{"report_id":"04e3e0e7-dbec-4c7b-84e1-7ebbb890a37a","version":6,"status":"done","tags":[],"date":"2026-03-26T22:15:40Z","url":{"schema":"https","addr":"megaonion.cc/","fqdn":"megaonion.cc","domain":"megaonion.cc","tld":"cc"},"ip":{"addr":"104.21.2.82","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"megaonion.cc/","fqdn":"megaonion.cc","domain":"megaonion.cc","tld":"cc"},"title":"Как работает ссылка Kraken Onion","dom":{"size":68967,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (606)","md5":"1da889b9f6d35e18edcdbd79ce32160f","sha1":"b96db8bebbeae5d9840d7e38d48a8942a262357c","sha256":"4bdb41eedae147e500cbd8010a1011f66d83fcdbe138088097c4ef7e804869b0","sha512":"8f963601cad617218a7c880e4b62587b0ceb6c00e1281f000c675cee92e91c44c6dd9dddcc7e8d0a7fc747f6d0fa300df04626cb0695e760c94b2fd68cc06b67","ssdeep":"1536:xt1AyECnn8M7Udn5Hm3KmhZW2I4xEfJMjmE:mLn5Hl2I4xvCE","tlshash":"7f63336151f710762513f096af555b0a3aa1e4bbda0bc7153bac26ac5fc2ce8ce2361c","dom_hash":"domhashd77da86157198c2d2add89d59bf2e920","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"megaonion.cc/","fqdn":"megaonion.cc","domain":"megaonion.cc","tld":"cc"},"ip":{"addr":"104.21.2.82","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-30T22:15:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"megaonion.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"megaonion.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"megaonion.cc","ip":{"addr":"172.67.128.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-19","domain_rank":4126686,"first_seen":"2026-03-26T22:15:40.829413Z","last_seen":"2026-03-26T22:15:40.829413Z","alert_count":2,"request_count":1,"received_data":70029,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"megaonion.cc/","fqdn":"megaonion.cc","domain":"megaonion.cc","tld":"cc"},"ip":{"addr":"172.67.128.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"20c3173bb73442e2f8e9bbeeec66da60","sha1":"18a6bc696718d99d50fb3444a69ee1d1dcefe9a9","sha256":"d8233016a56a90358d3ff0a78f71053f6acb9b7a8bdb15599d93ac5f8d1eac51","sha512":"5fde90c864214f6d30f8bf8217dc154c22da27f26330d2112b3d001501d5751ad9ca0424d93d5525a09b85ce9960d18acb09bc0081861b7a41afa4f8d5f047ca","ssdeep":"","tlshash":"4fd02b4cd8e1247d0cb3767a12db46b4f2501482d0c4cd29336cea842f8a1140ff7bd8","size":283,"data":"","first_seen":"2026-03-26T22:15:44.582447Z","last_seen":"2026-03-26T23:10:29.440268Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"megaonion.cc/","fqdn":"megaonion.cc","domain":"megaonion.cc","tld":"cc"},"ip":{"addr":"172.67.128.235","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-26T22:15:19.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megaonion.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 11 Feb 2026 07:40:38 GMT","end":"Tue, 12 May 2026 08:38:13 GMT"},"fingerprint":{"sha1":"84:42:9B:6D:CD:2C:4C:7C:93:4A:03:3A:CB:75:9A:79:AA:00:60:C2","sha256":"90:B9:7B:61:E3:5F:98:4F:3D:67:76:66:7C:B4:85:50:F9:CF:85:09:FF:1D:7A:5E:22:79:4F:24:AC:5C:E5:06"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: megaonion.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Mar 2026 22:15:19 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Thu, 26 Mar 2026 22:15:19 GMT\r\nset-cookie: e3b0c4_49=1mjaueu3qesknr; expires=Fri, 27 Mar 2026 21:55:58 GMT; path=/; domain=megaonion.cc; secure; httponly; samesite=none\n_token=1mjaueu3qesknr.1774648558.11.a637cadcae596fc110a25a839e2e942c; expires=Fri, 27 Mar 2026 21:55:58 GMT; path=/; domain=megaonion.cc; secure; httponly; samesite=none\n_subid=1sjos4f.31.gr96; expires=Fri, 27 Mar 2026 21:55:58 GMT; path=/; domain=megaonion.cc; secure; httponly; samesite=none\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qtVnCPpm0y%2FbmshkoqMiWVOl7F6PghDbAqiF%2B%2BHWcm7aTmdfXsISGZzYQ5XCZAfr4UrYkKTGOWuQ1SikzVAaBsxosCuyX80ehX6T9iPrMt%2FwU%2FMxzGyZB44oAqIMnPw%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9e298369fd170731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68883,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (606)","md5":"0ecc311f5da5cbdf6f6ec7ae7c11eb3b","sha1":"38356e1cbb13f8326fb52ed45741ad529748d447","sha256":"501db6c3165f093dbe73711f4c9019a7d6abab6a86d2e835602d99555a8fce9a","sha512":"c781265aca327d110b3ccf22c9e2977b4eaa59d1a00a6f1820b405f5a441f60245b958c3b3c92a4ba14a42de6f262f25cd6c9fdad9345ba1de44d9f55bfc796b","ssdeep":"1536:Xt1AyECnn8M7UPd5Hm3KmhZW2I4xEeJMLIi:cFd5Hl2I4xUUi","tlshash":"b963446151f710772513f096af555b0a3aa1e4bbda0bc7153bac26ac5fc2ce8ce2361c","first_seen":"2026-03-26T22:15:44.579157Z","last_seen":"2026-03-26T23:10:29.437959Z","times_seen":2,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":61,"dns":46,"connect":1,"send":0,"wait":194,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"megaonion.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"megaonion.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}