Report - megafile.cc/o7xV/dx9.zip

Report Overview

Submitted URL
megafile.cc/o7xV/dx9.zip
IP
138.201.48.112
ASN
#24940 Hetzner Online GmbH
Submitted
2022-12-02 21:14:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	479 B	37.48.68.71
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	11 kB	104.22.32.172
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	12 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.219.22
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	740 B	139.45.195.8
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
megafile.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.5 kB	558 kB	138.201.48.112
betotodilea.com	52465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	47 kB	139.45.197.237
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	9.4 kB	172.67.194.45
ibrapush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	37 kB	139.45.197.250
nanouwho.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	4.5 kB	139.45.197.242
interstitial-07.com	36198	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	55 kB	139.45.197.155
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	272 kB	104.17.25.14
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	19 kB	151.101.1.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
onmarshtompor.com	24517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	968 B	8.5 kB	139.45.197.243
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	464 B	694 B	139.45.197.236
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.5 kB	93.184.220.29
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	7.7 kB	104.16.125.175
iclickcdn.com	45415	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	50 kB	104.26.12.118
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
bedrapiona.com	34930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	9.6 kB	139.45.197.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	datatechonert.com	Sinkholed
2022-12-02	medium	nanouwho.com	Sinkholed
2022-12-02	medium	nanouwho.com	Sinkholed
2022-12-02	medium	unphionetor.com	Sinkholed
2022-12-02	medium	nanouwho.com	Sinkholed

JavaScript (28)

	URL	Size	First Seen	Last Seen
	http:text/javascript,document.write(new%20Date().getFullYear())	40 B	2023-03-07	2024-05-01
Pretty URL http:text/javascript,document.write(new%20Date().getFullYear()) IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-05-01 21:43:23 Times Seen4738 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	nanouwho.com/27/1ead059fa749da4c72410ffa55976f24	378 kB	2023-03-08	2023-03-08
Pretty URL nanouwho.com/27/1ead059fa749da4c72410ffa55976f24 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:07 Last Seen2023-03-08 20:42:03 Times Seen1 Hash 0b37e612c098521516914072fa16c7c7 6fec216f8411caa41343bb7dbb07c04428f1032a 1a6741dfc2e7f89ed84dc85f08cac840d76295c1a4e695300cd04da4a6fe87ec Loading...

	interstitial-07.com/?l=acXbRwOX8yoOYL9&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3897039392%26z%3D4250688%26b%3D12985558%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dx1fmlozB_vVjMMq6i-r4lUV4-K2-43yOdTb6aeg0ng8vIcghpMmR4Q2nnkKNd_kPgnwZlEMvXClHVgmcrTGgOxs4LMJQv9cc_se-ipjokWL8kzIt7n7j9FZ1fLA7-jhhJmGWAGucHB96oLbStdadFLtNgSufsGBlM4tlgsObgZdySQGXD_7BDqPU2nLIlGM6geVcMa8saLOg0Oa-_OKOmOsMnYZIXQzsM1SkGiWsbXy84aFFuwjueecNqImb0SlFmr7WyRJuOWVrQ_t8NR5eRVqxVbfVBf5ITSjlb9hR0kTta851ycfZFefbWVwHOCVQZwEid8jn85yUzijK_8Iv2zTmK0egWextMha4brabw7XbLEXlxJI4dtm3d7QDzOlGGYa4V9JtN7Gbbt2ZMuLBQLfUenZhmQwfTgU1OkzipfBbXGxrPJNqPrXgRJUfPRXqwdmRJ1qA1WDoECPwTdGRuj2uqIuhaoyfEdNzIzLpa9HQmibKDEVtR6vHfxmVpp0aUkmtSa6Lrv11Cvp5DzCCFOS7sYBDYLOMAvRNo47_eDfZwwJ7v34qiAfz0t1JhEmKhQK_ICQkPKnth-bpfU3Uewdlj8lpCGdtgSi0NTwTqD8ZFjYKJHrp2IfgDot3CLSB8z3PuXweq8Jk8kb4eCirjQ%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D66e4aecb-f2d7-4bf0-9a1e-c900adc7b219%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmegafile.cc%252Fo7xV%252Fdx9.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1	1.4 kB	2023-03-08	2023-03-08
Pretty URL interstitial-07.com/?l=acXbRwOX8yoOYL9&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3897039392%26z%3D4250688%26b%3D12985558%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dx1fmlozB_vVjMMq6i-r4lUV4-K2-43yOdTb6aeg0ng8vIcghpMmR4Q2nnkKNd_kPgnwZlEMvXClHVgmcrTGgOxs4LMJQv9cc_se-ipjokWL8kzIt7n7j9FZ1fLA7-jhhJmGWAGucHB96oLbStdadFLtNgSufsGBlM4tlgsObgZdySQGXD_7BDqPU2nLIlGM6geVcMa8saLOg0Oa-_OKOmOsMnYZIXQzsM1SkGiWsbXy84aFFuwjueecNqImb0SlFmr7WyRJuOWVrQ_t8NR5eRVqxVbfVBf5ITSjlb9hR0kTta851ycfZFefbWVwHOCVQZwEid8jn85yUzijK_8Iv2zTmK0egWextMha4brabw7XbLEXlxJI4dtm3d7QDzOlGGYa4V9JtN7Gbbt2ZMuLBQLfUenZhmQwfTgU1OkzipfBbXGxrPJNqPrXgRJUfPRXqwdmRJ1qA1WDoECPwTdGRuj2uqIuhaoyfEdNzIzLpa9HQmibKDEVtR6vHfxmVpp0aUkmtSa6Lrv11Cvp5DzCCFOS7sYBDYLOMAvRNo47_eDfZwwJ7v34qiAfz0t1JhEmKhQK_ICQkPKnth-bpfU3Uewdlj8lpCGdtgSi0NTwTqD8ZFjYKJHrp2IfgDot3CLSB8z3PuXweq8Jk8kb4eCirjQ%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D66e4aecb-f2d7-4bf0-9a1e-c900adc7b219%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmegafile.cc%252Fo7xV%252Fdx9.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash d1accfd705204e0a24a3da8696b9d609 72f6c6052ba8c297ff999814bee412e1b71e31c1 fa45924b4611a247cd3264f38b170afe2559793886ec84508d7201ca15ac8054 Loading...

