Report - www2.megawebfind.com/search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812

Report Overview

Visited public
2024-07-01 18:14:31
Tags
URL
www2.megawebfind.com/search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812
Finishing URL
www42.megawebfind.com/lander
IP / ASN
96.126.123.244
#63949 Akamai Connected Cloud
Title
www42.megawebfind.com/lander

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
btloader.com	169057	2020-10-06	2020-10-22 22:38:52	2024-07-01 09:05:00	425 B	20 kB	104.22.74.216
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-06-27 18:13:48	433 B	75 kB	142.250.74.132
api.btloader.com	1320	2020-10-06	2020-10-14 17:25:59	2024-06-30 18:43:26	452 B	202 B	130.211.23.194
img1.wsimg.com	9893	2008-03-17	2012-06-20 16:42:31	2024-07-01 11:05:57	1.9 kB	181 kB	2.16.206.209
ad-delivery.net	1341	2017-05-03	2017-06-22 07:33:30	2024-07-01 09:05:01	875 B	2.4 kB	104.26.3.70
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-30 18:17:38	2.6 kB	7.1 kB	2.16.206.143
www2.megawebfind.com	unknown	2009-05-19	2012-06-20 11:36:52	2022-10-19 19:12:26	1.4 kB	1.1 kB	45.33.2.79
www42.megawebfind.com	unknown	2009-05-19	2023-03-19 09:00:35	2024-04-18 09:06:41	830 B	1.5 kB	15.197.204.56
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-06-30 18:14:28	650 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-01 18:14:06	medium	Client IP	45.33.2.79	ETPRO ADWARE_PUP Win32/Unruy.C Activity

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	www.google.com/adsense/domains/caf.js?abp=1&gdabp=true	ScriptElement	190 kB	2024-06-12	2024-08-19
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&gdabp=true IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 22:48 Last Seen2024-08-19 20:09 Times Seen1265 Hash d04d31176c5ce04911c40b58687be0e5 cfaa46cd7f9d5d9728125358313d37229e52e728 9a0f8a255013c3f7a1e5f016ee567038d4740a32a50c7e234a745aa9233b6849 Loading...

	www42.megawebfind.com/lander	ScriptElement	27 B	2024-01-30	2025-03-01
Pretty URL www42.megawebfind.com/lander IP 15.197.204.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-30 23:25 Last Seen2025-03-01 09:47 Times Seen4572 Hash 2fd31b0c8487f6772652cedda194755c 5c07375f006be29971c1ca3a9ca70b7bf30ea76d c7085977e37b61064d880aca4ae3786e795e01008883f3de1739b60cc80a74d3 Loading...

	btloader.com/tag?o=5097926782615552&upapi=true	ScriptElement	57 kB	2024-06-25	2024-08-19
Pretty URL btloader.com/tag?o=5097926782615552&upapi=true IP 104.22.74.216 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-25 02:04 Last Seen2024-08-19 18:59 Times Seen324 Hash 7e19c6347cdabd74ac2c2d44a963bc57 312ab411365b07e7b25269f1c22f54dd546f4fb3 8a0e357439280756a7c553f4687e9f938add5439fcbfcf6f3decc8bd8034b7d4 Loading...

	img1.wsimg.com/parking-lander/static/js/main.38adfcfa.js	ScriptElement	646 kB	2024-05-20	2024-08-19
Pretty URL img1.wsimg.com/parking-lander/static/js/main.38adfcfa.js IP 2.16.206.209 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-20 23:24 Last Seen2024-08-19 22:22 Times Seen2496 Hash cc57c721c0a3dc1788a997977930174b 9569a45b6308e3e2d37c96dc5f3322c27df00974 b51090c71e0b0f63cd1a9cecf294db582ee8ee5895e0bdf757dd590facd02974 Loading...

HTTP Transactions (23)

URL IP Response Size

r10.o.lencr.org/

2.16.206.143

504 B

URL
r10.o.lencr.org/
IP
2.16.206.143:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b7dbdd91e33b4b40b990affe38907ed8
8c1dc814dfd071e0c4dcfc0f5429eb7c221d609a
842512e65717b866647d52bc726c962cc42c7e2027c53a2b5b79d7b86d2e50fc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "842512E65717B866647D52BC726C962CC42C7E2027C53A2B5B79D7B86D2E50FC"
Last-Modified: Sun, 30 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4622
Expires: Mon, 01 Jul 2024 19:31:06 GMT
Date: Mon, 01 Jul 2024 18:14:04 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.143

504 B

URL
r10.o.lencr.org/
IP
2.16.206.143:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f6d043d7b5e98906db1fe2695e98859c
154db889ef567d2839bb7eaa15818cd546495b4f
f4fcc79261acda8e1cb81b9fc6524ee560b60740b0cf8107308dc82750dc079a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F4FCC79261ACDA8E1CB81B9FC6524EE560B60740B0CF8107308DC82750DC079A"
Last-Modified: Sat, 29 Jun 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9615
Expires: Mon, 01 Jul 2024 20:54:20 GMT
Date: Mon, 01 Jul 2024 18:14:05 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.143

504 B

URL
r10.o.lencr.org/
IP
2.16.206.143:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cbf18fc0b8495e9002d75d18377ee564
26efedcb55b771589d559b798261c86a87c0b313
3358d5f916c82bb4d1a67b717d2a280302e3f54a687893b0c2556c93616cbdfb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3358D5F916C82BB4D1A67B717D2A280302E3F54A687893B0C2556C93616CBDFB"
Last-Modified: Sat, 29 Jun 2024 16:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9655
Expires: Mon, 01 Jul 2024 20:55:00 GMT
Date: Mon, 01 Jul 2024 18:14:05 GMT
Connection: keep-alive

www2.megawebfind.com/search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812

45.33.2.79

667 B

URL
www2.megawebfind.com/search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812
IP
45.33.2.79:0
ASN
#63949 Akamai Connected Cloud

File type
HTML document, ASCII text, with very long lines (461)
Size
667 B (667 bytes)
Hash
d60959a2feaa1222bcac574bfe8124c7
fe827964c2d0fda5ae7d879434cfcf14be1210b7
b3fc9b611b33f32cb602fcb9a4bd055f4d0f94459afc0c06b538436323bd7f4b

Detections

NIDS	Severity	Alert
suricata	medium	ETPRO ADWARE_PUP Win32/Unruy.C Activity

HTTP Headers

GET /search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812 HTTP/1.1
Host: www2.megawebfind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Mon, 01 Jul 2024 18:14:06 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close

www2.megawebfind.com/search.php?gp=1&js=1&uuid=1719857646.0055374715&other_args=eyJ1cmkiOiAiL3NlYXJjaC5waHAiLCAiYXJncyI6ICJxPTEyMzQuMTAyNy4yNzUuNDA5Ni4wLjljMzY0YmE2ZmNiZWMzNWIyNGQwMzc2NzliZDJiZjllMGIzN2QzNDY2YWIzOTkwZmQzMTU2ZjMzMjZhNzU2ZjAuMS4xNDU3MTgxMiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9

198.58.118.167

0 B

URL
www2.megawebfind.com/search.php?gp=1&js=1&uuid=1719857646.0055374715&other_args=eyJ1cmkiOiAiL3NlYXJjaC5waHAiLCAiYXJncyI6ICJxPTEyMzQuMTAyNy4yNzUuNDA5Ni4wLjljMzY0YmE2ZmNiZWMzNWIyNGQwMzc2NzliZDJiZjllMGIzN2QzNDY2YWIzOTkwZmQzMTU2ZjMzMjZhNzU2ZjAuMS4xNDU3MTgxMiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
IP
198.58.118.167:0
ASN
#63949 Akamai Connected Cloud

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search.php?gp=1&js=1&uuid=1719857646.0055374715&other_args=eyJ1cmkiOiAiL3NlYXJjaC5waHAiLCAiYXJncyI6ICJxPTEyMzQuMTAyNy4yNzUuNDA5Ni4wLjljMzY0YmE2ZmNiZWMzNWIyNGQwMzc2NzliZDJiZjllMGIzN2QzNDY2YWIzOTkwZmQzMTU2ZjMzMjZhNzU2ZjAuMS4xNDU3MTgxMiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: www2.megawebfind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www2.megawebfind.com/search.php?q=1234.1027.275.4096.0.9c364ba6fcbec35b24d037679bd2bf9e0b37d3466ab3990fd3156f3326a756f0.1.14571812
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Mon, 01 Jul 2024 18:14:07 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www42.megawebfind.com
referrer-policy: no-referrer
vary: Accept-Language
content-language: en
connection: close

r10.o.lencr.org/

2.16.206.148

504 B

URL
r10.o.lencr.org/
IP
2.16.206.148:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Mon, 01 Jul 2024 19:17:57 GMT
Date: Mon, 01 Jul 2024 18:14:07 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.148

504 B

URL
r10.o.lencr.org/
IP
2.16.206.148:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Mon, 01 Jul 2024 19:17:57 GMT
Date: Mon, 01 Jul 2024 18:14:07 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.148

