Report - megadb.net/sfqgk8axu8cb

Report Overview

Submitted URL
megadb.net/sfqgk8axu8cb
IP
172.67.216.36
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-02 19:19:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.51
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.82.48.240
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	14 kB	172.67.194.45
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	16 kB	216.58.207.195
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	739 B	139.45.195.8
fleraprt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	478 B	139.45.195.254
megadb.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.2 kB	104.21.67.68
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
cdn.uponelectabuzzor.club	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	138 kB	139.45.197.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
betotodilea.com	52465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	40 kB	139.45.197.237
goomaphy.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	79 kB	139.45.197.239
ssl.google-analytics.com	275	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	18 kB	142.250.74.104
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.83
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	823 B	1.8 kB	104.18.11.207
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	160 kB	142.250.74.163
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	1.2 kB	142.250.74.164
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	14 kB	104.22.32.172
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	763 B	1.7 kB	172.64.133.15
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	fleraprt.com	Sinkholed
2022-10-02	medium	goomaphy.com	Sinkholed
2022-10-02	medium	goomaphy.com	Sinkholed

JavaScript (39)

	URL	Size	First Seen	Last Seen
	megadb.net/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-18
Pretty URL megadb.net/js/jquery-1.9.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 08:55:23 Times Seen23136 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	megadb.net/js/paging.js?r=1	1.1 kB	2023-03-07	2024-04-18
Pretty URL megadb.net/js/paging.js?r=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:51 Last Seen2024-04-18 04:12:46 Times Seen378 Hash 7a8d0d2ed991011d6f095ab8dd49973e 51a1f7bcb992124a9929a939641c3893f541384a 6fc96bd4bbaeb5f4f6b9ea81d2f995711064f7ca8e90362892122de20bbfba2e Loading...

	megadb.net/download	666 B	2023-03-07	2024-04-18
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-04-18 04:12:46 Times Seen1301 Hash b43b98ae6d81d1bcc31bf4d398af2770 084014353ba5a80e35a7144b4c4ad8abbcdf6eac 6df937222477e1219205ce19b008280da54e60cdf8c3a5749369a66224a82faa Loading...

	megadb.net/js/countdown.js?rand=dfgfg	484 B	2023-03-07	2024-03-22
Pretty URL megadb.net/js/countdown.js?rand=dfgfg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:50 Last Seen2024-03-22 23:56:16 Times Seen197 Hash 1278a13f877292720349cae609458608 130c8ac256e512f1295b730e9013819a3d389cf8 68c8b1ff1f38e8c5e7ad80fc75f225610ec3a9a6d3319516785d79336f82d746 Loading...

	megadb.net/download	232 B	2023-03-07	2023-03-13
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash fedf4b1b665a07bf87644c75102653a3 d41b001671d72a8209e37980558707c5a5b60cf1 dde4496beeaf9196cbe4e93813079363284c04945b4fcd8bf8f709061e0a5250 Loading...

	www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js	399 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash f35658481ed15bc5f9e381e5babb040b 6ac7505ec9c522b239aeefed9ff6c1ff4d7c98e5 bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO&co=aHR0cHM6Ly9tZWdhZGIubmV0OjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=222x72ge4bgq	69 B	2023-03-07	2024-04-18
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO&co=aHR0cHM6Ly9tZWdhZGIubmV0OjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=222x72ge4bgq IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 09:24:50 Times Seen98953 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	megadb.net/download	435 B	2023-03-07	2023-03-13
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash c137f78bc295ca9e873b2969e6277836 cf9535d022e7a7918902f444da545c6d348a0012 51bc68b71aced6675597a773bfbf401e564305201d0c72a16ed3c329f2c0e44e Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash 671d51c8f7b6f6920c23e7092f2e07f4 f9c0ccad26b1524c2f0438657c0ce4b82960cdd3 91b729f00e7b893e0b8158d9d786315ed01b763e6b1053d72e2d6abbb906f70e Loading...

	cdn.uponelectabuzzor.club/42/38?z=4909538	0 B	2023-03-07	2024-04-18
Pretty URL cdn.uponelectabuzzor.club/42/38?z=4909538 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 09:25:03 Times Seen36933215 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	megadb.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-18
Pretty URL megadb.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 08:52:34 Times Seen42851 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	megadb.net/download	940 B	2023-03-08	2023-03-08
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash bbe72f07e8df1edf24e7f048f709525b 63287d5d595e3992e8e16b38314d40d828982cb5 19039093f76bfc62384327002ec96d6e4bb77c25750a5c3c462e2550bb372a8e Loading...

	cdn.uponelectabuzzor.club/27/b7bd02994a2771796f8a835cfb750d4b	408 kB	2023-03-07	2023-03-08
Pretty URL cdn.uponelectabuzzor.club/27/b7bd02994a2771796f8a835cfb750d4b IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:17:47 Last Seen2023-03-08 05:35:44 Times Seen1 Hash 7ab89f78b6aefbb5652eabbe8b71c1c6 f558db93cba76989a8daa5498bcb9f5357e892e4 296c8334bfec54e3a1a0772e1efe387735181b85d04557ac3befd33e69ce6640 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO	178 B	2023-03-08	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-13 23:46:23 Times Seen1 Hash 9e3102e7c8bc63d9ccd480650bbff724 2a6a9556c142bd34ef297e4cfc72cb2041125125 4c287a5ec31fe4a17a5478ecc4db739b28affaf671c4ef66ae862df5001d323e Loading...

	megadb.net/download	59 kB	2023-03-07	2023-03-13
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash b8921f95c84aa18f1a14cdcf42aabca4 8d91ee9078dfcd9780910e6ad260b71f0b4ce849 7eb459ffae21688caf237c63d218ea794dc7431f1edc6adba740284f6241fddc Loading...

	megadb.net/js/share.js	329 B	2023-03-07	2024-04-18
Pretty URL megadb.net/js/share.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:51 Last Seen2024-04-18 04:12:46 Times Seen505 Hash e38522ef9b2fe6940894f9f35a29f407 d5227e21fbae55e23bd87bf084a4049e797d0775 59b3cd5e8d2207976f8f687c84eba22d83cf960318fa8f7a6f31022ef4e69208 Loading...

	megadb.net/download	234 B	2023-03-07	2023-03-13
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash b23ce70638eeba6cf2ca7a25f1df664c ceda8c608fdc4ac25cd0b0d27706e41ae8ed7b86 a820791675409c6bcec41cb07e4f5ac961dd5f1d5b6cec9edc411010157c1025 Loading...

	http:blank	580 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash 8e04f02b50f876b63882c83bfc640906 00bcc0f2e180bd0d96f332f815a57cdfbdd9bd12 79840d7007e559eff332893cd0a61c30c547e38a72ffa8d923657622a18b5588 Loading...

	megadb.net/js/jquery.paging.js	5.4 kB	2023-03-07	2024-04-18
Pretty URL megadb.net/js/jquery.paging.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:52 Last Seen2024-04-18 04:12:46 Times Seen395 Hash bdac2c6b7b5f9e6812264ee95ca7e9fc 47957ed010ff73c1a23bc4b490fbcc618416604d 3ff6be8f3b815dfa79d5ca2e915bd5c2d96bf3133c7b6dbc50f87849933bc818 Loading...

	megadb.net/download	1.4 kB	2023-03-08	2023-03-08
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash c9f5c519d7cced082050702d7fceba56 fb1a3f1069c6a71af7a0d17bfaaf3eee57f37b5c 51231b3e293b95ac9d399c4842023c8c2c29d16565c30f71efc995a475af6725 Loading...

	megadb.net/download	174 B	2023-03-07	2024-04-18
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-04-18 04:12:46 Times Seen1169 Hash cb943eb9432bf54d0289b5b025bef54f 59126b245742b44378dbfa4c3d11bd852a4d716b a40ee726019c571babd88bcfc2265bb8030e1b476452ed3ccda139deebefee94 Loading...

	megadb.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664726400	42 kB	2023-03-08	2023-03-08
Pretty URL megadb.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664726400 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash ea6437490bc1d02d8dbe935173929fb1 f7d57c2addd77a7bfa8df68dc3428030e599cdf8 f58199059b6f72b7832bf16d79981782e1a1689720bcbd3023e48ae5c42aff3c Loading...

	cdn.uponelectabuzzor.club/1?z=4909538	8.7 kB	2023-03-08	2023-03-08
Pretty URL cdn.uponelectabuzzor.club/1?z=4909538 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash 0b36ed48ccf2a65597397ba596d893c6 221a9f316ece700fcb15ebd6f2c4b5faf6071971 1e7b235a9f2b121e30d3fdf78af246ea78e2f6d9a6c7487c117635e9a6a04e37 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-18
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-18 08:55:40 Times Seen54250 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	megadb.net/download	261 B	2023-03-07	2024-04-18
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:22 Last Seen2024-04-18 04:12:46 Times Seen1302 Hash d04584334d251ef8ea053da53b683194 dc0092f79b3e040a93d5d94951ff9eb326960c99 6f42d96dcea6cd1193084d86f60b8629162023b44cd213d41fc63bedc177fbb8 Loading...

	betotodilea.com/400/4779551	82 kB	2023-03-08	2023-03-08
Pretty URL betotodilea.com/400/4779551 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash ca7d790df5d76b540cf08f606a304933 f0492bf7aa24ce2d2239e69f69c1bf8b9aa6886a 465ac01359bb26c45d9a3fde599e5b31d0bf5f70e07150dcec8a416935ebb6ce Loading...

	goomaphy.com/400/4888955	80 kB	2023-03-08	2023-03-08
Pretty URL goomaphy.com/400/4888955 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash 8f20329cb920e9877541138473a886d8 39bcf335999b334d90a0d9959c4dcd6d186e9cc6 8c02257c3c830e14ceecee4d4475ec7220cec51a363148ab2e6f45bb6f750f33 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO&co=aHR0cHM6Ly9tZWdhZGIubmV0OjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=222x72ge4bgq	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYe9IgAAAAAOpdGlxyuw66oPqRMTlyUBQqs_QO&co=aHR0cHM6Ly9tZWdhZGIubmV0OjQ0Mw..&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=222x72ge4bgq IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash 09f5d3b672a4901b163780a23e078d4a a17d97694fafc3292a32eb26bee2c033f1a3187d 58bafeaa7e43f0b3d5bfafc27b1ce2908b540880ddf90db030edb485d840971e Loading...

	megadb.net/download	59 kB	2023-03-07	2023-03-13
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash f1b8d27bb541c8215b3eddbeca2a0096 5656fcc434bcef647a43fe7d8bb96df0a16d2c7e aed7881a9da211a305d2d5a99181cf2c475052428465715b0dfab5aeb5c809a4 Loading...

	megadb.net/js/jquery.cookie.js	2.0 kB	2023-03-07	2024-04-18
Pretty URL megadb.net/js/jquery.cookie.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:51 Last Seen2024-04-18 04:12:46 Times Seen387 Hash 62f1e648af870467847e82a196e6bc3d 494a213d988624a14582b8d0277581a5571bb55e 250e367ff82ec35e8bdfd782251214c82c9f22640a2b994ecbfdb185c1f28f56 Loading...

	megadb.net/download	68 B	2023-03-07	2024-04-18
Pretty URL megadb.net/download IP 104.21.67.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:51 Last Seen2024-04-18 04:12:46 Times Seen333 Hash 32a1418f90fdca162650da1c291e381d 812ebaa24f806709ef7e7fb035157cd97d60ed19 47b60e76dbe47057f6be18f972eb638653296e645b1e71a284188eb771e2987c Loading...

	tzegilo.com/stattag.js	33 kB	2023-03-07	2023-03-17
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:21 Last Seen2023-03-17 12:47:57 Times Seen1 Hash df875929410d71d763e9fa10b830bb2a b0711a8d2bf6ad4ffa4640534588b423f2ef7fec 0be796b658c6cee0d55aa164994d0d83f9ec7aa7ecf1eb41c1ddf208bba9e3b1 Loading...

	cdn.itskiddoan.club/apu.php?zoneid=4804809	968 B	2023-03-07	2023-03-13
Pretty URL cdn.itskiddoan.club/apu.php?zoneid=4804809 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:18 Last Seen2023-03-13 23:46:23 Times Seen1 Hash 0be4019a7120c80c70edae6be0544218 4ab97f3ca2ab3faca56130d6d3096bbdf8a2f7fc a2a81a48d2c5bfb3ba9876f2180973c27217b97c6f26c0c99006581521b5cb4d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 51ec4cc2a1dfa28a02a88449edf241ec	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 00:55:08 Last Seen2023-03-08 05:04:09 Times Seen1 Hash 51ec4cc2a1dfa28a02a88449edf241ec 9f671885203405b8e9ff67a4792d3e5378cbadaf e5683c5a6cd34f26d9e83cd82920f4f254eca60536c547e744adaeb0c46e36ed Loading...

	#2 Eval - 7d30c79c0df8b0a437ef857dd6f8ab20	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 00:55:08 Last Seen2023-03-08 05:04:09 Times Seen1 Hash 7d30c79c0df8b0a437ef857dd6f8ab20 e499c527e6fa472a2a55c40b37d921c9ec84d35c c27350eb28449ea5fe63d2274e8009133c1c7821812e2d4bd0073bca021cc5e2 Loading...