	http:text/javascript,window.pagespeed.psatemp%3D0%3B	27 B	2023-03-07	2024-04-30
Pretty URL http:text/javascript,window.pagespeed.psatemp%3D0%3B IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-30 12:13:22 Times Seen259 Hash f86030401d659579ca9f2dca91d7d691 bc05f88ca4d9dce8d78d6d39a3eed592ed714998 6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9 Loading...

	http:text/javascript,let%20mode%3D'light'%3Blet%20theme%3DlocalStorage.getItem(%22theme%22)%3Bif(theme%3D%3Dnull)%7Bif(mode%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7D%7Delse%7Bif(theme%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7Delse%7B%24('.theme').removeClass('dark')%3B%7D%7D	213 B	2023-03-07	2023-08-29
Pretty URL http:text/javascript,let%20mode%3D'light'%3Blet%20theme%3DlocalStorage.getItem(%22theme%22)%3Bif(theme%3D%3Dnull)%7Bif(mode%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7D%7Delse%7Bif(theme%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7Delse%7B%24('.theme').removeClass('dark')%3B%7D%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-08-29 21:14:02 Times Seen131 Hash ccea0e1846102f4f1ed17644f6c6baa6 e43c87b583bef9f3e325ab7bf9ccf4a1f80bc35a e84714cb230edad68ac36e473976e94ca40d378d53fc1b7b539c03879f7ab887 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js	19 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-01 22:57:29 Times Seen2376 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js	6.8 kB	2023-03-08	2024-04-25
Pretty URL unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2024-04-25 20:59:34 Times Seen654 Hash 5ab1c9fe6f2ca02b78083699d8109be5 99aa73a69b0ee070162ff7a2a8b70005ebb48565 845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b Loading...

	unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js	7.4 kB	2023-03-07	2024-02-08
Pretty URL unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-02-08 07:46:02 Times Seen604 Hash 6170d2a086cb1d5769c6fd1f76edf99b d61c541caceb4e5deb35d8642702b89091a8bb42 6fc678b64782a17a266b5675e195be5956efd7513fd228143901b427983df928 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	64 kB	2023-03-08	2023-10-27
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:01 Last Seen2023-10-27 14:14:13 Times Seen16 Hash 17b4fbe7defc316f6eb2b3a82ed6d8c5 59894a7d4ba0aecf545434b4913c9288db8ef589 b76533851af891a27433d6ed3ab58ad54b9af660d3655ad7cae0bd951b6a0309 Loading...

	betotodilea.com/400/4250687	83 kB	2023-03-08	2023-03-08
Pretty URL betotodilea.com/400/4250687 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash 59742d41eb4cd9fff834233f59353342 457d89433eeb95dc5508628453606314e592d43e 21625c94e717b3ee961bb3a1b2f179627af65f3da30374e7fbbc307b4b9806e0 Loading...

	megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js	12 kB	2023-03-07	2024-04-30
Pretty URL megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-30 12:13:22 Times Seen474 Hash 2387078eae8410f7e540e3866bcb2fda 324d38dcb7f7bcb16b355b6afdbbc87bd089422d 59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js	59 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-01 22:57:29 Times Seen3312 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	http:text/javascript,(function(s%2Cu%2Cz%2Cp)%7Bs.src%3Du%2Cs.setAttribute('data-zone'%2Cz)%2Cp.appendChild(s)%3B%7D)(document.createElement('script')%2C'https%3A%2F%2Ficlickcdn.com%2Ftag.min.js'%2C4250690%2Cdocument.body%7C%7Cdocument.documentElement)	193 B	2023-03-07	2023-06-27
Pretty URL http:text/javascript,(function(s%2Cu%2Cz%2Cp)%7Bs.src%3Du%2Cs.setAttribute('data-zone'%2Cz)%2Cp.appendChild(s)%3B%7D)(document.createElement('script')%2C'https%3A%2F%2Ficlickcdn.com%2Ftag.min.js'%2C4250690%2Cdocument.body%7C%7Cdocument.documentElement) IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:39 Last Seen2023-06-27 15:25:24 Times Seen7 Hash c092bf52889e0079ec60a2528584cb55 5c22cdd0d2d1415cd556081059732cc539b9615f b14e51a0b832914deed2152dbba7972822426ef5d05866fe24e0e8205946391f Loading...