504 B

URL
r10.o.lencr.org/
IP
2.16.206.148:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Mon, 01 Jul 2024 19:17:57 GMT
Date: Mon, 01 Jul 2024 18:14:07 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.148

504 B

URL
r10.o.lencr.org/
IP
2.16.206.148:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Mon, 01 Jul 2024 19:17:57 GMT
Date: Mon, 01 Jul 2024 18:14:07 GMT
Connection: keep-alive

r10.o.lencr.org/

2.16.206.143

504 B

URL
r10.o.lencr.org/
IP
2.16.206.143:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c4b71305103f33b56dd398fb1f3fa9fe
6237cf96ced2a5d69a73769180ae8250221727ea
4120fbb0536a3608210c487750025bea2ff87804924732c527207e00add13a34

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4120FBB0536A3608210C487750025BEA2FF87804924732C527207E00ADD13A34"
Last-Modified: Sun, 30 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7738
Expires: Mon, 01 Jul 2024 20:23:05 GMT
Date: Mon, 01 Jul 2024 18:14:07 GMT
Connection: keep-alive

www42.megawebfind.com/

15.197.204.56

114 B

URL
www42.megawebfind.com/
IP
15.197.204.56:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
114 B (114 bytes)
Hash
e89f75f918dbdcee28604d4e09dd71d7
f9d9055e9878723a12063b47d4a1a5f58c3eb1e9
6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

HTTP Headers

GET / HTTP/1.1
Host: www42.megawebfind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 01 Jul 2024 18:14:08 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive

www42.megawebfind.com/lander

15.197.204.56

200 OK

620 B

URL User Request GET HTTP/1.1
www42.megawebfind.com/lander
IP
15.197.204.56:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (619)
Size
620 B (620 bytes)
Hash
e5a8ca1f2a041d7a930c8357517780f5
58c44a2601ee13fb5bdc7568312ae795311ba647
8f5c7a7be85bf36d0bbaaf49aab5f4e96fd48f64bd29bcaef141b05bbd796afc

HTTP Headers

GET /lander HTTP/1.1
Host: www42.megawebfind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www42.megawebfind.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 01 Jul 2024 18:14:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=86400
Set-Cookie: expiry_partner=; Path=/; Max-Age=86400
caf_ipaddr=91.90.42.154; Path=/; Max-Age=86400
country=NO; Path=/; Max-Age=86400
city=Oslo; Path=/; Max-Age=86400
lander_type=parking; Path=/; Max-Age=86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_foRXYDbeMWeiKRPoaFduGCfVJjjbJ8OgFK9uY0eOAQ7k76vbU5foYGWLTp9z9Z/2rZVK2ZmvM5Zn1mIg+cbesg
X-Content-Type-Options: nosniff

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e04068fa748dbc0afc80a33888e8f22d
2d600bd42a7554c7298404fd5fc603fdfcd9c1f0
f4f38ca3be4aed87d361f2045ef747bbfb9d7b3f743664d4169ae229558f0e6a

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 Jul 2024 18:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

btloader.com/tag?o=5097926782615552&upapi=true

104.22.74.216

200 OK

19 kB

URL GET HTTP/2
btloader.com/tag?o=5097926782615552&upapi=true
IP
104.22.74.216:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerGoogle Trust Services
Subjectbtloader.com
Fingerprint57:4E:02:4C:1F:5B:69:D5:23:7A:5D:7E:3C:A7:E2:85:4A:75:A1:FB
ValidityWed, 12 Jun 2024 07:44:00 GMT - Tue, 10 Sep 2024 07:43:59 GMT

File type
JavaScript source, ASCII text, with very long lines (57338)
Size
19 kB (19031 bytes)
Hash
7e19c6347cdabd74ac2c2d44a963bc57
312ab411365b07e7b25269f1c22f54dd546f4fb3
8a0e357439280756a7c553f4687e9f938add5439fcbfcf6f3decc8bd8034b7d4

HTTP Headers

GET /tag?o=5097926782615552&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 Jul 2024 18:14:08 GMT
content-type: application/javascript
content-length: 19031
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "c5fc6d9ebe5f7cb354657bc27b5b7d7b"
last-modified: Mon, 01 Jul 2024 17:37:10 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2068
accept-ranges: bytes
server: cloudflare
cf-ray: 89c85fc0cb381cc6-AMS
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/static/css/main.11ce2ed9.css

2.16.206.209

200 OK

897 B

URL GET HTTP/2
img1.wsimg.com/parking-lander/static/css/main.11ce2ed9.css
IP
2.16.206.209:443
ASN
#20940 Akamai International B.V.