	#3 Eval - 0babdb2d402583319a15192081929533	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 00:55:08 Last Seen2023-03-08 05:04:09 Times Seen1 Hash 0babdb2d402583319a15192081929533 18ae748278812bc862210f932a5b16c9a9bd8df8 4f34657c24016e806ad6855ae168ee70b5948f69a252e7a9c5fdf5940467859f Loading...

	#4 Eval - 6b460d6d08d082fa0fb2f50829cebca1	18 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:45:28 Last Seen2023-03-08 04:45:28 Times Seen1 Hash 6b460d6d08d082fa0fb2f50829cebca1 0661b6f5431aa3ba2620fa2cbaa752871718ec0c 7f6b72290dc59499efc2a77a5633a3231c87b6eb8ab1f5612c9a07b54349a688 Loading...

	#5 Eval - cf4b6fd71fc26b36b1ec6da28c52c054	64 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 00:55:08 Last Seen2023-03-08 05:04:09 Times Seen1 Hash cf4b6fd71fc26b36b1ec6da28c52c054 c67a66a2999146142da4fdd0446c9a2e48b242a1 1fd69b8f0686d42ddd41501e73001c058475edeaf8efb5bb0c998e05177fcbb5 Loading...

HTTP Transactions (59)

URL IP Response Size

megadb.net/sfqgk8axu8cb

104.21.67.68

301 Moved Permanently

0 B

URL HTTP/1.1
megadb.net/sfqgk8axu8cb
IP
104.21.67.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfqgk8axu8cb HTTP/1.1
Host: megadb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 19:19:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 20:19:18 GMT
Location: https://megadb.net/sfqgk8axu8cb
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3XBxMCeNqmXYHDk21ijm7IEDQECAEuvzmbEbU%2B6flcrqiZNygpuc%2Fxp1LKCmfnCm10cGO72QfvgTW7vyeKaR8fIZpjDOCwNi1eYYoZSbTBrNqs2A4Xk0G9xlM%2Fh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753fc9f70ef8b524-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8167
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 19:19:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.83

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e963d9388521b938ab0c2d19e2400bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: FbLvpBJUAKuutjf6E28dxYBZWuvkdfDRBkN5BZ_ot14vbhZyx8n3Gw==
Age: 965

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0a4a9b307e1f87431422055a26fe8cd3
754c13631272094eee368d6c8fba8203c14d04d9
7aac17be3346d7a5d144db6994cf30ea4d77664aa0ae84d347ed1ee67804d83d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AAC17BE3346D7A5D144DB6994CF30EA4D77664AA0AE84D347ED1EE67804D83D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6872
Expires: Sun, 02 Oct 2022 21:13:51 GMT
Date: Sun, 02 Oct 2022 19:19:19 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

108.156.28.51

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
108.156.28.51:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: rr55j_Obog2foTIVHPr5EmQl9qixe0e9Rdow3fczJgen_IhPc1pFEA==
age: 56763
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.83

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: -n_sJkVwbAqTUYWsW3iq72gr9Tt1AtbmCIJph2TYxCNWc63nCfSY1A==
Age: 2786

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4315
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:19 GMT
Last-Modified: Sun, 02 Oct 2022 18:07:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 18nYRpb2okQyhDiHN+G2lA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PLOpfC+3wAGKy0L5AS2Vw03kI5U=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4987 bytes)
Hash
463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 77076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14117 bytes)
Hash
fbddbe1f7958f13b80e50ab39094b9ab
f73cabc101017a4af09e675ca9262774c177d16a
ebbe6a54e5c390f49452d0afd55899f4dec3836451906945c79bbf165e4e0724

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14117
x-amzn-requestid: adb8a06b-48c2-4805-90ed-1db82d873d49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmFdjoAMFY_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-7f09d2c748de72ca663022df;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awdd8Vr7y-2zR0OTFdMb8PnD2XDg6hsS736tOIH_c5AVOwOSik1zPQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:13 GMT
age: 77528
etag: "f73cabc101017a4af09e675ca9262774c177d16a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7314 bytes)
Hash
ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:36 GMT
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
age: 77145
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 77518
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 52662
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11083 bytes)
Hash
edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 77146
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0a4a9b307e1f87431422055a26fe8cd3
754c13631272094eee368d6c8fba8203c14d04d9
7aac17be3346d7a5d144db6994cf30ea4d77664aa0ae84d347ed1ee67804d83d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AAC17BE3346D7A5D144DB6994CF30EA4D77664AA0AE84D347ED1EE67804D83D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6870
Expires: Sun, 02 Oct 2022 21:13:51 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ceb7f2392dd816131e0001a76cb54e19
6416c2a788f016ff94f0a10616e443e47890e97f
517337577ada3f7f9e3da9c42ce722b5a760721d59a0404afdb2810fe252245e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

555 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
555 B (555 bytes)
Hash
e75e7b4c9bf71c4a14d5e1d1946b161a
36148f31ea702a23a3f0dafd907a9069234021e7
e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 02 Oct 2022 19:19:23 GMT
date: Sun, 02 Oct 2022 19:19:23 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3037388f5d9d8a608f8e997bf117e6c5
b3a02ecdeaad5a216e1db3dc7d4df7c7bd64426c
813da8bbfc3d126718e3264728b3f384609812a93924a54e9bef0161e4eb7ecd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "813DA8BBFC3D126718E3264728B3F384609812A93924A54E9BEF0161E4EB7ECD"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19671
Expires: Mon, 03 Oct 2022 00:47:15 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6bb06884809320d120996c3d908e106f
2d6d487cc87e381ff1605e3f8626fd0c62a1f85c
72a885423ce3702633d7c7d2e57f720cd5c9244d6df1612c8418970f3cdb93ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72A885423CE3702633D7C7D2E57F720CD5C9244D6DF1612C8418970F3CDB93EF"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11360
Expires: Sun, 02 Oct 2022 22:28:44 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
584365924beacb337e3608ad5fa30b1b
d6df2256408082d732c90ba8dd449f8accffaf64
b284a02e0eb364adacfc91984181f8f0918596b5fedabd34add0ee59e4542931

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B284A02E0EB364ADACFC91984181F8F0918596B5FEDABD34ADD0EE59E4542931"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10912
Expires: Sun, 02 Oct 2022 22:21:16 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9afdf5e6b269338bebe7dc842d9473e4
6e9f579001665d01687b37bec805c8f14483da91
6a6df1adeeb9cce8042beaade4a80b1dbd32c5426dc1162188178c73b5e51aee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A6DF1ADEEB9CCE8042BEAADE4A80B1DBD32C5426DC1162188178C73B5E51AEE"
Last-Modified: Sun, 02 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1816
Expires: Sun, 02 Oct 2022 19:49:40 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

tzegilo.com/stattag.js

172.67.194.45

200 OK

13 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Size
13 kB (12724 bytes)
Hash
35c463ced8933d46699f74b9bf3f1c99
2576e95d852699244108e9a52fb49e441e72cdcc
6d9f731482c3c3163415a3cec2e00075c227d9d839e67c5d4168ff1af6581b23

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:24 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShE4TVRnWKzw3QKoqncBtBdPlrkTSCtj1yOCjMvzXjq0EvYOdtjnS9ziuPIzV7ArRlZLbYvqumIp%2BbaYncvluznS4kMckCVL7YEMdiiOC401zSOyIgdSjY4j2iA5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca1b1b270b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.uponelectabuzzor.club/1?z=4909538

139.45.197.239

200 OK

3.6 kB

URL HTTP/2
cdn.uponelectabuzzor.club/1?z=4909538
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (7767)
Size
3.6 kB (3555 bytes)
Hash
bf81062b246600e0f3d065091811085a
25b796b405906d4fa459bdff1a7ffc80b13e1375
0c64ba031c9e1137e35443bda5ae589fc250830674581f46dd1260bbe08f7b82

HTTP Headers

GET /1?z=4909538 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 35437f1883591d1ada5f3ffc7bc47e7e
access-control-expose-headers: X-Sc
x-sc: lPK3L_bmQq5yP_Q3YD-0bGhYzp3bzBiNEi4QQC76u7Z9EoZp149ysJ2jXWui78xwjqUwVCVU8YGnLM2PaWJVdsYphq0=
set-cookie: scm=1; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None
OAID=78c6367ed2a145d784612fcdc43a48b5; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None
oaidts=1664738364; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
3f221772ec0c9958b2c88cae5babcd0b
dc78dc227b42d1d4967d64c81374693440bf3f4f
037c8d5c260b070d810b31fd5d9db67c9aa44f3e103ec170cbd7234210555ba1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 19:19:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 18:25:21 GMT
Expires: Thu, 06 Oct 2022 18:25:20 GMT
Etag: "dc78dc227b42d1d4967d64c81374693440bf3f4f"
Cache-Control: max-age=341754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753fca1cc8bbb4ed-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
6d3faa0b192e6b85722a77c8e37965d9
05e54262ae2b4067fe43ee5d90944126aaad2cc0
1f9d2a0762c24aa029dbd7c97aad49bdd263df587b67a798579563ca87f42d1b

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f8081518e3d57221621e2a9a82e1e2d4
49d78923340dd0afa2d8eaadb8aa32bb14c0b6b3
aaab42de1da4de8c53295899d0b4cde36ea419c105a46baaad8a3e6a7fb7d7fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 19:19:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 12:52:18 GMT
Expires: Thu, 06 Oct 2022 12:52:17 GMT
Etag: "49d78923340dd0afa2d8eaadb8aa32bb14c0b6b3"
Cache-Control: max-age=321771,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753fca1c8fcdfac4-OSL

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadb.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megadb.net
Content-Length: 1756
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 02 Oct 2022 19:19:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://megadb.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

betotodilea.com/500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megadb.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn.uponelectabuzzor.club/27/b7bd02994a2771796f8a835cfb750d4b

139.45.197.239

200 OK

131 kB

URL HTTP/2
cdn.uponelectabuzzor.club/27/b7bd02994a2771796f8a835cfb750d4b
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65523)
Size
131 kB (131245 bytes)
Hash
369181a44ab40b3cc2510921246c5f4c
ffcd2eea059c0aaba575bf0b397f89c81f83e802
d064fbc3c4aa4abe30d92bbdf1ec17c20c900b730ddac549f35e762bec33717b

HTTP Headers

GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Cookie: scm=1; OAID=78c6367ed2a145d784612fcdc43a48b5; oaidts=1664738364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

goomaphy.com/500/4888955?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

77 kB

URL HTTP/2
goomaphy.com/500/4888955?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
77 kB (77223 bytes)
Hash
f3d57919686eb22abf7f5fda5d000ab3
c880a5109e41f3d03d8ae39667ee94b70acb59dc
0b6b0f07ec653a0b52f59a04c2db799e6cb5595404a1784709e65e2d910172ee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/4888955?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c5bdd2784a904ae69a889e18b2aac57c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: application/javascript
x-trace-id: ca6bcf909a84e8cd04e9d19c105cb3bc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

24 kB

URL HTTP/2
betotodilea.com/500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
24 kB (24282 bytes)
Hash
c40af3de5f73794d9d1ae23b6e520bd7
c7824a77bd70354bd97ec4b4bc48f5490a74b4d4
443c043683fffe6493b8e34b4f29a9b62b9a5381cf633d58fa746188a3593739

HTTP Headers

GET /500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c8baf133358a4546982a3a51805cbe08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: application/javascript
x-trace-id: dbe76f61059ad0b4a602f11803cd7d46
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.uponelectabuzzor.club/9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c

139.45.197.239

204 No Content

0 B

URL HTTP/2
cdn.uponelectabuzzor.club/9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

139.45.197.239

200 OK

7 B

URL HTTP/2
cdn.uponelectabuzzor.club/9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

POST /9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: scm=1; OAID=78c6367ed2a145d784612fcdc43a48b5; oaidts=1664738364
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e2fca066498a769a8459f45560d224c6
access-control-expose-headers: X-Sc
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None
oaidts=1664738364; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

betotodilea.com/impression/WsKIMFI5XuBsG7fFTtDlEOal2x04MkkgJik4dyiFMV3dYaEOC9U7wz4-IS0luzAeyhC-yt-bv2dZhAun-D6jrmr6pYXTLoMCNYOc3g0De7giJgJmIP8r3CBW1we3qaJixYDqeWtlNDDGZapgCkvnPQxlAdIMqel8Vm-OrFBFCupFHzzjwqEC-ck1kXecb1AzhQyP9bePm2viTug6_HiIGlUd7UsHPCiZyim2HuUdZ83T7ZhN1DDY5wXSFqGbRCYqUWK_MSBJyP8nBowopzqR9UmuCD8n1Gop_DGUQLjSKP8kVU0wyYTl0oy9CUZFRMCs7_DoNz6to2xZEbuacKYIHGFwG-XdUKlvWrQfGFVOP9yu2quDZJBU8wdIDe-xp5jRt1w35MRXmJ3RO42Po7YDEvXG7iR1HT1iGBCbBhB1RPkgkV13tlSKt3Z2zBbCv-_YcX32sRUQGRWU04jV47QWxdwUHLLnNpVo53hVUNi8Fs5Fq7JBDsNOKogvz1NB-7QUJUuFB3P9jB1prT9ePzbd9TdHX6-yjLKWCmwR0a42TpRqo8XjC9H1PyeB3MfHktjm8X4pPJhh-IFRMeKTAmImyQ4Gvlcp1lN6mL5zZoevpmjCp46GYym8JD5S2JjeMG0XWdRQo6WUUJaKSsMY?_z=4779551&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

12 kB

URL HTTP/2
betotodilea.com/impression/WsKIMFI5XuBsG7fFTtDlEOal2x04MkkgJik4dyiFMV3dYaEOC9U7wz4-IS0luzAeyhC-yt-bv2dZhAun-D6jrmr6pYXTLoMCNYOc3g0De7giJgJmIP8r3CBW1we3qaJixYDqeWtlNDDGZapgCkvnPQxlAdIMqel8Vm-OrFBFCupFHzzjwqEC-ck1kXecb1AzhQyP9bePm2viTug6_HiIGlUd7UsHPCiZyim2HuUdZ83T7ZhN1DDY5wXSFqGbRCYqUWK_MSBJyP8nBowopzqR9UmuCD8n1Gop_DGUQLjSKP8kVU0wyYTl0oy9CUZFRMCs7_DoNz6to2xZEbuacKYIHGFwG-XdUKlvWrQfGFVOP9yu2quDZJBU8wdIDe-xp5jRt1w35MRXmJ3RO42Po7YDEvXG7iR1HT1iGBCbBhB1RPkgkV13tlSKt3Z2zBbCv-_YcX32sRUQGRWU04jV47QWxdwUHLLnNpVo53hVUNi8Fs5Fq7JBDsNOKogvz1NB-7QUJUuFB3P9jB1prT9ePzbd9TdHX6-yjLKWCmwR0a42TpRqo8XjC9H1PyeB3MfHktjm8X4pPJhh-IFRMeKTAmImyQ4Gvlcp1lN6mL5zZoevpmjCp46GYym8JD5S2JjeMG0XWdRQo6WUUJaKSsMY?_z=4779551&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
12 kB (11994 bytes)
Hash
a8365817fed5360ae3c0a03fe59d82ca
4f10bdb062bfb791b46911c31d21bd4779b39d74
1958d8512ac53186ef9e8920713611ff66281906568f4a7fbadcf80fcf195c0f

HTTP Headers

GET /impression/WsKIMFI5XuBsG7fFTtDlEOal2x04MkkgJik4dyiFMV3dYaEOC9U7wz4-IS0luzAeyhC-yt-bv2dZhAun-D6jrmr6pYXTLoMCNYOc3g0De7giJgJmIP8r3CBW1we3qaJixYDqeWtlNDDGZapgCkvnPQxlAdIMqel8Vm-OrFBFCupFHzzjwqEC-ck1kXecb1AzhQyP9bePm2viTug6_HiIGlUd7UsHPCiZyim2HuUdZ83T7ZhN1DDY5wXSFqGbRCYqUWK_MSBJyP8nBowopzqR9UmuCD8n1Gop_DGUQLjSKP8kVU0wyYTl0oy9CUZFRMCs7_DoNz6to2xZEbuacKYIHGFwG-XdUKlvWrQfGFVOP9yu2quDZJBU8wdIDe-xp5jRt1w35MRXmJ3RO42Po7YDEvXG7iR1HT1iGBCbBhB1RPkgkV13tlSKt3Z2zBbCv-_YcX32sRUQGRWU04jV47QWxdwUHLLnNpVo53hVUNi8Fs5Fq7JBDsNOKogvz1NB-7QUJUuFB3P9jB1prT9ePzbd9TdHX6-yjLKWCmwR0a42TpRqo8XjC9H1PyeB3MfHktjm8X4pPJhh-IFRMeKTAmImyQ4Gvlcp1lN6mL5zZoevpmjCp46GYym8JD5S2JjeMG0XWdRQo6WUUJaKSsMY?_z=4779551&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c2d22663ab7645a2878397765fb7f08c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: image/gif
content-length: 43
x-trace-id: 7bddff6cca0c1032893b449daca57520
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

142.250.74.104

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.104:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 18:17:11 GMT
expires: Sun, 02 Oct 2022 20:17:11 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 3734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (711)
Size
159 kB (158844 bytes)
Hash
b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f

HTTP Headers

GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 152034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

betotodilea.com/500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megadb.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg

104.22.32.172

200 OK

13 kB

URL HTTP/2
offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
IP
104.22.32.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13449 bytes)
Hash
375d4eace3e9692bfe2fc21648f4c59a
57ef9b8278b63d567eab92b8607b68cee29071b8
46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b

HTTP Headers

GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:26 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b480-3489"
expires: Mon, 03 Oct 2022 13:43:03 GMT
last-modified: Wed, 16 Mar 2022 09:57:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20182
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca238d6e98eb-ARN
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 110848
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

megadb.net/download

104.21.67.68

200 OK

0 B

URL HTTP/2
megadb.net/download
IP
104.21.67.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /download HTTP/1.1
Host: megadb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: file_code=sfqgk8axu8cb; lang=english
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:23 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sat, 01 Oct 2022 19:19:23 GMT
set-cookie: aff=2; domain=.megadb.net; path=/; expires=Sun, 16-Oct-2022 19:19:23 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Det6gXBarXIVFhC23pOcSYLGJ6d%2BPfWYQ%2BnGaE4hEnxw0EDYo1JeeExZPb0S%2F1DEgqdyClwvSkDcIbeVE3lGQSmIom8NGb3fXzDYwLEZxaIh89FBNIAp6lPf%2FBT%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753fca05bc2eb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d0c272812b6b417496670ded5cc7e53a
cdn-cache: HIT
cf-cache-status: HIT
age: 10163680
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753fca14aad50b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.1/css/v4-shims.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:23 GMT
content-type: text/css
x-amz-id-2: X2MspkU322QTS1GU3Jo4f5a2Asc8lvw/0+KqaHNn71uqHUoLmnY+4cw//nqEoaJp6Ve594YQLAI=
x-amz-request-id: 12P8BHJ25NHBWV4F
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2222538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yInBykekGwAKSY0rTwoa%2FI5y0pwOzkP58vXjQHXqtxzEE0FP5T8aig5cQM%2F%2FSG6aWVmKYt%2BIMUi5c9Prwb1EAkuagtNnLQjGslVaTE1KCrzXJN%2FVY5PJBsjlcFUPayIkvAfVjGk9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca14eac706c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megadb.net/sfqgk8axu8cb

104.21.67.68

302 Found

0 B

URL HTTP/2
megadb.net/sfqgk8axu8cb
IP
104.21.67.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfqgk8axu8cb HTTP/1.1
Host: megadb.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Sun, 02 Oct 2022 19:19:21 GMT
location: https://megadb.net/download
set-cookie: file_code=sfqgk8axu8cb; domain=.megadb.net; path=/; expires=Sun, 02-Oct-2022 20:19:21 GMT
lang=english; domain=.megadb.net; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJGr%2F6Oqvjnda5AdwKJXskujhFq4YjihDsg%2Fl4H3VmGOUXp8RyHJaAfPKMkt47B4D1EB23k9quyGBAgscnDxfjjuXWKNBv5phdLctlRJxHhiBQjk%2Fd9oj4dLgrzH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753fc9f8ae50b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10179962
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753fca149fddb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.1/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.1/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 19:19:23 GMT
content-type: text/css
x-amz-id-2: JDlpBDjOLEQJoLbpDpgEHFkbnXUVRFlWa8Ng8VyJW5AxfPFcaV0TrF/+uXO4BuVx3Dku9v+ENVU=
x-amz-request-id: K7K1RQ1C3WW22NV6
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2222538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYgixPKkfkbjilLrgesEN4l0Ie5zk%2B7Cy3KKji7okQCRFvN1hcJko%2F%2FwCLfF6t25LyaxraP13axti%2BFu1oRu65ukB8qxj1WdiQd2BhXG5M0nU4GfzFZPZyTG2JfOO9KUa8f7otyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca14eac006c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

goomaphy.com/400/4888955

139.45.197.239

200 OK

0 B

URL HTTP/2
goomaphy.com/400/4888955
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/4888955 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
content-type: application/javascript
x-trace-id: d904ec6e7c9798c2de22cfa5f5e5e335
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c5bdd2784a904ae69a889e18b2aac57c; expires=Mon, 02 Oct 2023 19:19:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/400/4779551

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/400/4779551
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/4779551 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
content-type: application/javascript
x-trace-id: 9dd6058b2d7044ac77ec10867bd6f11d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c8baf133358a4546982a3a51805cbe08; expires=Mon, 02 Oct 2023 19:19:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c2d22663ab7645a2878397765fb7f08c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-type: application/javascript
x-trace-id: 23ab5f95b9cc47ef39a52dfdc49b7b67
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations