r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12800
Expires: Thu, 12 Jan 2023 22:14:05 GMT
Date: Thu, 12 Jan 2023 18:40:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15904
Expires: Thu, 12 Jan 2023 23:05:49 GMT
Date: Thu, 12 Jan 2023 18:40:45 GMT
Connection: keep-alive
megafiles.link/download/?file=Arssenya-Pack-2022.rar
200 OK 63 kB URL HTTP/1.1 megafiles.link/download/?file=Arssenya-Pack-2022.rar
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (51146)
Hash 621fdf97cbed446b9aef8660cee51a41
b229b6fd4a8271b5dfc19284cbe10f1315c3acbe
93397acde05d7aaec61c9b43d2ac45d01ccfa400687d1997910aa80a82937ef1
NIDS Severity Alert suricata high ET HUNTING Possible Obfuscator io JavaScript Obfuscation
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET /download/?file=Arssenya-Pack-2022.rar HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 12 Jan 2023 18:40:44 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 17:41:51 GMT
content-type: application/json
age: 3534
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7521
Expires: Thu, 12 Jan 2023 20:46:06 GMT
Date: Thu, 12 Jan 2023 18:40:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: emUuImieYNyykVjWW2YfVzchw5cxTvhyyarP9moe6+YM/HhgSy5AUac12sC4m62QtCaE8pcObDI=
x-amz-request-id: K626XNA4HZG8TW92
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 18:17:32 GMT
age: 1393
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 18:40:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 12 Jan 2023 18:40:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1897841
expires: Tue, 02 Jan 2024 18:40:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Den6XjtPRoJecj30bFFbIB0a6zRZ6S5LXYd0PAmnd5A9%2BH9bDirGAurjscCEJDs1kvmM2yJ4fHlRVInEwXlEmUSPJ6i4us4twHBzh%2BWfpNjtve9kwJpAfHD15%2Fq2xFsJPXQuS25m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 788805bb0bd5b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 40c97cd4702792e23be8682b91ddec78
c7a949721b7f8e6ed343d878e17845643aea6183
058ddc8a43fc9b1f902b7a2ef921684937814cef1e28a560684665fc9e1d6128
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36d866ff9883c4de599d7500e5d075c7
4c7f6817ef09645830f7ac8c74a303ae847dd25c
fc081651de3dd143b05c0fa145ea357197a8f2dda3507959e3f8288d3c42731a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
301 Moved Permanently 707 B URL HTTP/1.1 megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 12 Jan 2023 18:40:45 GMT
server: LiteSpeed
location: http://megafiles.link/download/?file=rocket-loader.min.js
www.googletagmanager.com/gtag/js?id=UA-229666940-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-229666940-1
IP
File type ASCII text, with very long lines (1921)
Hash 16e4b863a6cfd7a23ed4c7090441e20b
f1cb78813408d9c546a185116b8f050840720c24
edbf3873c258fdc04348ec1014d8cceb4e4d80168505c4b13e4ab11744f6ccba
GET /gtag/js?id=UA-229666940-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jan 2023 18:40:45 GMT
expires: Thu, 12 Jan 2023 18:40:45 GMT
cache-control: private, max-age=900
last-modified: Thu, 12 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eaefb1a377d37b185e1204ef828feb4e
9376a5af69ed0651d29df5dc04e90067375ee340
31d9af22f6f4f5340b2760e8689f91295aec751f17ca1c411cf6cc8fdb9a5f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36d866ff9883c4de599d7500e5d075c7
4c7f6817ef09645830f7ac8c74a303ae847dd25c
fc081651de3dd143b05c0fa145ea357197a8f2dda3507959e3f8288d3c42731a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megafiles.link/download/?file=rocket-loader.min.js
200 OK 63 kB URL HTTP/1.1 megafiles.link/download/?file=rocket-loader.min.js
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (51146)
Hash 43dd74f981a581bcaa09b8104d93c534
7e6af3e67d6cfa45ff362c959927eb87ba7f7e74
544dffb487b28b3df2ee0f17ce3db0df1e3024474177af54eb1fdc18d551a2ed
NIDS Severity Alert suricata high ET HUNTING Possible Obfuscator io JavaScript Obfuscation
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET /download/?file=rocket-loader.min.js HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 12 Jan 2023 18:40:45 GMT
server: LiteSpeed
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 45b83588b64bdd09f85266b134163f8d
c1337d7293f9b17eacb9deed29624909640329b2
d116494341c8e56f5369371153dc7bcc0bbd46ac776c2d56ed93854989d68c66
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109800
Date: Thu, 12 Jan 2023 18:40:45 GMT
Etag: "63bf4dcc-1d7"
Expires: Sat, 14 Jan 2023 01:10:45 GMT
Last-Modified: Thu, 12 Jan 2023 00:01:16 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u9FOhX-aJI_O9IY8vBqC6ueIgRTZYO_lCkOefBKcUynf7ieh8tLnLw==
Age: 4169
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 45b83588b64bdd09f85266b134163f8d
c1337d7293f9b17eacb9deed29624909640329b2
d116494341c8e56f5369371153dc7bcc0bbd46ac776c2d56ed93854989d68c66
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110787
Date: Thu, 12 Jan 2023 18:40:45 GMT
Etag: "63bf4dcc-1d7"
Expires: Sat, 14 Jan 2023 01:27:12 GMT
Last-Modified: Thu, 12 Jan 2023 00:01:16 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FEYCh4M-dZYBXhQi5AboIvTK3CVsmO4ZQF5J_a76YKbx51ZMlNR2QQ==
Age: 5156
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 18:33:45 GMT
age: 420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/bower.js
200 OK 171 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/bower.js
IP
File type ASCII text, with very long lines (32126)
Size 171 kB (170974 bytes)
Hash 025b7218828c2c1be5597f502bb67d16
2e4dad2d365dd988612c8c93f2eab3950dcc6985
0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100
GET /cdn.mobverify.com/www/filelockers/theme4/js/bower.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +EPT/yHSiNSnGFsseOMmyXfcOFcEy3f72xUra81/gXb6h7H6/79ipvXagZLWUmy6c1vijFJMRdg=
x-amz-request-id: 34KQ5DQ0J0YZJTEJ
Date: Thu, 12 Jan 2023 18:40:46 GMT
Last-Modified: Tue, 01 Aug 2017 12:31:17 GMT
ETag: "025b7218828c2c1be5597f502bb67d16"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 170974
ocsp.digicert.com/
200 OK 471 B IP
Hash 1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4588
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Last-Modified: Thu, 12 Jan 2023 17:24:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/_bower.css
200 OK 150 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/_bower.css
IP
File type ASCII text, with very long lines (65371)
Size 150 kB (150324 bytes)
Hash 67701840bfc4068df66f1428d9d21afe
820942666b12a7d52730cbd84113cc62052bcf0e
79d1adf50a4a2b8bdfc88303826755e683ce27111a00783eb2dabeea570a647b
GET /cdn.mobverify.com/www/filelockers/theme4/css/_bower.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xEZCmx9oAsqv2w/NGWppsvsy24LBOdQcHtVILX5qV4H181KNDaMYZGqr6KeCDyXbLDwmOZYSSqA=
x-amz-request-id: 34KRYQ02CPFDEM3V
Date: Thu, 12 Jan 2023 18:40:46 GMT
Last-Modified: Tue, 01 Aug 2017 12:31:15 GMT
ETag: "67701840bfc4068df66f1428d9d21afe"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 150324
megafiles.link/download/img/folder.png
200 OK 625 B URL HTTP/1.1 megafiles.link/download/img/folder.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 164 x 152, 8-bit colormap, non-interlaced\012- data
Hash 643dacdb5be52ecf48f800d5c9f141c4
4eef0e099b98f030ec188ecf3e70be2b2de12f27
1fb833bcb649adad8c60a197f18ba6a593054809e170ad412cbc55a3b1f8dcfb
GET /download/img/folder.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 625
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/kaspersky.png
200 OK 13 kB URL HTTP/1.1 megafiles.link/download/img/kaspersky.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d73034a7e5cba36606a0bb1bffcf676
e5dc6f6f5519240595ec14bcd90904f6d428d61f
892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96
GET /download/img/kaspersky.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13426
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8Q1a9XEniGlhW/I/LN6HYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vju5K0HMPIbBdpn6OVSigC5wEWg=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megafiles.link/download/img/fsecure.png
200 OK 15 kB URL HTTP/1.1 megafiles.link/download/img/fsecure.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fd1de2c7ffc77143631d9d05dd603cb1
6cff3b7c59e622a829349d3e3962277ad7538b69
016d83a08d0f2e6599f446b26a77e0911539061448f480eb41e5fe531f112f9c
GET /download/img/fsecure.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 15296
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:51:59 GMT
expires: Thu, 11 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 125327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/download/img/webroot.png
200 OK 15 kB URL HTTP/1.1 megafiles.link/download/img/webroot.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 25f681adb6e3f6522056fe80df0c75bd
851de93d039237a4ccd680cd9c8bfb3bffcf49f3
b9c823dd70eaf6a79ee7f6b48e3ec9e13951c570ad7c95495fc0b3e2c0487a81
GET /download/img/webroot.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 15034
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:34:15 GMT
expires: Thu, 11 Jan 2024 19:34:15 GMT
cache-control: public, max-age=31536000
age: 83191
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 83212
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/download/img/panda.png
200 OK 13 kB URL HTTP/1.1 megafiles.link/download/img/panda.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 891507bdce8da1f2f8380770ec9db34a
5ad5fd89f87c57e0a36906c6935927c4c83cadcf
d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10
GET /download/img/panda.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13331
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/macafee.png
200 OK 18 kB URL HTTP/1.1 megafiles.link/download/img/macafee.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 177ae9550c0a16f3f0de68fda078a778
44ca071367056ad31ac153cf4f322454c82efd30
dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1
GET /download/img/macafee.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 17777
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2punpeg7vtjci.cloudfront.net/public/external/css_front.css
200 OK 6.6 kB URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/css_front.css
IP
File type ASCII text, with CRLF line terminators
Hash 2649f9832b1ede1bca6b60a16e50a676
c96e86a59be0ab5f2a1c86558205193597822742
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
GET /public/external/css_front.css HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6596
date: Thu, 12 Jan 2023 18:40:46 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
etag: "19c4-5a8c5e62e9d0a"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NlW7FF-MhBVkgmaD0Ej55D5TQKyn2t0D9IFFuFWGPz-vYZ9nxtQaog==
X-Firefox-Spdy: h2
megafiles.link/fonts/fontawesome-webfont.woff2?v=4.6.3
404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
Cookie: _cpguid=ceu7d5ow5
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/bitdefender.png
200 OK 14 kB URL HTTP/1.1 megafiles.link/download/img/bitdefender.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ab5ea800c08c6227a774ba1375d152c
67023abc4c85bb6b3852463b1d4ab1ad19a8b7fd
42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7
GET /download/img/bitdefender.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 14065
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/trendmicro.png
200 OK 17 kB URL HTTP/1.1 megafiles.link/download/img/trendmicro.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 875d58eea958e57504086e0d578a974c
99cc83aa37c71bbd56a47be2fc3ac626ec4697af
0c94aabca6e2c41b78dbb2aa7e36c74e2285492d8e3a67288dd4e495fb680087
GET /download/img/trendmicro.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 16877
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/eset.png
200 OK 20 kB URL HTTP/1.1 megafiles.link/download/img/eset.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a35447096549417ba1364c4ca4570ecf
928d7c5451d688dc274ad44034254d7135475104
2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14
GET /download/img/eset.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 20375
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/download/img/avast.png
200 OK 14 kB URL HTTP/1.1 megafiles.link/download/img/avast.png
IP
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 32ac1242329f986c3e8d50c8406b7b1e
7d267f08c4c05fd3a0892daf6a098ac768738e36
ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a
GET /download/img/avast.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13731
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/fonts/fontawesome-webfont.woff?v=4.6.3
404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.woff?v=4.6.3
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.woff?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
Cookie: _cpguid=ceu7d5ow5
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 12 Jan 2023 16:41:08 GMT
expires: Thu, 12 Jan 2023 18:41:08 GMT
cache-control: public, max-age=7200
age: 7178
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/download/img/icon.jpg
200 OK 2.1 kB URL HTTP/1.1 megafiles.link/download/img/icon.jpg
IP
ASN #50613 Advania Island ehf
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 6c2f059c13eb12d8b473c41988b8686c
9471986526d3c7322bbe5cecbede1d6f334e0e12
5639c13921121bbb3463b0737ee60274481f82291b9f3e45bc559b4ea0d4fb77
GET /download/img/icon.jpg HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
Cookie: _cpguid=ceu7d5ow5
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 19 Jan 2023 18:40:46 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 2109
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
megafiles.link/fonts/fontawesome-webfont.ttf?v=4.6.3
404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.ttf?v=4.6.3
IP
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.ttf?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Arssenya-Pack-2022.rar
Cookie: _cpguid=ceu7d5ow5
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Thu, 12 Jan 2023 18:40:46 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 18:40:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=2139737768&t=pageview&_s=1&dl=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DArssenya-Pack-2022.rar&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=253688901&gjid=2086012772&cid=1876709375.1673548832&tid=UA-229666940-1&_gid=930846150.1673548832&_r=1>m=2ou1a1&z=186651231
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2139737768&t=pageview&_s=1&dl=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DArssenya-Pack-2022.rar&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=253688901&gjid=2086012772&cid=1876709375.1673548832&tid=UA-229666940-1&_gid=930846150.1673548832&_r=1>m=2ou1a1&z=186651231
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=2139737768&t=pageview&_s=1&dl=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DArssenya-Pack-2022.rar&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=253688901&gjid=2086012772&cid=1876709375.1673548832&tid=UA-229666940-1&_gid=930846150.1673548832&_r=1>m=2ou1a1&z=186651231 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://megafiles.link
date: Thu, 12 Jan 2023 18:40:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/external/v2/html.2950767.78f94.0.js
200 OK 17 kB URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/v2/html.2950767.78f94.0.js
IP
File type ASCII text, with very long lines (14406), with CRLF line terminators
Hash 8b246edf0ff9dc8abb92bb2f0f9ed6a1
57ef4c1209b9e2f0a5868f18cab27d6c34ee38f8
b9baa810696a961a3e5bd44c8bccc05468c4087fd03d5a146c34f99cf9c0343a
GET /public/external/v2/html.2950767.78f94.0.js HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 12 Jan 2023 18:40:46 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ngkjyuJxJ5nNbMA8LwLrY94sFfGMrnXfEqQ_PMShPpuMZ2c479WuHA==
X-Firefox-Spdy: h2
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3
200 OK 64 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: H92P/59mvPJm3SggHgWIK6wTSzC9oJq+6zDuoYsIKjRva7CEIIH1BPeIwQaw0cgsZyxfZc6Bvhg=
x-amz-request-id: G9G6CZYKSRKAKWKX
Date: Thu, 12 Jan 2023 18:40:48 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Tue, 16 Apr 2019 16:50:40 GMT
ETag: "4b5a84aaf1c9485e060c503a0ff8cadb"
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Server: AmazonS3
Content-Length: 64464
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19856
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 18:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19856
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 18:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19856
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 18:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19856
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 18:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19856
Expires: Fri, 13 Jan 2023 00:11:43 GMT
Date: Thu, 12 Jan 2023 18:40:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 14:00:13 GMT
age: 16834
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:42:07 GMT
age: 75520
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vSPK9nuciu6p2onwRcWmi08wmS-9X5ze7QMalJh1jw-5sVQHp-SNEQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 04:45:35 GMT
age: 50112
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5-mGrlwehnkK-hQz3CpzAe2OCuhLVy1HMcztugSsM7veOFCfYtwKsw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:52:33 GMT
age: 74894
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0_k4itQfrb5xSRcgR9G4zFvhCS1YYX9RgOHX3sNDjitBM5t7cyUDWA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:54:49 GMT
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
age: 74758
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cbf9979c9463fc2681e757256e9d028c
a45408076bf9fa5c6ec83c96a4c5680dc7be7da9
1d0d45cbbba75f0add27aae361e0dc31ce6e317ec62b23acf10db34b47f125e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511e402-775e-49af-87f1-40b071ae947e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9413
x-amzn-requestid: fb0125f5-e899-463d-ae4a-0a92945c1731
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDYFKgIAMF7mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2baf-080b963d391741252d9f67ee;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gyrxhGqUCH9JOcWSfuj0JAoNPBtI9YKeCrzqcq1kzl8RJts-Py0WsQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 22:12:48 GMT
age: 73679
etag: "a45408076bf9fa5c6ec83c96a4c5680dc7be7da9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=ceu7d5ow5&e=ll&t=1673548831964
200 OK 0 B URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=ceu7d5ow5&e=ll&t=1673548831964
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/guid?cpguid=ceu7d5ow5&e=ll&t=1673548831964 HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 12 Jan 2023 18:40:47 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QNLx-Kstthcb9vKDzZrZkSMhB7O2EQbtN-KzRyMRUBJ-pDlDrweYPQ==
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=2950767&time=1673548833881
200 OK 78 B URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=2950767&time=1673548833881
IP
Hash 37ebc78db9bc22d4c972c5961163070c
865e3671f7e86b52d2f7b006b95ec7799a187572
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
GET /public/external/check.php?it=2950767&time=1673548833881 HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 78
date: Thu, 12 Jan 2023 18:40:49 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LAtvxARjisc4erdeL-skhR05r6OeSqfxKUS-N2Y98PQqyTp7uV3-jw==
X-Firefox-Spdy: h2
dyodrs1kxvg6o.cloudfront.net/0cd6e21.js
200 OK 0 B URL HTTP/2 dyodrs1kxvg6o.cloudfront.net/0cd6e21.js
IP
Analyzer Verdict Alert fortinet Malware
GET /0cd6e21.js HTTP/1.1
Host: dyodrs1kxvg6o.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 21:50:46 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 12 Jan 2023 18:29:30 GMT
etag: W/"8ab72c4473621e1b30a24ec89af90bcf"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YcKznZ3c6EczKZCXQzbCmmOHfywtLNPHPg0A5QdrY5Wa4AWyxnjNFQ==
age: 1257
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC
IP
GET /css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 12 Jan 2023 18:40:45 GMT
date: Thu, 12 Jan 2023 18:40:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
82.221.129.60
34.117.237.239
93.184.220.29
23.36.76.226
104.17.24.14