns

firefox.exe

168 B
392 B
2
2

DNS Request

dualstack.tls13.taboola.map.fastly.net

DNS Response

2a04:4e42::300

2a04:4e42:200::300

2a04:4e42:400::300

2a04:4e42:600::300

DNS Request

dualstack.tls13.taboola.map.fastly.net

DNS Response

2a04:4e42::300

2a04:4e42:200::300

2a04:4e42:400::300

2a04:4e42:600::300
8.8.8.8:53

ams.creativecdn.com

dns

firefox.exe

130 B
162 B
2
2

DNS Request

ams.creativecdn.com

DNS Response

185.184.8.90

DNS Request

ams.creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

ams.creativecdn.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

ams.creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

ams.creativecdn.com

dns

firefox.exe

65 B
143 B
1
1

DNS Request

ams.creativecdn.com
8.8.8.8:53

script.hotjar.com

dns

firefox.exe

63 B
127 B
1
1

DNS Request

script.hotjar.com

DNS Response

13.227.219.3

13.227.219.71

13.227.219.28

13.227.219.120
8.8.8.8:53

script.hotjar.com

dns

firefox.exe

63 B
147 B
1
1

DNS Request

script.hotjar.com
142.250.102.157:443

stats.g.doubleclick.net

https

firefox.exe

2.3kB
7.6kB
8
12
8.8.8.8:53

www.facebook.com

dns

firefox.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.247.35
157.240.247.35:443

www.facebook.com

https

firefox.exe

6.3kB
5.8kB
10
11
8.8.8.8:53

sp.analytics.yahoo.com

dns

firefox.exe

68 B
131 B
1
1

DNS Request

sp.analytics.yahoo.com

DNS Response

212.82.100.181
8.8.8.8:53

spdc-global.pbp.gysm.yahoodns.net

dns

firefox.exe

79 B
95 B
1
1

DNS Request

spdc-global.pbp.gysm.yahoodns.net

DNS Response

212.82.100.181
8.8.8.8:53

bat.bing.com

dns

firefox.exe

58 B
162 B
1
1

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

spdc-global.pbp.gysm.yahoodns.net

dns

firefox.exe

79 B
154 B
1
1

DNS Request

spdc-global.pbp.gysm.yahoodns.net
8.8.8.8:53

dual-a-0001.a-msedge.net

dns

firefox.exe

140 B
204 B
2
2

DNS Request

dual-a-0001.a-msedge.net

DNS Response

204.79.197.200

13.107.21.200

DNS Request

dual-a-0001.a-msedge.net

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

dual-a-0001.a-msedge.net

dns

firefox.exe

140 B
196 B
2
2

DNS Request

dual-a-0001.a-msedge.net

DNS Response

2620:1ec:c11::200

DNS Request

dual-a-0001.a-msedge.net

DNS Response

2620:1ec:c11::200
8.8.8.8:53

ib.adnxs.com

dns

firefox.exe

58 B
299 B
1
1

DNS Request

ib.adnxs.com

DNS Response

185.89.210.46

185.89.211.116

185.89.210.212

185.89.210.141

185.89.210.244

185.89.210.122

185.89.210.20

185.89.211.84

185.89.210.90

185.89.211.12

185.83.142.19

185.89.210.153
8.8.8.8:53

ib.anycast.adnxs.com

dns

firefox.exe

66 B
210 B
1
1

DNS Request

ib.anycast.adnxs.com

DNS Response

37.252.171.53

37.252.172.123

37.252.171.21

37.252.171.84

37.252.171.52

37.252.173.215

37.252.171.149

37.252.171.22

37.252.171.85
8.8.8.8:53

fledge-eu.creativecdn.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

fledge-eu.creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

ib.anycast.adnxs.com

dns

firefox.exe

66 B
131 B
1
1

DNS Request

ib.anycast.adnxs.com
8.8.8.8:53

fledge-eu.creativecdn.com

dns

firefox.exe

71 B
87 B
1
1

DNS Request

fledge-eu.creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

fledge-eu.creativecdn.com

dns

firefox.exe

71 B
149 B
1
1

DNS Request

fledge-eu.creativecdn.com
8.8.8.8:53

157.102.250.142.in-addr.arpa

dns

74 B
108 B
1
1

DNS Request

157.102.250.142.in-addr.arpa
8.8.8.8:53

71.219.227.13.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

71.219.227.13.in-addr.arpa
8.8.8.8:53

35.247.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.247.240.157.in-addr.arpa
8.8.8.8:53