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
ASCII text, with very long lines (3093)
Size
897 B (897 bytes)
Hash
026c91fa8650832f37ed2db278bda1a9
dcb72f899002d061a6e6c221c5f665b6463da57f
82189c363ce1f29b1fa40ea1d8f91679009a4b0b89fe4f1a032dd3e8512d17a1

HTTP Headers

GET /parking-lander/static/css/main.11ce2ed9.css HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: +WuP/YNEf4exi+aWdnS6NAZFE/CHJCTujbhp2DajeXlOo0OTIdEsxvhHcH0VvLs+Xq6DPND+gI0Ao4T4O9kO0A==
x-amz-request-id: JTFKXHTT10VQW2PY
last-modified: Mon, 20 May 2024 21:18:12 GMT
etag: "026c91fa8650832f37ed2db278bda1a9"
x-amz-server-side-encryption: AES256
x-amz-version-id: lhJyFUmArkP9FgsTP3zHSJg83dr6jd.I
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Tue, 01 Jul 2025 18:14:08 GMT
date: Mon, 01 Jul 2024 18:14:08 GMT
content-length: 897
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/static/js/main.38adfcfa.js

2.16.206.209

200 OK

177 kB

URL GET HTTP/2
img1.wsimg.com/parking-lander/static/js/main.38adfcfa.js
IP
2.16.206.209:443
ASN
#20940 Akamai International B.V.

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65465)
Size
177 kB (177266 bytes)
Hash
cc57c721c0a3dc1788a997977930174b
9569a45b6308e3e2d37c96dc5f3322c27df00974
b51090c71e0b0f63cd1a9cecf294db582ee8ee5895e0bdf757dd590facd02974

HTTP Headers

GET /parking-lander/static/js/main.38adfcfa.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: fgZxaQR5qGs219Fw5P6PagHLSYUO4qMK4j43mlP3Jg4lgkgh2jrYN7O80XoYYHxmgOVfIQ82yADlWYoFXmeTYQ==
x-amz-request-id: JTFT32WH2AGFMVCS
last-modified: Mon, 20 May 2024 21:18:07 GMT
etag: "cc57c721c0a3dc1788a997977930174b"
x-amz-server-side-encryption: AES256
x-amz-version-id: p2fAWgjA0I.Fn.oscNhiscgy8J64Ukwu
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Tue, 01 Jul 2025 18:14:08 GMT
date: Mon, 01 Jul 2024 18:14:08 GMT
content-length: 177266
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1532f8bec1d945aefd54070b34d8e527
37a614eb7824d404ed5e33f0a8d8228eedca6a4f
28dc23c37335697644190de2ed80e7322cd872db5fb9bdf4bf140ba1580275cc

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 01 Jul 2024 18:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img1.wsimg.com/parking-lander/px.js?ch=1&abp=1&gdabp=true

2.16.206.209

200 OK

20 B

URL GET HTTP/2
img1.wsimg.com/parking-lander/px.js?ch=1&abp=1&gdabp=true
IP
2.16.206.209:443
ASN
#20940 Akamai International B.V.

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
20 B (20 bytes)
Hash
3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967

HTTP Headers

GET /parking-lander/px.js?ch=1&abp=1&gdabp=true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www42.megawebfind.com/
Origin: http://www42.megawebfind.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: xvksy58AL9/QJfQhK6Q1ELy6WS/gzBAOFL/gXpKS6/5WHoxkfkOqnHjwjH99bvSzu5XKK+TZWtum5D9Ixb8rGA==
x-amz-request-id: 773PENTY45JEH0SE
last-modified: Mon, 20 May 2024 21:18:13 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-amz-version-id: JX6heZYudFVdJz78gk0Q1mlS6OjQ02.M
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Tue, 01 Jul 2025 18:14:09 GMT
date: Mon, 01 Jul 2024 18:14:09 GMT
content-length: 20
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ad-delivery.net/px.gif?ch=1&e=0.2303425720222304

104.26.3.70

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=1&e=0.2303425720222304
IP
104.26.3.70:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:7B:E9:04:33:1C:DF:29:E9:50:5E:D0:2F:B3:E2:A9:85:F2:3A:6A
ValidityFri, 17 May 2024 08:39:03 GMT - Thu, 15 Aug 2024 08:39:02 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=1&e=0.2303425720222304 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 Jul 2024 18:14:09 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPovIz6nZtqULu9hGQBSVbC6_z8lEyamrIA64gM0CArHcTLURzj7EtelAkaCkOXM4KyL70M
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 01 Jun 2024 18:47:44 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2590323
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIsaCtL8MvDOBAQU0a3FDwvZiOb6KTZBkTup%2F5%2B23cA2I84Gti%2B3bhE3M3D%2Fv5zqIPYjcLOUdB%2FTyI7ckyoh9cPapbMAVkJ0p3%2BBnXZ5GRR%2BHP%2FhKsplo8vgGehNvpYBnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89c85fc2edf44e0f-HEL
X-Firefox-Spdy: h2

ad-delivery.net/px.gif?ch=2

104.26.3.70

200 OK

43 B

URL GET HTTP/2
ad-delivery.net/px.gif?ch=2
IP
104.26.3.70:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:7B:E9:04:33:1C:DF:29:E9:50:5E:D0:2F:B3:E2:A9:85:F2:3A:6A
ValidityFri, 17 May 2024 08:39:03 GMT - Thu, 15 Aug 2024 08:39:02 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 01 Jul 2024 18:14:09 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPovIz6nZtqULu9hGQBSVbC6_z8lEyamrIA64gM0CArHcTLURzj7EtelAkaCkOXM4KyL70M
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Sat, 01 Jun 2024 18:47:44 GMT
cache-control: public, max-age=86400
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 2590323
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHgeAVRL0T6Fi1OkFLZMFNS0jXyXFhxA3C5UBxAlcB4Zj0ovBLZv1vVaMg8%2BeWUwXlvV4bAQG5Uq840D1mYYGRc2giItxfkF2cLAp6TOJtn2n7crQn%2BUsVXqizNeI9a3aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 89c85fc2edf74e0f-HEL
X-Firefox-Spdy: h2

img1.wsimg.com/parking-lander/px.js?ch=2&abp=2&gdabp=true

2.16.206.209

200 OK

20 B

URL GET HTTP/2
img1.wsimg.com/parking-lander/px.js?ch=2&abp=2&gdabp=true
IP
2.16.206.209:443
ASN
#20940 Akamai International B.V.

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
FingerprintB7:FF:50:92:4F:A1:64:14:99:A1:DE:DB:55:C9:FA:92:78:6B:89:DD
ValidityTue, 19 Sep 2023 21:06:14 GMT - Sun, 20 Oct 2024 21:06:14 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size
20 B (20 bytes)
Hash
3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967

HTTP Headers

GET /parking-lander/px.js?ch=2&abp=2&gdabp=true HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www42.megawebfind.com/
Origin: http://www42.megawebfind.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: y/1NcBYw7JR12OuBjneysTj8BI8VOa6/v0KNnm5xVmSWhJuTyuoP44lpVv3l/lRqUFslD9K8orE=
x-amz-request-id: 038BSD7603YQEQTC
last-modified: Mon, 20 May 2024 21:18:13 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-amz-version-id: JX6heZYudFVdJz78gk0Q1mlS6OjQ02.M
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 20
cache-control: max-age=31536000
expires: Tue, 01 Jul 2025 18:14:09 GMT
date: Mon, 01 Jul 2024 18:14:09 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js?abp=1&gdabp=true

142.250.74.132

200 OK

74 kB

URL GET HTTP/2
www.google.com/adsense/domains/caf.js?abp=1&gdabp=true
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint7D:D9:03:2A:D5:D4:39:E1:4F:69:08:1C:64:E9:F9:16:1C:B1:5B:CF
ValidityThu, 13 Jun 2024 16:36:10 GMT - Thu, 05 Sep 2024 16:36:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2248)
Size
74 kB (74021 bytes)
Hash
d04d31176c5ce04911c40b58687be0e5
cfaa46cd7f9d5d9728125358313d37229e52e728
9a0f8a255013c3f7a1e5f016ee567038d4740a32a50c7e234a745aa9233b6849

HTTP Headers

GET /adsense/domains/caf.js?abp=1&gdabp=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www42.megawebfind.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 01 Jul 2024 18:14:08 GMT
expires: Mon, 01 Jul 2024 18:14:08 GMT
cache-control: private, max-age=3600
etag: "13913233142226540013"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.btloader.com/mw/state?bt_env=prod

130.211.23.194

204 No Content

0 B

URL GET HTTP/2
api.btloader.com/mw/state?bt_env=prod
IP
130.211.23.194:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
http://www42.megawebfind.com/lander
Certificate
IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint20:6D:74:AC:C1:C1:4A:1D:EA:AE:6D:51:9C:75:ED:A3:CE:86:87:16
ValidityTue, 04 Jun 2024 03:45:50 GMT - Mon, 02 Sep 2024 04:40:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www42.megawebfind.com/
Origin: http://www42.megawebfind.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Mon, 01 Jul 2024 18:14:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP