megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
82.221.129.60200 OK 41 kB URL HTTP/1.1 megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (64165)
Hash 9c4cd16e826ceeadfd9a4bea1859aa95
23aeaf36dda6c438e8b5959d5eb0e811d58cf855
dae1652d45330080ecd2836902c9d5a34b732205fee8d9431776b82200c549b0
GET /download/?file=Seltin_Sweety-Pack-2022.rar HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Mon, 05 Sep 2022 10:03:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 40654
date: Mon, 19 Sep 2022 19:34:46 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11756
Expires: Mon, 19 Sep 2022 22:50:42 GMT
Date: Mon, 19 Sep 2022 19:34:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 19:12:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zJQsjhFVlMS72kV94yKic9Fop4klbseazEuD2LhUN4Vb81-VDWVyaA==
Age: 1318
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KRjw96XUxwp1-T7fSpk0SQQI0pBR0NR2Io05SeqbUJLTk8t-lgpgMQ==
age: 53973
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 19:34:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:34:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9059790
expires: Sat, 09 Sep 2023 19:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4RgipQU7X8Ql9ZlofcedWxu6JPoJxy7id59hvZKf7fiFO8vYG%2BDVDoml1o%2BZ3SGts5CpA60QbXebzUN5EE5h6S3yeQHHykGgvIQJ1tVs54Kq6fzw4MJQMyCqPmZdUs3GQotxGU2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74d4c2bdaa97b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
82.221.129.60404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 19 Sep 2022 19:34:46 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-229666940-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-229666940-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash ce766631f92b28881e5b426c72742db4
47c0c77d722c9f3c2a7a8d44a27c6d8a7427c74b
d34c438363feb99a038a1b6075dad9ba195404fd8a3e8dce5d4ef5813e7be542
GET /gtag/js?id=UA-229666940-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 19:34:46 GMT
expires: Mon, 19 Sep 2022 19:34:46 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 01eb0b349f1e2cdcf8dd0881664b1f35
788b2090533dc5c50d81485aac49885fabb2b0c7
8f1a2ce67b5f7be6026ad1bdf0c550577c5399a7c0751f41fadf4d0bff6f5000
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 19:34:46 GMT
Last-Modified: Mon, 19 Sep 2022 18:48:08 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cqpTUS3R4SEaGCEfaArS6t4n-0hc7nnAMpO1r2HsrNmiJ5UJ3W9Z8Q==
Age: 2798
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 01eb0b349f1e2cdcf8dd0881664b1f35
788b2090533dc5c50d81485aac49885fabb2b0c7
8f1a2ce67b5f7be6026ad1bdf0c550577c5399a7c0751f41fadf4d0bff6f5000
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 19:34:46 GMT
Last-Modified: Mon, 19 Sep 2022 18:05:02 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fr14ParY6jm7y_ddTo4gGxf0Oj3_Nsza_XwNr0EHQCsXvn7vybobNQ==
Age: 5384
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 19:28:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JBLOGCmP7dnxiFfhZTuMahonMq6E9Zs56ctxArlSKTNkeXisyYXu-A==
Age: 1885
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/_bower.css
54.231.169.80200 OK 150 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/_bower.css
IP 54.231.169.80:0
File type ASCII text, with very long lines (65371)
Size 150 kB (150324 bytes)
Hash 67701840bfc4068df66f1428d9d21afe
820942666b12a7d52730cbd84113cc62052bcf0e
79d1adf50a4a2b8bdfc88303826755e683ce27111a00783eb2dabeea570a647b
GET /cdn.mobverify.com/www/filelockers/theme4/css/_bower.css HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0FYuREPRZaPntAuGFbDU2XM0Pr564by5/DG3nwPwyR7KTfli2Wf72xtXH7V/pJKu+2bIB9z8VbY=
x-amz-request-id: 84CX55CRW96JF5VA
Date: Mon, 19 Sep 2022 19:34:48 GMT
Last-Modified: Tue, 01 Aug 2017 12:31:15 GMT
ETag: "67701840bfc4068df66f1428d9d21afe"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 150324
megafiles.link/download/img/kaspersky.png
82.221.129.60200 OK 13 kB URL HTTP/1.1 megafiles.link/download/img/kaspersky.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d73034a7e5cba36606a0bb1bffcf676
e5dc6f6f5519240595ec14bcd90904f6d428d61f
892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96
GET /download/img/kaspersky.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13426