200.197.79.204.in-addr.arpa

dns

73 B
106 B
1
1

DNS Request

200.197.79.204.in-addr.arpa
8.8.8.8:53

90.8.184.185.in-addr.arpa

dns

71 B
113 B
1
1

DNS Request

90.8.184.185.in-addr.arpa
8.8.8.8:53

translate.googleapis.com

dns

firefox.exe

70 B
86 B
1
1

DNS Request

translate.googleapis.com

DNS Response

142.251.39.106
8.8.8.8:53

translate.googleapis.com

dns

firefox.exe

70 B
98 B
1
1

DNS Request

translate.googleapis.com

DNS Response

2a00:1450:400e:80f::200a
142.251.39.106:443

translate.googleapis.com

https

firefox.exe

6.5kB
14.2kB
18
27
8.8.8.8:53

100.39.251.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

100.39.251.142.in-addr.arpa
8.8.8.8:53

106.39.251.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

106.39.251.142.in-addr.arpa
8.8.8.8:53

www.mediafire.com

dns

firefox.exe

63 B
121 B
1
1

DNS Request

www.mediafire.com
8.8.8.8:53

translate-pa.googleapis.com

dns

firefox.exe

73 B
201 B
1
1

DNS Request

translate-pa.googleapis.com

DNS Response

142.250.179.170

142.250.179.202

142.251.36.10

142.251.39.106

216.58.208.106

216.58.214.10

142.250.179.138

142.251.36.42
8.8.8.8:53

translate-pa.googleapis.com

dns

firefox.exe

73 B
185 B
1
1

DNS Request

translate-pa.googleapis.com

DNS Response

2a00:1450:400e:811::200a

2a00:1450:400e:80c::200a

2a00:1450:400e:800::200a

2a00:1450:400e:801::200a
142.250.179.170:443

translate-pa.googleapis.com

https

firefox.exe

2.2kB
7.4kB
9
9
8.8.8.8:53

170.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

170.179.250.142.in-addr.arpa
8.8.8.8:53

cdn.amplitude.com

dns

firefox.exe

63 B
127 B
1
1

DNS Request

cdn.amplitude.com

DNS Response

108.156.61.29

108.156.61.101

108.156.61.65

108.156.61.171
8.8.8.8:53

cdn.amplitude.com

dns

firefox.exe

63 B
145 B
1
1

DNS Request

cdn.amplitude.com
8.8.8.8:53

api.btloader.com

dns

firefox.exe

62 B
78 B
1
1

DNS Request

api.btloader.com

DNS Response

130.211.23.194
8.8.8.8:53

api.btloader.com

dns

firefox.exe

62 B
78 B
1
1

DNS Request

api.btloader.com

DNS Response

130.211.23.194
8.8.8.8:53

api.btloader.com

dns

firefox.exe

62 B
121 B
1
1

DNS Request

api.btloader.com
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
191 B
1
1

DNS Request

api.amplitude.com

DNS Response

34.216.249.58

35.164.85.24

44.232.120.240

34.215.104.250

54.191.246.9

52.26.131.85

35.82.194.206

34.218.111.213
8.8.8.8:53

api.amplitude.com

dns

firefox.exe

63 B
145 B
1
1

DNS Request

api.amplitude.com
130.211.23.194:443

api.btloader.com

https

firefox.exe

1.9kB
7.0kB
6
8
8.8.8.8:53

194.23.211.130.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

194.23.211.130.in-addr.arpa
8.8.8.8:53

prf.hn

dns

firefox.exe

52 B
134 B
1
1

DNS Request

prf.hn
8.8.8.8:53

store.winzip.com

dns

firefox.exe

62 B
130 B
1
1

DNS Request

store.winzip.com

DNS Response

104.16.242.229

104.16.243.229
8.8.8.8:53

winzip-s.cleverbridge.com

dns

firefox.exe

71 B
103 B
1
1

DNS Request

winzip-s.cleverbridge.com

DNS Response

104.16.242.229

104.16.243.229
8.8.8.8:53

winzip-s.cleverbridge.com

dns

firefox.exe

142 B
260 B
2
2

DNS Request

winzip-s.cleverbridge.com

DNS Request

winzip-s.cleverbridge.com
8.8.8.8:53

www.winzip.com

dns

firefox.exe

60 B
148 B
1
1

DNS Request

www.winzip.com

DNS Response

23.44.232.34
8.8.8.8:53

e834.d.akamaiedge.net

dns

firefox.exe

67 B
83 B
1
1

DNS Request

e834.d.akamaiedge.net

DNS Response

23.44.232.34
8.8.8.8:53

e834.d.akamaiedge.net

dns

firefox.exe

67 B
128 B
1
1

DNS Request

e834.d.akamaiedge.net
8.8.8.8:53

4.170.150.5.in-addr.arpa

dns

70 B
70 B
1
1

DNS Request

4.170.150.5.in-addr.arpa
8.8.8.8:53

229.242.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

229.242.16.104.in-addr.arpa
8.8.8.8:53

34.232.44.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

34.232.44.23.in-addr.arpa
8.8.8.8:53

bat.bing.com

dns

firefox.exe

58 B
162 B
1
1

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.251.36.34
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.251.36.34
8.8.8.8:53

cdn.cookielaw.org

dns

firefox.exe

63 B
95 B
1
1

DNS Request

cdn.cookielaw.org

DNS Response

104.19.187.97

104.19.188.97
8.8.8.8:53

cdn.cookielaw.org

dns

firefox.exe

126 B
190 B
2
2

DNS Request

cdn.cookielaw.org

DNS Response

104.19.188.97

104.19.187.97

DNS Request

cdn.cookielaw.org

DNS Response

104.19.187.97

104.19.188.97
8.8.8.8:53

googleads.g.doubleclick.net

dns

firefox.exe

73 B
101 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

2a00:1450:400e:811::2002
142.251.36.34:443

googleads.g.doubleclick.net

https

firefox.exe

2.4kB
7.9kB
8
12
8.8.8.8:53

snap.licdn.com

dns

firefox.exe

60 B
164 B
1
1

DNS Request

snap.licdn.com

DNS Response

23.32.238.178

23.32.238.219
8.8.8.8:53

cdn.cookielaw.org

dns

firefox.exe

63 B
119 B
1
1

DNS Request

cdn.cookielaw.org

DNS Response

2606:4700::6813:bb61

2606:4700::6813:bc61
8.8.8.8:53

a1916.dscg2.akamai.net

dns

firefox.exe

68 B
100 B
1
1

DNS Request

a1916.dscg2.akamai.net

DNS Response

23.32.238.219

23.32.238.178
8.8.8.8:53

a1916.dscg2.akamai.net

dns

firefox.exe

136 B
248 B
2
2

DNS Request

a1916.dscg2.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:86e8

DNS Request

a1916.dscg2.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:86e8
8.8.8.8:53

unpkg.com

dns

firefox.exe

110 B
270 B
2
2

DNS Request

unpkg.com

DNS Response

104.16.125.175

104.16.123.175

104.16.124.175

104.16.126.175

104.16.122.175

DNS Request

unpkg.com

DNS Response

104.16.125.175

104.16.123.175

104.16.124.175

104.16.126.175

104.16.122.175
8.8.8.8:53

ws.zoominfo.com

dns

firefox.exe

122 B
186 B
2
2

DNS Request

ws.zoominfo.com

DNS Response

104.16.168.82

104.16.101.12

DNS Request

ws.zoominfo.com

DNS Response

104.16.101.12

104.16.168.82
8.8.8.8:53

munchkin.marketo.net

dns

firefox.exe

132 B
318 B
2
2

DNS Request

munchkin.marketo.net

DNS Response

23.222.59.50

DNS Request

munchkin.marketo.net

DNS Response

23.222.59.50
8.8.8.8:53

a.opmnstr.com

dns

firefox.exe

59 B
104 B
1
1

DNS Request

a.opmnstr.com

DNS Response

103.180.115.2
8.8.8.8:53

omapp.b-cdn.net

dns

firefox.exe

61 B
77 B
1
1

DNS Request

omapp.b-cdn.net

DNS Response

103.180.115.2
157.240.201.15:443

connect.facebook.net

https

firefox.exe

3.0kB
2.2kB
5
7
8.8.8.8:53

omapp.b-cdn.net

dns

firefox.exe

61 B
61 B
1
1

DNS Request

omapp.b-cdn.net
8.8.8.8:53

unpkg.com

dns

firefox.exe

55 B
135 B
1
1

DNS Request

unpkg.com

DNS Response

104.16.123.175

104.16.122.175

104.16.125.175

104.16.124.175

104.16.126.175
8.8.8.8:53

ws.zoominfo.com

dns

firefox.exe

61 B
93 B
1
1

DNS Request

ws.zoominfo.com

DNS Response

104.16.168.82

104.16.101.12
8.8.8.8:53

unpkg.com

dns

firefox.exe

55 B
195 B
1
1

DNS Request

unpkg.com

DNS Response

2606:4700::6810:7baf

2606:4700::6810:7daf

2606:4700::6810:7aaf

2606:4700::6810:7eaf

2606:4700::6810:7caf
8.8.8.8:53

ws.zoominfo.com

dns

firefox.exe

122 B
234 B
2
2

DNS Request

ws.zoominfo.com

DNS Response

2606:4700::6810:650c

2606:4700::6810:a852

DNS Request

ws.zoominfo.com

DNS Response

2606:4700::6810:650c

2606:4700::6810:a852
8.8.8.8:53

e10776.b.akamaiedge.net

dns

firefox.exe

138 B
170 B
2
2

DNS Request

e10776.b.akamaiedge.net

DNS Response

23.222.59.50

DNS Request

e10776.b.akamaiedge.net

DNS Response

23.222.59.50
8.8.8.8:53

e10776.b.akamaiedge.net

dns

firefox.exe

69 B
130 B
1
1

DNS Request

e10776.b.akamaiedge.net
8.8.8.8:53

installer.corel.com

dns

firefox.exe

65 B
129 B
1
1

DNS Request

installer.corel.com

DNS Response

54.164.253.196

52.22.124.208

18.210.189.65

52.22.2.203
8.8.8.8:53

cdn.linkedin.oribi.io

dns

firefox.exe

67 B
174 B
1
1

DNS Request

cdn.linkedin.oribi.io

DNS Response

52.222.139.9

52.222.139.92

52.222.139.95

52.222.139.81
8.8.8.8:53

installer.corel.com

dns

firefox.exe

65 B
129 B
1
1

DNS Request

installer.corel.com

DNS Response

54.164.253.196

52.22.124.208

18.210.189.65

52.22.2.203
8.8.8.8:53

d1ni990a184w7d.cloudfront.net

dns

firefox.exe

75 B
139 B
1
1

DNS Request

d1ni990a184w7d.cloudfront.net

DNS Response

52.222.139.95

52.222.139.92

52.222.139.9

52.222.139.81
8.8.8.8:53

installer.corel.com

dns

firefox.exe

65 B
147 B
1
1

DNS Request

installer.corel.com
8.8.8.8:53

px.ads.linkedin.com

dns

firefox.exe

65 B
163 B
1
1

DNS Request

px.ads.linkedin.com

DNS Response

13.107.42.14
8.8.8.8:53

l-0005.l-msedge.net

dns

firefox.exe

65 B
81 B
1
1

DNS Request

l-0005.l-msedge.net

DNS Response

13.107.42.14
8.8.8.8:53

d1ni990a184w7d.cloudfront.net

dns

firefox.exe

75 B
299 B
1
1

DNS Request

d1ni990a184w7d.cloudfront.net

DNS Response

2600:9000:2204:2200:2:53b2:240:93a1

2600:9000:2204:5c00:2:53b2:240:93a1

2600:9000:2204:d600:2:53b2:240:93a1

2600:9000:2204:6600:2:53b2:240:93a1

2600:9000:2204:6400:2:53b2:240:93a1

2600:9000:2204:3000:2:53b2:240:93a1

2600:9000:2204:ba00:2:53b2:240:93a1

2600:9000:2204:ac00:2:53b2:240:93a1
8.8.8.8:53

34.36.251.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

34.36.251.142.in-addr.arpa
8.8.8.8:53

97.187.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

97.187.19.104.in-addr.arpa
8.8.8.8:53

178.238.32.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

178.238.32.23.in-addr.arpa
8.8.8.8:53

175.125.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

175.125.16.104.in-addr.arpa
8.8.8.8:53

2.115.180.103.in-addr.arpa

dns

72 B
160 B
1
1

DNS Request

2.115.180.103.in-addr.arpa
8.8.8.8:53

l-0005.l-msedge.net

dns

firefox.exe

65 B
93 B
1
1

DNS Request

l-0005.l-msedge.net

DNS Response

2620:1ec:21::14
8.8.8.8:53

9.139.222.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

9.139.222.52.in-addr.arpa
8.8.8.8:53

www.corel.com

dns

firefox.exe

59 B
150 B
1
1

DNS Request

www.corel.com

DNS Response

23.44.232.34
8.8.8.8:53

196.253.164.54.in-addr.arpa

dns

73 B
129 B
1
1

DNS Request

196.253.164.54.in-addr.arpa
142.250.179.138:443

translate-pa.googleapis.com

https

firefox.exe

1.8kB
2.3kB
4
4
142.250.179.206:443

www3.l.google.com

https

firefox.exe

4.9kB
32.9kB
8
28
8.8.8.8:53

www.mediafire.com

dns

firefox.exe

63 B
121 B
1
1

DNS Request

www.mediafire.com

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
071cdea8885a2e4c4377e7dfdb8540a9

SHA1
985764a51f29d97f08ed1574ca1558714baa4dcc

SHA256
b6dc59162d945006f2dea7ae8620187740d56f2a5dcd7a7f7fbadf8a371e45a9

SHA512
abeeac175f31607cd14fee9808a87367e78d9bec7bbdf54cb970b864175adbce53ae19dbca3201fb4eaaf8c783b8fc1c5dd413ccc2edb9df540955f063b701d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
f4a3a389e4c049388379d44f74a202d7

SHA1
3f773de93a75dd8eb4db665e56574b25ade09f4c

SHA256
4be6585abd66c6b6e116995fd5cba7199f2807595f2fec3dff5c1da75d03f1a6

SHA512
9803d7755f4b652ae06f9c27dd7e952d66820e30a8ecb0945b6f717124afdb0c3e41c45d4b53ee941198aac654cc09a85b28ff670bd4c0fa3739b6e16b29a861

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
873B

MD5
733f46d40612b860ce3e80f1389810af

SHA1
c9eb0a5fe0874b6c9308bbe0b3fb3c6c20eb373e

SHA256
0bd9c649112f2eea0178940157dbea35da88d6614228c5fce1e55ce35c683070

SHA512
8756bf423848721cb83285b288760d72936e7fc6b353a9b2ba89f8418b4f5379426402e09b9dbf4d1fc33b80a3e7f715e4c78cb26ed6775f3e5f0138b5db5375

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d4a8ef03fc749a81931ae1bf08b61f24

SHA1
5a90946df941029eb631f65f625d83761aa6549d

SHA256
d03fdf7408e46eed06abb12439a4d14a9d51a0349f660e6f44db773f225c6279

SHA512
b197c89880e3aa8f1090c19f165168be6bf64af086ab195e28eeedc89ad04ca29f2673dcccfe8c011fc2dab796072aeb2fa48f2843d042bc898e7eea5c2d063f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6b55b8c0eded1f15da7181bf897da337

SHA1
5eb4348b3c2f95975a0ce68231e35153cbe03edc

SHA256
05a6e63e3476b03d210d353ed03454aef4c1f023aa3068227edb5083a6291f68

SHA512
f47d9136334281b7a3ae5d6e1612e8ad27a70c90f1f3597858c861e94005f4141b93fe37b9e38489b967ed2d1a9b4069ba73ec104cdcc37686ead9db314f3ca4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
f919d5567c8083bca513b6427e9a4092

SHA1
e17d76d8bac537bb7842baf2ffded0c96477dcdf

SHA256
8918679fbcd42630280012bef228d81f9c9aee98348bb31123532b204e1d1899

SHA512
c1f41e0d3a2213f06ac24be275306e9930a4b03bd020731490e18bd3b993641222dcad9e71e2c9560395e40e9fb2953b33d9eec11071cd17c55322a0d9a76668

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
7c4ac39f4c4530c3636da32eca0e7f56

SHA1
9cb8b7af66ae23e681f39bd79a2ced0f85f2c1f4

SHA256
2321534f6a711db9d759b414aa259ac20c2aa7293e2b77e324ddc31bb1990932

SHA512
b4f814ed02d6337c9e278921a57e3732e7de7f8a407498ddc2a925c9e3efffc2982ecbfad5372acf7e11d88c9e39bf287d13a276746d967b880efb5cecfa42ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d2b74ceda124a874ed58e0011936909d

SHA1
cf1d2ea4cc62fd9a02d0bb5ff6a7edc216cae705

SHA256
334f478efe918c4fe35c31f98ca6db8b1bf60ec8951f0a4e2de4cd4db91ea9b6

SHA512
8548f70004759230486617643e675c0f32e285d2bd75a5ea7ea6f4ffc73a87d23bed5023db960de8016cf7dd38983353faa77b05b10a91b3986e5a9d15464136

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
a4582ad705b7d0c6a69a2bba843ba807

SHA1
20c2dbea756e1073220a86f63e1b42ea12c5af9e

SHA256
6bf484572f42a4d17935405cc78b66f27ee73d65570fd1353405660e597874c0

SHA512
7484d252c1abe2f917b233ffd00d1001c7b99088663753c426763cf560bbc8b30d925194d8c870c0c200ddad049a8ad1f1a131b50d55b54903419519226e5e6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
cdb4d6a5ba6340b6a408d0c7d82667bd

SHA1
45aaaadeb42f1c0a394f3504783c42a795d7623b

SHA256
705e68c7f31dfe2e5c44718fab3e604c67464dff3461747d6c1e359e80a6dc46

SHA512
7b73f03e6a4d951559e4df7979fa6e37615705d01ef1c69c3b08f5025beb95421462fe93c738903ff617409ce0b74609a3880800541b64a4bec788534b4aa45d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
bcf151d7078c8a606173c20f2e53d300

SHA1
37ac1aa714c2b0e836370f75ee58c6ebe25fa720

SHA256
d3484065fcc90cd4bb1fd428968c07d43a248f80e9f607bd55094349a3fa2af7

SHA512
63c7648197fe44a9bcd372c6d1d620cace9894d5eebf3bf7af70c2361d5c936974a6fb1865ff71b35d2e57606f6bc559aeecd0ed896318cdb7f496850cfba909

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
82094bebf3e0ebcd55d866f8072104a1

SHA1
2748778e8e98b57397326d28bbe323f2a0d77a49

SHA256
03bbcf6eb0c0d5359924ec2e1bde2f0a7f740d2008e9e752d6defebf65b5d58c

SHA512
416bbb034b455667c2fa8249c11fd6cf56fccb18a81b3819f444ec7cb8c1001577c8b04bd821585b5fd18955878cd3bb261bf57ae13abf5b1c8f418e0c8ba1ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
199KB

MD5
208be430f36c33c944dae009fc789932

SHA1
f629dbd8ad520508dfb6162d530e35739b0092ee

SHA256
a49e045c1f5de514843fe65f9a4163cfd54e1265b43426a4a79f26fa27a8d56c

SHA512
8ffd2421a3146e71fff16534d6e1986373422d88ae0d34736776df9a7c20ec8c55dfae4cd0b073b65cd7aefb9f33d705fef50755bfce62d4f370301953ceffaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\activity-stream.discovery_stream.json.tmp

Filesize
144KB

MD5
caa528baec49c762eac3577ad5fa25a5

SHA1
0492c83bba534aeb5754edeccc6de431fb59c529

SHA256
705b5e28181bf40c4bcbd93277d579b270e80ad7bb03accae0ef662cb50f939c

SHA512
2d8f16a7c983d73134af445e82db038abed94dd9c63e9e3d14bcf55e6ef9645a1b09e28626bd223d8004395ebd0689cedbbf88f13bd90223a022f301768191c8

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\doomed\20822

Filesize
9KB

MD5
29c8d3fd43e15e0e1944bb3fc04fdf18

SHA1
5ed92e404be713332d968349b0daa0e976d96a05

SHA256
1d4b57df00e0fea7ca51e370e45c651b882c8ac939ce2e817841869c972476ee

SHA512
51000dc0c34d96ac255fecdc240ad670a91ef8c82027d44cee7353f6b3627137449497586fef1decf71912f8c77dd92771230a2748fee2ee161711bb20d43c8c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\doomed\21731

Filesize
19KB

MD5
e4ad63639bc9773570e4ac48bf4f7690

SHA1
ab6624f280a2c4d1785c9ca11841745c9be65f44

SHA256
22469218c13cc2363319615c4c05a1cd14d8f7a3c9118396a45d526104975e82

SHA512
4823cafadb43f63f691496ec3390aa01fa6685d03750a38300217afc34d42860c623fd1dfe0d12580ae566487a20a73045535178eeffb78b5be0992d433be7e2

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\doomed\25333

Filesize
9KB

MD5
de0152ec43a2692fcbd6fa5a31391f78

SHA1
3de2cd4dec8af89eb4e75b92126e7a28771fce91

SHA256
8be062a5dff3964f1c09733114b0341ba70dc58037eef5cace16a70e51adad21

SHA512
b409822d5b38670667ded699d3b03b3d10893f46e4601afa31016e39d12a846189ff792e73e58bb2495a0e5c0671a97f7996fd9e89e39a4962c7e678216cde21

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\doomed\5438

Filesize
11KB

MD5
698564203a7951710b00738cc321cf4c

SHA1
5380ada4663dae6cc1aefcddb78e5a064b6949ea

SHA256
79c7c9c64f3096881fdac076439ff937b9ce3d45324c1fd137920806df34f888

SHA512
fa20c08880fa8ef5b594c74f96007cf8c58525a44d6754327d3840a91eed4b063d480cfbb4859274d04c558f4dd0f7de818edb519ff6d452c9399702015a3b4d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\077DE0A62DEB9AC2A52770F83D40CF0DB089E8B4

Filesize
34KB

MD5
3c618ccec947569768efc2d842e0cfa4

SHA1
e9705ec542e018d522581be79d1074b0d9a304d4

SHA256
5bcaf25e63735eb3b81c3cf0157b41035744342978d35ca7d9dfd90e4ed5573f

SHA512
45bb4c356834213b9f8e01f6d37360bd137bf3b91ceccf9179d004a80a887ee6423e1624e59c027a3a53b26f21d7f6318b567614a52df309ccb3455d51fb3ef4

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\311C66F25C7E7B61806A401BE2266BD63AB2012C

Filesize
53KB

MD5
5dccb37aa44f0ac5fbeb6cee71966535

SHA1
b2bfc4b2e3930dc482145129c33148357070fff2

SHA256
488acee3bbc10bcbaba0052f0836e4d4f011d2853353ed37685f2846d6b0128e

SHA512
4991c7b3573d946730c54e9765a84836ba7b32a3a225f214db5f9c352cd7c91b9886f875f4a5e3c17f577c361cc367786db74c8b9c914237b18a0115367a979e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\51572668D46BFDFCD37EC56533AB3D4FB1903C99

Filesize
126KB

MD5
f807960d758440e05138ab26345ea63d

SHA1
26ea3659aa4ae94a1704fc8e2715cd8e489dc116

SHA256
cd71a5f4945e056f7d47ecd0be1ae66b4c7b7460b108b1cb6284733a7c8144bd

SHA512
6c25b1f35fd04bc90a0230e3939f04bb85695b4fed280df12fa2e98d702dc87d390d7d7eb0ec9a61abcc97f41b57d5f8c9ffaa6026ba9228cca178667326ea91

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\7C1C08A7BDAAFB33BD6BF5631031C42D97DCE218

Filesize
158KB

MD5
6b37cef540c6f9016c13918a63724ef9

SHA1
af2428f7dac6e45e0d83187f68e76f76ddbc0ea3

SHA256
f9e47d3b5b3593099872232ae9ce261b1f5c6bb2c2fefad4b694074ebefa2fd8

SHA512
ef2f2e443a21aa0e49c6cb11f06171c16b827c78ff5bf2fca769b83a204bcb6926556ae9917ec5c78eace12a87a795616873dd853663fd0ca2e50a022c41f932

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\7EA5F905D6244BD7D5CF08AC0002D32363DE0206

Filesize
85KB

MD5
a72c17f2a34c9c78fa0b65fc8ba2e249

SHA1
1459d6464472db00ba2c35b7ec4e13b1315e44d2

SHA256
11439714b36329e8c9c0ddfcbd6d8f3bf29aea6e20b67e113407722f30aa2ee2

SHA512
09c0559f4fccbbfa665f1fcf1375220d444b55c52b02337ab627676af906d6b0cc921b1d80f13af9221a91ff8d3e63b18f8176f397a7f3ed2854f947bf376a19

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\99A3B3D23E2F923B50C953406870C27592E6ABBB

Filesize
132KB

MD5
3e058a895212cb5b35d69d76cd91727a

SHA1
7728a1114a71a4273e6378776c7a9415ffdf3a3f

SHA256
973c5e27ad1c2b9726647b8237197f6b7cdb930aca0b74f3e2e77195757b1b34

SHA512
436d2dc1f1826c96bf29858e7f3dbf0b4510dd1401c4c577707a6028592f30d8101add6b86ee8fde385373fe850bbb090beda5c098a7734a5de58f9b8833084e

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\B7882BCAC7A506FB6E5DAE87FF38CFE936E723F8

Filesize
30KB

MD5
655029b7f0beae75b077a9cc0648d056

SHA1
ad96fbe7d5a4004e3a3229b72f2b447c6db1584a

SHA256
ade8f00acea1118fdd137bb6003ceeabdf75ca4d3d85ce88de6786fd58a40022

SHA512
53b651942745eca88ffabef63bd1ebddf7bd9cd429f63592246e1ccbdb088ae08b2ad8af226ce594161b7cd4318289871acad2388e93f7d05060b2742571d0c7

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\EEB0EDF6C99109F64D66D684CE142F30FF48152D

Filesize
29KB

MD5
50987304e5c6dc6f046ef450e2798218

SHA1
3019583e9fa0874d9aad877cfc120804943248b1

SHA256
85441ad6aabf7f4be8c39cd75760bcf5b82db97a46c4e4a8459338b3e549569f

SHA512
ca151fb283c8d9a5c6340bdfc76ecab8899771f53967a62f3c2ee10583a2d3c01b869ae078abdd6d8a0ea7548d49e02c77dd3626ca6002a9e485f914de49bc7d

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\F6876FF7D8B46FEBBC0BB8CA76ACD4BE64C8054E

Filesize
61KB

MD5
8f501eec5487ac0f00f69cd826a7a1e3

SHA1
ac3e49ad6c8a1845f66a1883911b0958620e5598

SHA256
ee45c36924949cbaec5d2f1ee049012fcbe852ad664f31555b407ad5264a4d7f

SHA512
8853ad35798dabcdc0709f97b63b307dfabe5436901712abae152926dcf478d3b81dd9b79b599e924b56a0a50929a33df2c3084c4fa3d257ecb56cb713312811

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\85w5cth6.default-release\cache2\entries\F6B550FE56952964046E3FA3319637D009EF1DC6

Filesize
43KB

MD5
9ae326a90fb2a10f87253a3a9a630b1d

SHA1
2af615cb2e89a839994f1dc6bb18f933ff51fda4

SHA256
64e087c98512c4f769a1abf60ecd8e712d82ec17b5f619731fd56086f855c0ec

SHA512
4eadee1a7f366944b90dd7fa313fbbb818ba8a92b3f6d1d05053776eaac0551e42b79b6f22f6c541a32ed7eefc1dff9762b071032c46975a288751c6ac0a3652

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js

Filesize
7KB

MD5
7adf8078ae489a9372aa8ff44a70090a

SHA1
cfc2ca17f4db1ec1777977e2e2c57ab5e053f76b

SHA256
85d2a0269f581722cbd6933f7944fb55f9460d3f52a09a4e0cdefdbc3893a6cd

SHA512
77887adb3319d52a635a4c627df5adf980db59d218614108ad1b8da67696a9ed45b34d0f67a8fd373fd03200c60b55f24b94f5cadcee66611c5c06bc0a74433f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js

Filesize
7KB

MD5
4689915ea7449c6a1de27fbfe99d5db1

SHA1
410d978ce90276e0defc6c573371240489c675e0

SHA256
a9153a14535a8438e5256a4ea5dd83455528876d0af01c4f9d71d726c67271d9

SHA512
1895f67c962c15c785ee65a6f348c21d3c649dc08ee2c1972252eff3aef8ec97665baa8f7c471eadd89a1ecec5c801b94cdce4dd8ba8adc45cabfec8221f88f0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js

Filesize
6KB

MD5
6d8255dfbd2cb02a57c0cdba9b9c3b3c

SHA1
04d1ee60d689083d3e3fb0469a0297f6ffbd47b5

SHA256
d00d4f5fc519ec569f858f49bf107fcc95f6f0a5216742fcaa4763b86f88d94a

SHA512
dbc868dc8688c68cb1c6c1a75a4e58d72eda42f3ddbeb453e4e78047ee3ea7dbbfb589dacc49b5fe407de440bb44fab53a5474e564d4a6bc7bcbfb360f5ce3d1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs-1.js

Filesize
6KB

MD5
53f5001faf446fa8782f5d881992865c

SHA1
dcad064e702f0ceab201b9c7b6b7ef094f86fee0

SHA256
ba2148df8cb9b35e2a786400293fd8bda1e1617fed03ac0bb49d036de25a9b45

SHA512
58f7211438bca7e880d09c4152f3ac2f70b3c5597829938b73660d9f93294fdd0063c3a44f46ed96837d7ed969c8f6b7b2c8bbf2bcc1033da63086308675982c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\prefs.js

Filesize
6KB

MD5
f73e52d124620d05267ba934f3b312d3

SHA1
34121aa291d9f88b3e8e3a2fa37cb1c06cac2d30

SHA256
fc898a91ae8ce9d241c586f5dee2e60450dcdc5a31f1a7015d6dc2f4fefe4ac7

SHA512
4ef67626a2ba584817d707c71ddf7e7ce75a780921c3fcdfa8a03de0de9303c4b548ce3c3b493f1c4876d511271978bcd3cdbc2d1003b23c2459847180045d46

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
1KB

MD5
dd27221fa51db711602095363d3e47d5

SHA1
6315a98861a08df5390e3f6456c3253fe25a7d77

SHA256
269a02bf95a39671bb1123fdd29a277b9fd54879639d75719ab8cac33b744b2a

SHA512
edd7ce9ceac78b44cc04b98826e07b8e22e94c7ce7ba856dffe5207bfb8625824c003a94ea943af81f9c2b28239798437e8aa77dc9474ba779d5a26fbd6dece7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
10KB

MD5
112e688fbe90789ffd3f2bf0f821e28d

SHA1
f2ed5506ec8f40024aebf7f206cf6974b90393cc

SHA256
85ee4561acd6f104dc3c98e862411a0f108a3ebfd1f285c427e2854e71d568b9

SHA512
e1b4c1a0f8badc6559a37a5e54ae819dd4af199fd1d40352d2efa5156976f2530f21f3ef0d28f4f0f8bbaabdf48e452497f5626b4434003c8c1b1f6d9cdfb03c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\85w5cth6.default-release\sessionstore.jsonlz4

Filesize
11KB

MD5
576caf7282e9efef5188f0d0964f8f37

SHA1
39b538bd78919eb3e8be12ead3cac16f9b479ba0

SHA256
595c258bc5e305445b00a0d86470cc841284001e186e35996adf3deec9af07b2

SHA512
758b394a7a4f0d3dceb5bc1335d57f9afeed56c6a840d1606fa8d429f04f7dff0e95e4314fbedd97ed785970ffe45312cbcce26954f0f7c50c97481345ea3446

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request