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/bower.js
54.231.169.80200 OK 171 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/bower.js
IP 54.231.169.80:0
File type ASCII text, with very long lines (32126)
Size 171 kB (170974 bytes)
Hash 025b7218828c2c1be5597f502bb67d16
2e4dad2d365dd988612c8c93f2eab3950dcc6985
0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100
GET /cdn.mobverify.com/www/filelockers/theme4/js/bower.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gogFoIxVKmXSAGnnkx70gjskhDzeDwhg0RQONT8Wfvy+bYTAtWPnRbM0kGZZpppfZbV+sUWVfww=
x-amz-request-id: 84CHC2B1R61FNWGZ
Date: Mon, 19 Sep 2022 19:34:48 GMT
Last-Modified: Tue, 01 Aug 2017 12:31:17 GMT
ETag: "025b7218828c2c1be5597f502bb67d16"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 170974
megafiles.link/download/img/avast.png
82.221.129.60200 OK 14 kB URL HTTP/1.1 megafiles.link/download/img/avast.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 32ac1242329f986c3e8d50c8406b7b1e
7d267f08c4c05fd3a0892daf6a098ac768738e36
ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a
GET /download/img/avast.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13731
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/folder.png
82.221.129.60200 OK 625 B URL HTTP/1.1 megafiles.link/download/img/folder.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 164 x 152, 8-bit colormap, non-interlaced\012- data
Hash 643dacdb5be52ecf48f800d5c9f141c4
4eef0e099b98f030ec188ecf3e70be2b2de12f27
1fb833bcb649adad8c60a197f18ba6a593054809e170ad412cbc55a3b1f8dcfb
GET /download/img/folder.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 625
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/bitdefender.png
82.221.129.60200 OK 14 kB URL HTTP/1.1 megafiles.link/download/img/bitdefender.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ab5ea800c08c6227a774ba1375d152c
67023abc4c85bb6b3852463b1d4ab1ad19a8b7fd
42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7
GET /download/img/bitdefender.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 14065
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4593
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:47 GMT
Last-Modified: Mon, 19 Sep 2022 18:18:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:34:43 GMT
expires: Tue, 19 Sep 2023 19:34:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/download/img/fsecure.png
82.221.129.60200 OK 15 kB URL HTTP/1.1 megafiles.link/download/img/fsecure.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fd1de2c7ffc77143631d9d05dd603cb1
6cff3b7c59e622a829349d3e3962277ad7538b69
016d83a08d0f2e6599f446b26a77e0911539061448f480eb41e5fe531f112f9c
GET /download/img/fsecure.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 15296
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/trendmicro.png
82.221.129.60200 OK 17 kB URL HTTP/1.1 megafiles.link/download/img/trendmicro.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 875d58eea958e57504086e0d578a974c
99cc83aa37c71bbd56a47be2fc3ac626ec4697af
0c94aabca6e2c41b78dbb2aa7e36c74e2285492d8e3a67288dd4e495fb680087
GET /download/img/trendmicro.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 16877
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 19:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css
54.230.245.65200 OK 6.6 kB URL HTTP/2 d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css
IP 54.230.245.65:0
File type ASCII text, with CRLF line terminators
Hash 2649f9832b1ede1bca6b60a16e50a676
c96e86a59be0ab5f2a1c86558205193597822742
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
GET /public/external/css_front.css HTTP/1.1
Host: d35kbxc0t24sp8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6596
date: Mon, 19 Sep 2022 19:34:47 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
etag: "19c4-5a8c5e62e9d0a"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pytntJI9EuWeacIq1gj2Ya0X-rYLVMJoVaDqboJuGTuTPOqnPDiWkQ==
X-Firefox-Spdy: h2
megafiles.link/download/img/webroot.png
82.221.129.60200 OK 15 kB URL HTTP/1.1 megafiles.link/download/img/webroot.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 25f681adb6e3f6522056fe80df0c75bd
851de93d039237a4ccd680cd9c8bfb3bffcf49f3
b9c823dd70eaf6a79ee7f6b48e3ec9e13951c570ad7c95495fc0b3e2c0487a81
GET /download/img/webroot.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 15034
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/macafee.png
82.221.129.60200 OK 18 kB URL HTTP/1.1 megafiles.link/download/img/macafee.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 177ae9550c0a16f3f0de68fda078a778
44ca071367056ad31ac153cf4f322454c82efd30
dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1
GET /download/img/macafee.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 17777
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/eset.png
82.221.129.60200 OK 20 kB URL HTTP/1.1 megafiles.link/download/img/eset.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a35447096549417ba1364c4ca4570ecf
928d7c5451d688dc274ad44034254d7135475104
2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14
GET /download/img/eset.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 20375
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
megafiles.link/download/img/panda.png
82.221.129.60200 OK 13 kB URL HTTP/1.1 megafiles.link/download/img/panda.png
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 891507bdce8da1f2f8380770ec9db34a
5ad5fd89f87c57e0a36906c6935927c4c83cadcf
d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10
GET /download/img/panda.png HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:47 GMT
content-type: image/png
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 13331
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WwjNXurf0wjWw8Vyq6aAZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4Y3H6l272osPsrMqMadkp+aYpS0=
adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 0599015a9295f297554d37c1228f4425
dfbc30551896f1875d8abe20182de8b46345f939
5376a0cfcff9b7625b99a01dac766c34379422da6919ee3f59bccdeb2544f1ff
Analyzer Verdict Alert quad9 Sinkholed
GET /4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js HTTP/1.1
Host: adherenceenmitycentury.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 19:34:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8c73545c6c2aa4c9fd76d483c5ba69e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:02:22 GMT
expires: Sun, 17 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 235945
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/fonts/fontawesome-webfont.woff2?v=4.6.3
82.221.129.60404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
Cookie: _cpguid=q5ni9sf95
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 19 Sep 2022 19:34:47 GMT
server: LiteSpeed
adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 143b22836ff4b1fa91a94e45474dce86
9efb55435860e9796d4256c96d00d0d861ad0a53
6133709751d4aa136914f02e8ec489f534808b386061e6e472476f18c0d1ec18
Analyzer Verdict Alert quad9 Sinkholed
GET /4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js HTTP/1.1
Host: adherenceenmitycentury.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 19:34:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a295f570d19fcedc7c766d270c23a95e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
megafiles.link/fonts/fontawesome-webfont.woff?v=4.6.3
82.221.129.60404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.woff?v=4.6.3
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.woff?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
Cookie: _cpguid=q5ni9sf95
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 19 Sep 2022 19:34:48 GMT
server: LiteSpeed
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 19:34:48 GMT
Last-Modified: Mon, 19 Sep 2022 18:11:29 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _12314fCmSDjEEALU9e3n18KzEWd-RmqiOfJ_LfyMn8sa3HOMH3cIQ==
Age: 4999
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash 5c708ce4f832e684bbf93420d8c21788
8a43479707de8e84b145d6a1a195ecf68c9f5610
b318e8faf6fb4846f19c710d7e27c2b0ab515ae5a2ca5b2e95c8038c8ecc44a9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:34:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://megafiles.link
access-control-allow-credentials: true
set-cookie: uid_id2=81a83f8b-8ce0-4354-8370-4572de385795:2:1; expires=Thu, 16 Sep 2032 19:34:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.158.153.212200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.158.153.212:0
File type ASCII text, with no line terminators
Hash e1c9bad2661d06a564a257c3412d77b1
c397fcb04ce6ff2071c9f15f3a5d00bdb80740c2
b6af4fc5f17c908be0db0ce63781140058f875283e26adda992d7b25bf3469ba
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 19:34:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://megafiles.link
access-control-allow-credentials: true
set-cookie: uid_id2=017b3112-b9e3-4898-88d6-7898ae172ef3:1:1; expires=Thu, 16 Sep 2032 19:34:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
megafiles.link/fonts/fontawesome-webfont.ttf?v=4.6.3
82.221.129.60404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/fonts/fontawesome-webfont.ttf?v=4.6.3
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /fonts/fontawesome-webfont.ttf?v=4.6.3 HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
Cookie: _cpguid=q5ni9sf95
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 19 Sep 2022 19:34:48 GMT
server: LiteSpeed
adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 adherenceenmitycentury.com/4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 7317868c19a69511ec28438462b6fab0
f436dd7c866dca46015faf1c77242f95b90ea539
a00aabd21fc90d92c9dfaab618146d010667c889c6ee1bd422da07dce3d04b19
Analyzer Verdict Alert quad9 Sinkholed
GET /4d4a97d1c27b171c61cff1a7ee49c2d9/invoke.js HTTP/1.1
Host: adherenceenmitycentury.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 19:34:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b9b4ab52f2eef54b2ef161d52187ff1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
82.221.129.60404 Not Found 1.2 kB URL HTTP/1.1 megafiles.link/download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /download/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
Cookie: _cpguid=q5ni9sf95; dom3ic8zudi28v8lr6fgphwffqoz0j6c=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 19 Sep 2022 19:34:48 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dddb1a703413981a00f0b57b47f5e818
eacc2d08d5261b9b806bfd17663ed65144b4bb3c
d42abe07f737ce6b27e3c738bb69fe08094a0969c9409af63222f50f9c01d847
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D42ABE07F737CE6B27E3C738BB69FE08094A0969C9409AF63222F50F9C01D847"
Last-Modified: Mon, 19 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20802
Expires: Tue, 20 Sep 2022 01:21:30 GMT
Date: Mon, 19 Sep 2022 19:34:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4d76f2d46a3d96481bd781837fcca971
8646662830cf42eb2667d9766693508a7d432ead
1edfec20d6c7304083956489169f06547ec9ac7bfdf31451f2b354ccaa29dae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EDFEC20D6C7304083956489169F06547EC9AC7BFDF31451F2B354CCAA29DAE8"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16507
Expires: Tue, 20 Sep 2022 00:09:55 GMT
Date: Mon, 19 Sep 2022 19:34:48 GMT
Connection: keep-alive
dyodrs1kxvg6o.cloudfront.net/0cd6e21.js
143.204.42.50200 OK 7.0 kB URL HTTP/2 dyodrs1kxvg6o.cloudfront.net/0cd6e21.js
IP 143.204.42.50:0
File type C source, ASCII text, with very long lines (1637), with CRLF line terminators
Hash cc1f084cadf650035d53facc94258d73
8a648cccead6ffd114e481c0ea82ad8cf959259e
19e97e2cd542fee9d1262a118e47840963945d8311039607e138dc0fe84179ec
Analyzer Verdict Alert fortinet Malware
GET /0cd6e21.js HTTP/1.1
Host: dyodrs1kxvg6o.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 11 Sep 2022 15:37:35 GMT
server: AmazonS3
content-encoding: br
date: Mon, 19 Sep 2022 19:09:59 GMT
etag: W/"b0e3313a9ea34dcc3bd36696e9ef572c"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kPOAkMnz7E5vwt5uQEafvPV8Urhv1se242M_uEDRKrC8i9NbLHyQ-g==
age: 1527
X-Firefox-Spdy: h2
governessmagnituderecoil.com/watch.651092305401.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=81a83f8b-8ce0-4354-8370-4572de385795%3A2%3A1
173.233.139.164403 Forbidden 0 B URL HTTP/1.1 governessmagnituderecoil.com/watch.651092305401.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=81a83f8b-8ce0-4354-8370-4572de385795%3A2%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.651092305401.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=81a83f8b-8ce0-4354-8370-4572de385795%3A2%3A1 HTTP/1.1
Host: governessmagnituderecoil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3
54.231.169.80200 OK 64 kB URL HTTP/1.1 s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 54.231.169.80:0
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /cdn.mobverify.com/www/filelockers/theme4/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://megafiles.link
Connection: keep-alive
Referer: https://s3.amazonaws.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: QsyzQn19KNU3RjK3LzMdk57azPzdI2XiriAL2egwwqpQkktijMsQQRMAV5dMlyvIMuhxrKJW0GY=
x-amz-request-id: B7K8G0JSYQ91HN87
Date: Mon, 19 Sep 2022 19:34:49 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Tue, 16 Apr 2019 16:50:40 GMT
ETag: "4b5a84aaf1c9485e060c503a0ff8cadb"
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Server: AmazonS3
Content-Length: 64464
perryvolleyball.com/watch.1237664203143.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
173.233.137.52403 Forbidden 0 B URL HTTP/1.1 perryvolleyball.com/watch.1237664203143.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1237664203143.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
astonishedmule.com/watch.497922610461.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
173.233.137.44403 Forbidden 0 B URL HTTP/1.1 astonishedmule.com/watch.497922610461.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.497922610461.js?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://megafiles.link
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 18:41:12 GMT
expires: Mon, 19 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 3216
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megafiles.link/download/img/icon.jpg
82.221.129.60200 OK 2.1 kB URL HTTP/1.1 megafiles.link/download/img/icon.jpg
IP 82.221.129.60:0
ASN #50613 Advania Island ehf
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 6c2f059c13eb12d8b473c41988b8686c
9471986526d3c7322bbe5cecbede1d6f334e0e12
5639c13921121bbb3463b0737ee60274481f82291b9f3e45bc559b4ea0d4fb77
GET /download/img/icon.jpg HTTP/1.1
Host: megafiles.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://megafiles.link/download/?file=Seltin_Sweety-Pack-2022.rar
Cookie: _cpguid=q5ni9sf95; dom3ic8zudi28v8lr6fgphwffqoz0j6c=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 26 Sep 2022 19:34:48 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 19:28:24 GMT
accept-ranges: bytes
content-length: 2109
date: Mon, 19 Sep 2022 19:34:48 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9477
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 19:34:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9477
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 19:34:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: b04884f3-149d-4750-876b-8e8762f0f2a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzrHKMoAMFlfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-5852e5ef280580b8569b548f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vaJ_7zKaGiXZh4VtTlLZCOFpi7bz9tpKRbsvRDJ4En-E93sREYnz5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 05:49:41 GMT
age: 49508
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 78186
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a533c29caf29ac5348a4443278d5c52c
915155faf27fad10373d5e282621af5c2eba0c17
eaa82b2d158d5f8c8a91a13cbce276aa8e2a9adabaa5a7d81e1155e3334ca27d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb78000d2-f83e-44e6-b5dd-092b2c37f6b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4807
x-amzn-requestid: 9fdca623-dc65-4b51-9b40-15049a21b986
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlFNeIAMFblg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-285bbc7b1d5cf53a0e4aee0c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CY-m1MIG3c7tAi5RB6Oh_Fm_k2eLSRD7rFefVfaFlV6iYPvZfVzEvQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:48:04 GMT
age: 78405
etag: "915155faf27fad10373d5e282621af5c2eba0c17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=q5ni9sf95&e=ll&t=1663616068851
54.230.245.65200 OK 0 B URL HTTP/2 d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=q5ni9sf95&e=ll&t=1663616068851
IP 54.230.245.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/guid?cpguid=q5ni9sf95&e=ll&t=1663616068851 HTTP/1.1
Host: d35kbxc0t24sp8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 0
date: Mon, 19 Sep 2022 19:34:48 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gE8kIPapNebxK8dl8xHLXNxO0rJmQqslozKVHNnt0rGTEYPFBG5mSw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 78174
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 66386
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ae5a7fc19cf9601753b147621cb9f8c
04063797f76518668fdd9a5d5a86c7637eac43b8
b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -hhkLqfURsIBwgNHxoMM002WynFjq5WJ62bNRbXhFxH6dbmZD7zm2g==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:10:51 GMT
age: 77038
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
astonishedmule.com/watch.497922610461?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
173.233.137.44403 Forbidden 0 B URL HTTP/1.1 astonishedmule.com/watch.497922610461?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.497922610461?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
governessmagnituderecoil.com/watch.651092305401?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
173.233.139.164403 Forbidden 0 B URL HTTP/1.1 governessmagnituderecoil.com/watch.651092305401?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.651092305401?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1 HTTP/1.1
Host: governessmagnituderecoil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
perryvolleyball.com/watch.1237664203143?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
173.233.137.52403 Forbidden 0 B URL HTTP/1.1 perryvolleyball.com/watch.1237664203143?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1237664203143?key=4d4a97d1c27b171c61cff1a7ee49c2d9&kw=%5B%22download%22%2C%22-%22%2C%22mega%22%5D&refer=http%3A%2F%2Fmegafiles.link%2Fdownload%2F%3Ffile%3DSeltin_Sweety-Pack-2022.rar&tz=0&dev=r&res=12.29&uuid=017b3112-b9e3-4898-88d6-7898ae172ef3%3A1%3A1 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 19:34:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/css.css
54.230.245.65200 OK 1.0 kB URL HTTP/2 d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/css.css
IP 54.230.245.65:0
File type ASCII text, with CRLF line terminators
Hash 683a185465436634825046815ac5a2d2
dd9a216245afb09ebc5098aa44374ee8ef51d3dd
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
GET /public/clockers/PrimeApps/css.css HTTP/1.1
Host: d35kbxc0t24sp8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1010
date: Mon, 19 Sep 2022 19:34:49 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
etag: "3f2-5a2f7428ae907"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PhBDvsaZUFg4wHUzUurUCLNxXefbgQh8FsMXRkgSdXumRaByt8pFGQ==
X-Firefox-Spdy: h2
d35kbxc0t24sp8.cloudfront.net/public/external/check.php?it=2950767&time=1663616071590
54.230.245.65200 OK 78 B URL HTTP/2 d35kbxc0t24sp8.cloudfront.net/public/external/check.php?it=2950767&time=1663616071590
IP 54.230.245.65:0
Hash 37ebc78db9bc22d4c972c5961163070c
865e3671f7e86b52d2f7b006b95ec7799a187572
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
GET /public/external/check.php?it=2950767&time=1663616071590 HTTP/1.1
Host: d35kbxc0t24sp8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 78
date: Mon, 19 Sep 2022 19:34:51 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jkpUtpHIATFVou8deU6sUwGkUXPrSYQlgFTxODk1j5xDXAfLSRyAgA==
X-Firefox-Spdy: h2
d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.2950767.78f94.0.js
54.230.245.65200 OK 0 B URL HTTP/2 d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.2950767.78f94.0.js
IP 54.230.245.65:0
Analyzer Verdict Alert fortinet Phishing
GET /public/external/v2/html.2950767.78f94.0.js HTTP/1.1
Host: d35kbxc0t24sp8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 19 Sep 2022 19:34:48 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TyOVIn3WznoxygIuHYkxkDlK07URfW_a4UgWIl7t0EcA_HJBtl2gFA==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC
IP 142.250.74.10:0
GET /css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://megafiles.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 19:34:46 GMT
date: Mon, 19 Sep 2022 19:34:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2