	http:text/javascript,var%20sTime%3Dnew%20Date().getTime()%3Bvar%20countDown%3D10%3Bfunction%20UpdateCountDownTime()%7Bvar%20cTime%3Dnew%20Date().getTime()%3Bvar%20diff%3DcTime-sTime%3Bvar%20timeStr%3D''%3Bvar%20seconds%3DcountDown-Math.floor(diff%2F1000)%3Bif(seconds%3E%3D0)%7Bvar%20hours%3DMath.floor(seconds%2F3600)%3Bvar%20minutes%3DMath.floor((seconds-(hours3600))%2F60)%3Bseconds-%3D(minutes60)%3Bif(seconds%3CcountDown)%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Delse%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Ddocument.getElementById(%22download%22).innerHTML%3D'%3Cbutton%20id%3D%22download_file%22%20class%3D%22download_file%20btn%20btn-secondary%20btn%20disabled%22%3EPlease%20wait%20%3Cstrong%3E'%2BtimeStr%2B'%3C%2Fstrong%3E%20seconds%3C%2Fbutton%3E'%3B%7Delse%7B%24('.download_file').remove()%3B%24('%23download').append('%3Ca%20href%3D%22https%3A%2F%2Fmegafile.cc%2Fdl%2F17c8744b-c839-4fe7-bd2f-e068e1085b2a%22%20download%3D%22Dx9.zip%22%20class%3D%22btn%20btn-info%22%3EDownload%20(2.87%20MB)%3C%2Fa%3E')%3BclearInterval(counter)%3B%7D%7DUpdateCountDownTime()%3Bvar%20counter%3DsetInterval(UpdateCountDownTime%2C500)%3Bconst%20swalWithBootstrapButtons%3DSwal.mixin(%7BcustomClass%3A%7BconfirmButton%3A'btn%20btn-falcon-info%20m-1'%2CcancelButton%3A'btn%20btn-falcon-danger%20m-1'%2Cinput%3A'text-dark'%7D%2CbuttonsStyling%3Afalse%7D)%0A%24(document).on('click'%2C'.qrcode'%2Cfunction(e)%7Be.preventDefault()%3Bvar%20link%3D%24(this).data('link')%3BswalWithBootstrapButtons.fire(%7BimageUrl%3Alink%2CshowCancelButton%3Afalse%2Cbackground%3A'%23121e2d'%2C%7D)%3B%7D)%3B	1.2 kB	2023-03-08	2023-03-08
Pretty URL http:text/javascript,var%20sTime%3Dnew%20Date().getTime()%3Bvar%20countDown%3D10%3Bfunction%20UpdateCountDownTime()%7Bvar%20cTime%3Dnew%20Date().getTime()%3Bvar%20diff%3DcTime-sTime%3Bvar%20timeStr%3D''%3Bvar%20seconds%3DcountDown-Math.floor(diff%2F1000)%3Bif(seconds%3E%3D0)%7Bvar%20hours%3DMath.floor(seconds%2F3600)%3Bvar%20minutes%3DMath.floor((seconds-(hours3600))%2F60)%3Bseconds-%3D(minutes60)%3Bif(seconds%3CcountDown)%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Delse%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Ddocument.getElementById(%22download%22).innerHTML%3D'%3Cbutton%20id%3D%22download_file%22%20class%3D%22download_file%20btn%20btn-secondary%20btn%20disabled%22%3EPlease%20wait%20%3Cstrong%3E'%2BtimeStr%2B'%3C%2Fstrong%3E%20seconds%3C%2Fbutton%3E'%3B%7Delse%7B%24('.download_file').remove()%3B%24('%23download').append('%3Ca%20href%3D%22https%3A%2F%2Fmegafile.cc%2Fdl%2F17c8744b-c839-4fe7-bd2f-e068e1085b2a%22%20download%3D%22Dx9.zip%22%20class%3D%22btn%20btn-info%22%3EDownload%20(2.87%20MB)%3C%2Fa%3E')%3BclearInterval(counter)%3B%7D%7DUpdateCountDownTime()%3Bvar%20counter%3DsetInterval(UpdateCountDownTime%2C500)%3Bconst%20swalWithBootstrapButtons%3DSwal.mixin(%7BcustomClass%3A%7BconfirmButton%3A'btn%20btn-falcon-info%20m-1'%2CcancelButton%3A'btn%20btn-falcon-danger%20m-1'%2Cinput%3A'text-dark'%7D%2CbuttonsStyling%3Afalse%7D)%0A%24(document).on('click'%2C'.qrcode'%2Cfunction(e)%7Be.preventDefault()%3Bvar%20link%3D%24(this).data('link')%3BswalWithBootstrapButtons.fire(%7BimageUrl%3Alink%2CshowCancelButton%3Afalse%2Cbackground%3A'%23121e2d'%2C%7D)%3B%7D)%3B IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash 37e11b0945837ca7353ed57a4fbe65a0 b5550a664f6f012f7af6ce6f71d2cca5a4ef03a8 3b0d3c10a8b88a2860602deedb275017ae6d9bb23f8cf9ae7c18701ca0c107be Loading...

	nanouwho.com/1?z=4250688	17 kB	2023-03-08	2023-03-08
Pretty URL nanouwho.com/1?z=4250688 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash 07651dd168212e0b4be6a3c6ef9366c4 466868085cb1639101760337064a64eff15fb9ec 89ba56b84a6d6c0939428c9ec1b0d40a946f91ef1cce7290a9ff3980100587a5 Loading...

	megafile.cc/o7xV/dx9.zip	103 B	2023-03-08	2023-03-08
Pretty URL megafile.cc/o7xV/dx9.zip IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash 86b6af9015d22216ba2e9bb730436bc8 c4fad08a5d0ac180ba7b5cfc13f028c2e6aac2ad 622540e11b5df7e0017edb15e32c2bafea4de33bd6482bbd9d9e458005107a9d Loading...

	megafile.cc/o7xV/dx9.zip	102 kB	2023-03-08	2023-03-11
Pretty URL megafile.cc/o7xV/dx9.zip IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:13 Last Seen2023-03-11 23:52:37 Times Seen1 Hash 4224657dcd443a3bd29476e92ab48558 d237d75a44e44df6826a0f3fe76a848de0599070 e3abef6168f06a92edfc05945cd2336f3ba3bb2719c3380393ec498e755c97fb Loading...

	cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js	118 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-25 20:59:34 Times Seen1060 Hash 516f35ea42aa797b3b106a8f108edb88 9b1313b221c5d59835c31da0327f4273a2647174 9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-01 23:40:01 Times Seen264398 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js	11 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:42 Last Seen2024-04-30 02:02:33 Times Seen708 Hash 27784b7376dd992368c71b6c5559f358 f86d2ac408c4de0d5281cf91d6ddfb93e5e5d2ff 11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a Loading...

	megafile.cc/js/site.js	6.5 kB	2023-03-07	2023-12-13
Pretty URL megafile.cc/js/site.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-12-13 20:16:01 Times Seen190 Hash 643fea0198e4fb9e271ddd811cf34f68 0d8277c1cde619b82a6867bc17cfdbbcd6674a46 f68f8db8d8fe95d02e60e2f4f97c74e4eb521d845cee1c7d53bec6159dc92ad5 Loading...

	megafile.cc/sw.js	5.2 kB	2023-03-07	2023-06-27
Pretty URL megafile.cc/sw.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:39 Last Seen2023-06-27 15:25:24 Times Seen13 Hash 6f46986d6263ef4723170b6ac178d850 d7018ec249cbb6ec6117b66011b0c2de3733d445 94f76eaf36e004dbb0c87a78f6dcf238093a08ac326d4a2d1ab2cbe6ab010f57 Loading...

	iclickcdn.com/tag.min.js	74 kB	2023-03-08	2023-03-11
Pretty URL iclickcdn.com/tag.min.js IP 104.26.12.118 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-11 23:52:23 Times Seen1 Hash 22ea5bbff2ad5fd14b876323ab363c6c 51eda66a5d7bd98e9593dca658acac8bee82802f 726e5d034e79cb6b2613c2ec17b17629247672dff00ca1d9dc7c78fc90c53c4c Loading...

	ibrapush.com/pfe/current/tag.min.js?z=4250689	15 kB	2023-03-08	2023-03-11
Pretty URL ibrapush.com/pfe/current/tag.min.js?z=4250689 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:13 Last Seen2023-03-11 23:52:36 Times Seen1 Hash 191ea99ed07a7fe90b457168edd25141 0ace741f1e05b34e1e266360de25d4c29facd2e1 f28c7f29111515de23861d74072c7f60e4a06965c91476e8d7d3409062d9d358 Loading...

	unphionetor.com/fv.js?t=72747&cb=159470976	5.2 kB	2023-03-07	2024-05-01
Pretty URL unphionetor.com/fv.js?t=72747&cb=159470976 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-01 20:43:35 Times Seen2366 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 56cec86d2062369c1181696d8e57079d	42 B	2023-03-07	2023-12-17
Pretty Observations First Seen2023-03-07 01:23:52 Last Seen2023-12-17 23:38:32 Times Seen150 Hash 56cec86d2062369c1181696d8e57079d a829bc3ec7acab468fc649127853881751b2e61d 2477b814b8ad1a91f87132c07e73e884d9448987538b5be15f5292327cbbca6f Loading...

	#2 Eval - 53187fc31db072721463487b004d6f74	80 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 14:46:17 Last Seen2023-03-08 14:46:17 Times Seen1 Hash 53187fc31db072721463487b004d6f74 19c1f0e167d3f7e798abfffbaef1db1b1b882d91 0077be3003bebfdef858225e68a0d1c80e82ead0a74976813c9cbc61b0a39414 Loading...

HTTP Transactions (76)

URL IP Response Size

megafile.cc/o7xV/dx9.zip

138.201.48.112

301 Moved Permanently

162 B

URL HTTP/1.1
megafile.cc/o7xV/dx9.zip
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /o7xV/dx9.zip HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 21:14:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megafile.cc/o7xV/dx9.zip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:27 GMT
Last-Modified: Fri, 02 Dec 2022 20:31:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12325
Expires: Sat, 03 Dec 2022 00:39:52 GMT
Date: Fri, 02 Dec 2022 21:14:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 20:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3270
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10008
Expires: Sat, 03 Dec 2022 00:01:15 GMT
Date: Fri, 02 Dec 2022 21:14:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: SxSqd15e5pWSg4eUrepHoNAwqPUC86ix0znRDCfWxjkdJc+OXaUjS79CLO+86LNan6DelLT6PTE=
x-amz-request-id: 6YXD1FQQVP6FA075
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 20:46:15 GMT
age: 1692
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 21:08:57 GMT
cache-control: public,max-age=3600
age: 330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

megafile.cc/css/theme.min.css

138.201.48.112

200 OK

75 kB

URL HTTP/2
megafile.cc/css/theme.min.css
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
75 kB (74764 bytes)
Hash
65c31d311ae68e4aabece34b7545367b
7e4f7469233e4d26c716c6f8630e1d83a4625d20
6f3f8aa982c4b3661a2d02193f0b21b313a408076802980ea8662dcd6b42eee5

HTTP Headers

GET /css/theme.min.css HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/css
etag: W/"617251c2-921fb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Dec 2022 16:07:37 GMT
vary: Accept-Encoding
x-original-content-length: 598523
content-encoding: gzip
content-length: 74764
cache-control: max-age=315360000, s-maxage=10
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=131680
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:28 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:49:08 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css

104.17.25.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with very long lines (17282)
Size
2.9 kB (2934 bytes)
Hash
78aabb09e30a9eb6f833cbb1b48bdb2e
e876ff16b6c511bc217973e51202aaaf23a4e936
8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae

HTTP Headers

GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 809358
expires: Wed, 22 Nov 2023 21:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQc7qEbD0LIQLeFm0X0kVjo%2FhnKY2uLKMTJBEJ%2B59IQura5%2FiViIIfAy6j9t7sU4ECmd6VR3a2a5G785zXG9wKQ%2BYEFMbVAtp%2FH3QXk6cMvXs2lQHXNaYWJs5ar1tkCbLDyq87fT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773712855e030b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

104.17.25.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65345)
Size
14 kB (14374 bytes)
Hash
642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10895586
expires: Wed, 22 Nov 2023 21:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGaft5ImX6wdFvEXt96gSt%2F4t0nOsTMthrretkt4tpLNa61DCgnKz6vYVv8CAsf8DbrYFsriq0Xk3YdarBP4wQlPMW5q6GKjaYFuvmxD2ZCjyD42O2fhxxSZbhhSklTIEV6%2BqAPe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7737128559a1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megafile.cc/img/logo-mega-info.webp

138.201.48.112

200 OK

48 kB

URL HTTP/2
megafile.cc/img/logo-mega-info.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
48 kB (47744 bytes)
Hash
24b5e70e71e83c8c562ac2d40374fea0
b6679e95ff055f03b9f3cd01b42266e75e491447
fa36bc0ece4ea1b26647c9f1ec5f22558d000e32549edfbba2089e866f83ae72

HTTP Headers

GET /img/logo-mega-info.webp HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 47744
etag: "629bc4a3-ba80"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Dec 2022 21:10:49 GMT
expires: Fri, 02 Dec 2022 21:15:49 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2885bbd026e7dd91d125ebacade4dfbd
b56acda4fe3304578f5cf53ee2146158c0103298
59fcaf6a614e40c998e7ed1300ce9017daf8f46900776e3291f4ef105ae371f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2447
Cache-Control: max-age=152484
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:28 GMT
Etag: "638a11c9-118"
Expires: Sun, 04 Dec 2022 15:35:52 GMT
Last-Modified: Fri, 02 Dec 2022 14:55:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
2885bbd026e7dd91d125ebacade4dfbd
b56acda4fe3304578f5cf53ee2146158c0103298
59fcaf6a614e40c998e7ed1300ce9017daf8f46900776e3291f4ef105ae371f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2447
Cache-Control: max-age=152484
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:28 GMT
Etag: "638a11c9-118"
Expires: Sun, 04 Dec 2022 15:35:52 GMT
Last-Modified: Fri, 02 Dec 2022 14:55:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.1.229

200 OK

18 kB

URL HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43300)
Size
18 kB (18036 bytes)
Hash
d9da418805bd4bde053bcaeed574c2b8
539ce9c1b8ebe1e176b1272f36553c50a49e3895
9c20ee20412a3722b10b67c4948f91fa28132f1fe97e2921a54f1216647b1cf7

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.15
x-jsd-version-type: version
etag: W/"fb4e-WYlKfUugrs9UVDS0kTySiNuO9Yk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 21:14:28 GMT
age: 32415
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18036
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.219.22

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.219.22:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QzZT+8ky1PbpBeT+Jw5bgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8b1APt6hgtjKLVgoDuHIzvPi514=

cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js

104.17.25.14

200 OK

6.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18706)
Size
6.0 kB (6037 bytes)
Hash
3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d

HTTP Headers

GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 52368
expires: Wed, 22 Nov 2023 21:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzL7alCwiGSUUQ8lXCjfg2OYg1vWEIpFTJunuz2ZbxGk8rOpqgdk7JxWou4OcwquBz4cSCTAHFfgE01iidIUs%2F1JGDC3WS4yqsrXO7idmqSX3LZIn%2B%2BZpdYJjmToXwERZaXLpIg5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773712873fd90b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js

104.17.25.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58940)
Size
15 kB (14584 bytes)
Hash
28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362

HTTP Headers

GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1397409
expires: Wed, 22 Nov 2023 21:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMyKrnbj0tlfgQ1TbrNQyYsE7ZhWJRgibEC6Wd0H11QVJ9wWIsFgBisvbcJcKGsuRRptY4V5tLlkLXYhKvrFVo%2FS%2F6KS9FhKqDPKc2QSejQK7t7KN58RN8PcfXidGsJyYb9Uldjy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773712874fec0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
a861d6c1d6ab321167367e5410ef912a
7d629d811aa5d91b37162b04804fb733970ee200
3fce32bf9e7f560a678b2aef656ef6909ce46dba67e380b55752cf26b8980948

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 21:14:28 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1B66FBF7F67FD32BE06F166BA41B86658FBDFFF1"
Expires: Sat, 03 Dec 2022 08:00:00 GMT
Last-Modified: Fri, 02 Dec 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1364
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773712876f1f0b31-OSL

megafile.cc/js/site.js

138.201.48.112

200 OK

2.0 kB

URL HTTP/2
megafile.cc/js/site.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5640)
Size
2.0 kB (1993 bytes)
Hash
a779d1605363c034784168e0553fee12
203adaeac5eec419f7bdf4ba6840c9378c9692e5
0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6

HTTP Headers

GET /js/site.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Fri, 02 Dec 2022 21:14:28 GMT
expires: Mon, 29 Nov 2032 16:04:12 GMT
cache-control: max-age=315341383
X-Firefox-Spdy: h2

megafile.cc/sw.js

138.201.48.112

200 OK

2.4 kB

URL HTTP/2
megafile.cc/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5209), with no line terminators
Size
2.4 kB (2363 bytes)
Hash
60024048781353f7bc51300aff2ef6f3
fc88d0f69d4a5eff9deed7f510ddc842308cb0cb
a6e21637c84e841563ca45be1191fb5a294d9bd11b64e90dca4b735ad6f6b707

HTTP Headers

GET /sw.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 5236
vary: Accept-Encoding
content-encoding: gzip
content-length: 2363
etag: W/"PSA-aj-b0aYbWJj70"
date: Fri, 02 Dec 2022 21:14:28 GMT
expires: Mon, 29 Nov 2032 16:07:38 GMT
cache-control: max-age=315341589
X-Firefox-Spdy: h2

megafile.cc/o7xV/dx9.zip

138.201.48.112

200 OK

247 kB

URL HTTP/2
megafile.cc/o7xV/dx9.zip
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1148)
Size
247 kB (247056 bytes)
Hash
fc19f2c9b55d07389e5a4be0ff4dee09
65256f51c636f5772ef7305a21c634d4a6e6a474
5134fc7ad65fb5e38308446cb1d41e1800ae9945909e967049267038e67e8cdf

HTTP Headers

GET /o7xV/dx9.zip HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; expires=Mon, 02-Jan-2023 21:14:27 GMT; Max-Age=2678400; path=/; samesite=lax
megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D; expires=Mon, 02-Jan-2023 21:14:27 GMT; Max-Age=2678400; path=/; httponly; samesite=lax
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Dec 2022 21:14:27 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js

104.16.125.175

200 OK

5.4 kB

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.4 kB (5411 bytes)
Hash
c8d37a3e1b5a377b360ce85832b01bab
dea47626553dbc49d1a6e0c53bcbf96902744229
fd3e1ccd282f0050d7455f848fd9d05a81afce276e2c82481eed637439fa4340

HTTP Headers

GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 17842621
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7737128bedbdb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4bfc2e9793ddc456322d579e5c4173ce
5e36a7ff4b24fc47a0e277ef15eeb5bdd9f80a81
292a80dd653a7d7d3a7c0bc1fa7f2b6a7f1bdff2dd599b362995c8875fd75e60

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: max-age=100645
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:29 GMT
Etag: "63893ee3-117"
Expires: Sun, 04 Dec 2022 01:11:54 GMT
Last-Modified: Thu, 01 Dec 2022 23:55:15 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

123 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 122760, version 768.66\012- data
Size
123 kB (122760 bytes)
Hash
d1bea16f470ff27ca26131a867131fda
c1e34985d239716f1f236b932f2ecf4fb4c167d2
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 122760
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-1df88"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 101730
expires: Wed, 22 Nov 2023 21:14:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oDun0jPQE81KNO6AEBNS1dEfl1o2XZGHzSoSU4Kd%2FrlPPqeEK%2FBdNilhRQLyqrVattO7dYf5IZHoB0fU98baHhD36redv3OSBHGIWM9N9fw6B4eIAEtiUX80qMCSmgD0Wr2K6zg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7737128d2e230b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

iclickcdn.com/tag.min.js

104.26.12.118

200 OK

48 kB

URL HTTP/2
iclickcdn.com/tag.min.js
IP
104.26.12.118:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48488 bytes)
Hash
15e3702e2804935ff8e097ceb7835146
fb861704ddf748047cf21a145d61578cd6d3c426
54316e56a99b2bdf126e8e143a3ccdc2cbaeaa038549ebc08b9ba4d3b6fd808f

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: b32d03b7214a2e7ff2fefb3615a54e08
cache-control: max-age=86400
last-modified: Thu, 01 Dec 2022 14:00:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 03 Dec 2022 06:04:07 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 54622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrOAiDKal7BHapy4zdWF%2Fh7pF0xQ9ZMS18rP4SluHCCDt9wwmUZsgAETvC8%2BxueZFQ%2BRSKDJSpFXEVwaSDljOd4KIWswEo1uZoCr5kelhVETN0av1gCnvHDz6uTPj4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737128cbf2c1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

105 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 105264, version 768.66\012- data
Size
105 kB (105264 bytes)
Hash
ef9332780500ea981e97dff51cc30669
4020ed1a099b98c421f09ceb9a92f4a1d8d5d9c8
ec372177b8e8df39d755e16551dfbbddcc53938ca52765fd730d0925885c964e

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105264
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-19b30"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 48632
expires: Wed, 22 Nov 2023 21:14:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJxSAYcQZhCkSGvwih5wohhyYoT9LKbAnfqQEjtEYdcsY3CAMrHeEtma%2Bn3FhTgc11Qdf2bKuMWcDNTtm76Qjfj1O8ZK5NrCfbYzizhMwtTvlFgSlCzn69OzH1SjWr4M3atu9bxF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7737128d4e470b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84b8b1043a96c760a6b85bc0b3265b85
d9f0338ffcd6cfb3c96bc66966b898d33162f204
e24a64d19f091946caed011ebcf469be2d35168aa12f90b02d9c1c9326afd867

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E24A64D19F091946CAED011EBCF469BE2D35168AA12F90B02D9C1C9326AFD867"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12537
Expires: Sat, 03 Dec 2022 00:43:26 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Sat, 03 Dec 2022 00:20:55 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Sat, 03 Dec 2022 00:20:55 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Sat, 03 Dec 2022 00:20:55 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 54821
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11402 bytes)
Hash
1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 84176
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6564 bytes)
Hash
58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 85182
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Sat, 03 Dec 2022 00:20:55 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 57254
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4834 bytes)
Hash
cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02EF3QEVKmEB2ikbGk9gzQq7_VMi00ufHUNRFTL8MpwJKaXQwdT8HA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:42:27 GMT
age: 63122
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6119
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:29 GMT
Last-Modified: Fri, 02 Dec 2022 19:32:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 37392
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
ae362dcfc36c65824b06b3a446b76018
80f0c3404430a097f1c013ca2691d93db7da3dc9
23af03564e7b0e00f5136a553591440f4dfe606515e0c8929f6f895f89e22273

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6093
Cache-Control: max-age=132363
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:14:29 GMT
Etag: "6389b4f3-116"
Expires: Sun, 04 Dec 2022 10:00:32 GMT
Last-Modified: Fri, 02 Dec 2022 08:18:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f096767caf45bd69af30f68d8c507657
d34449c54e15bd807141acda4b2ff56cf7448c8d
ac7763b62b265227a3004fc9ccaac8affe202e4556de67d649869f061fb75558

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC7763B62B265227A3004FC9CCAAC8AFFE202E4556DE67D649869F061FB75558"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5691
Expires: Fri, 02 Dec 2022 22:49:20 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9caeefc49be26de4b50c14df1aace81f
ef836496e49f843f0e4c2dc991c314aad13f0f2e
83203278dadec9319a72ccb142c413696d8bd09a25f1b6c8d1edef20405e90f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14339
Expires: Sat, 03 Dec 2022 01:13:28 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=50c1ad23c326478594f915fd8ee34184

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=50c1ad23c326478594f915fd8ee34184
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
0ca887956149a6db5544409df70835fe
2a791fb2ec54309dd57e395b25f185f55736701a
8b63e4fb7a5d53617ef704b142c491e339460b232beb06ff0e37d2298717f044

HTTP Headers

GET /gid.js?userId=50c1ad23c326478594f915fd8ee34184 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=50c1ad23c326478594f915fd8ee34184; expires=Sat, 02 Dec 2023 21:14:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b236a2114c2dc0510eddbb2792945ce2
f5c731f726a9295fac38f6e66d6efafceb5216bc
2051b04e443cc064016efe3a543d2e395bdefdcf9a59a95abaee6390a3566d97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2051B04E443CC064016EFE3A543D2E395BDEFDCF9A59A95ABAEE6390A3566D97"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11881
Expires: Sat, 03 Dec 2022 00:32:30 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8a001cda3ed7081e2ea0d307ab026fe
1ccc9a988da30f5be2e927fa2a3799df8455ca6e
d5b23def7946309a155cfcf140b869f3829fd69e1d4184451eed881c1e17720f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5B23DEF7946309A155CFCF140B869F3829FD69E1D4184451EED881C1E17720F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9383
Expires: Fri, 02 Dec 2022 23:50:52 GMT
Date: Fri, 02 Dec 2022 21:14:29 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 21:14:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=576527,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7737128f5de9fab4-OSL

ibrapush.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3=

139.45.197.250

200 OK

664 B

URL HTTP/2
ibrapush.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
61b8e425f14abb04a28256d7bbfcf9bb
8f5ef264bdfb8cee94436e1df0cebb6ffa55a0f3
7a54762394e3d98ad90830d3d762d0aa4243b6e1983f1c05948776c41a3bc82d

HTTP Headers

GET /zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: dd323129fb2ac84d1416ad9ff6a0fdb1
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

37.48.68.71

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 894
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 02 Dec 2022 21:14:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://megafile.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

megafile.cc/img/logo-mega-info.png

138.201.48.112

200 OK

179 kB

URL HTTP/2
megafile.cc/img/logo-mega-info.png
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 4167 x 4167, 8-bit/color RGBA, non-interlaced\012- data
Size
179 kB (179409 bytes)
Hash
2e0ba32bb3fad3ba8048f1bf5c697931
9abc4eec9254ec6dd28bd5493604a1fdd13e0895
bb5076513ee0effdab48ff5826a0e8f02b4eb03d4e04eef3e0ea157f2feffa23

HTTP Headers

GET /img/logo-mega-info.png HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 179409
etag: "629bc4a3-2bcd1"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Dec 2022 21:13:34 GMT
expires: Fri, 02 Dec 2022 21:18:34 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/universal.min.js?v=3.1.409

139.45.197.250

200 OK

34 kB

URL HTTP/2
ibrapush.com/pfe/current/universal.min.js?v=3.1.409
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33650 bytes)
Hash
27dbc9df5f7b9f6723da9d7d31e1965b
0eee744e9266f603b8d5f96138b8b8ed52105afc
01ac6547fa0f84f663bb7d35995044b1b299c10db46c8479177465f36df6309c

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-18c6c"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: application/json
Origin: https://megafile.cc
Content-Length: 371
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e5a9683c0c1bbbea08e36feb80e1efae
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: application/json
Origin: https://megafile.cc
Content-Length: 755
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b4f5f333306404ea1530472e88a0c38c
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c61048fc8ae0208df10083948aa72104
3132035aaa98bac4426dde98398141a64fc6142c
9af2cb015561f06c0b97749f3c4a6ab5175851c3cfe0f2c6aaafeb5a65f8a754

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AF2CB015561F06C0B97749F3C4A6AB5175851C3CFE0F2C6AAAFEB5A65F8A754"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4558
Expires: Fri, 02 Dec 2022 22:30:28 GMT
Date: Fri, 02 Dec 2022 21:14:30 GMT
Connection: keep-alive

betotodilea.com/500/4250687?excludes=&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4250687?excludes=&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4250687?excludes=&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=50c1ad23c326478594f915fd8ee34184

139.45.197.242

204 No Content

0 B

URL HTTP/2
nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=50c1ad23c326478594f915fd8ee34184
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=50c1ad23c326478594f915fd8ee34184 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

139.45.197.242

200 OK

2.6 kB

URL HTTP/2
nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=50c1ad23c326478594f915fd8ee34184
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (6339), with no line terminators
Size
2.6 kB (2646 bytes)
Hash
8c3c42e0513b01dcd0fcbd70638072e6
0caf6d958eb5291751fc8ad8409d3c5e5eb62bdb
ac43621365aeeda360632bc5954d1ff92cf458360e9a055e305a374619cd357b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=50c1ad23c326478594f915fd8ee34184 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 99
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=e938f6b18cbc4a0ea9cc0f93965e031d; oaidts=1670015669
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 17ab313640e485c5fcca864b8ef1ce10
access-control-expose-headers: X-Sc
set-cookie: OAID=50c1ad23c326478594f915fd8ee34184; expires=Sat, 02 Dec 2023 21:14:30 GMT; secure; SameSite=None
oaidts=1670015669; expires=Sat, 02 Dec 2023 21:14:30 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.457.0

139.45.197.234

200 OK

8.5 kB

URL HTTP/2
bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.457.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type
data
Size
8.5 kB (8497 bytes)
Hash
937210f18e3a8f686b02ef1b9a94fbcf
3d6c7878769cf415356f24b20cb0e65d23deed2d
174302fac8b56e92baf807901415424821884fc7532138ad1bdc4c1bfe31023f

HTTP Headers

GET /5/4250690/?oo=1&js_build=iclick-v1.457.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/json
x-trace-id: 76d81b229ebe25db02ea96fcb53056be
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=50c1ad23c326478594f915fd8ee34184; expires=Sat, 02 Dec 2023 21:14:29 GMT; path=/; secure; SameSite=None
oaidts=1670015669; expires=Sat, 02 Dec 2023 21:14:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg

104.22.32.172

200 OK

11 kB

URL HTTP/2
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP
104.22.32.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Size
11 kB (10853 bytes)
Hash
2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed

HTTP Headers

GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Sat, 03 Dec 2022 08:28:05 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 45985
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77371293d9bc09b7-ARN
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f59a14a9434a185f2aa79465a9fead4
e35939caa08ff547d32dd943c56698c004bd07e9
c08948d152cf98f4edde687b116593709eeedb20f662e78762d7c8fbec21611a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C08948D152CF98F4EDDE687B116593709EEEDB20F662E78762D7C8FBEC21611A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11530
Expires: Sat, 03 Dec 2022 00:26:40 GMT
Date: Fri, 02 Dec 2022 21:14:30 GMT
Connection: keep-alive

tzegilo.com/stattag.js

172.67.194.45

200 OK

8.6 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
8.6 kB (8570 bytes)
Hash
28e7f6d1ecd0f4fe7ae66f9a6eb0d4fd
3191d129e38c0d126abd70a10510641cafdecbfe
7d0d2596a3aebaf708241b946d5d29181c08a922147be268f3d8d26a28785fe6

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l%2BP0wa%2FAvFYCI8AHs5EO7kagTix32ryQqjiQuJVnF%2BMwTrq8flc7OfpQ4LFV4DSotf4K%2FWTa0j5UN9q7Mx7pVaFYVez0sWCBJcdt4ewEMAdXkPLBrUIzzKCw7VOjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737128e8a3afac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce4664ff78f43f330fe8110c920f96c8
8d95283944a9217b18b8aeb68c17992b79ab5638
a855f987a1c193780de746a84c4693da05cbc5b3dd9d97d769918441be33ea9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A855F987A1C193780DE746A84C4693DA05CBC5B3DD9D97D769918441BE33EA9B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6627
Expires: Fri, 02 Dec 2022 23:04:57 GMT
Date: Fri, 02 Dec 2022 21:14:30 GMT
Connection: keep-alive

interstitial-07.com/contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg

139.45.197.155

200 OK

54 kB

URL HTTP/2
interstitial-07.com/contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg
IP
139.45.197.155:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size
54 kB (54176 bytes)
Hash
54ddf5e95e60ab935e545b50ffa002ca
4285c9c5481ad2d0cc0f87cc05d3e0810d29573a
ea65923ca842ba0f5c9f6cf90659f8ebc651275dc24de3c061ea60e78ca1714f

HTTP Headers

GET /contents/s/54/dd/f5/e95e60ab935e545b50ffa002ca/0975276558731.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=acXbRwOX8yoOYL9&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3897039392%26z%3D4250688%26b%3D12985558%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dx1fmlozB_vVjMMq6i-r4lUV4-K2-43yOdTb6aeg0ng8vIcghpMmR4Q2nnkKNd_kPgnwZlEMvXClHVgmcrTGgOxs4LMJQv9cc_se-ipjokWL8kzIt7n7j9FZ1fLA7-jhhJmGWAGucHB96oLbStdadFLtNgSufsGBlM4tlgsObgZdySQGXD_7BDqPU2nLIlGM6geVcMa8saLOg0Oa-_OKOmOsMnYZIXQzsM1SkGiWsbXy84aFFuwjueecNqImb0SlFmr7WyRJuOWVrQ_t8NR5eRVqxVbfVBf5ITSjlb9hR0kTta851ycfZFefbWVwHOCVQZwEid8jn85yUzijK_8Iv2zTmK0egWextMha4brabw7XbLEXlxJI4dtm3d7QDzOlGGYa4V9JtN7Gbbt2ZMuLBQLfUenZhmQwfTgU1OkzipfBbXGxrPJNqPrXgRJUfPRXqwdmRJ1qA1WDoECPwTdGRuj2uqIuhaoyfEdNzIzLpa9HQmibKDEVtR6vHfxmVpp0aUkmtSa6Lrv11Cvp5DzCCFOS7sYBDYLOMAvRNo47_eDfZwwJ7v34qiAfz0t1JhEmKhQK_ICQkPKnth-bpfU3Uewdlj8lpCGdtgSi0NTwTqD8ZFjYKJHrp2IfgDot3CLSB8z3PuXweq8Jk8kb4eCirjQ%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D66e4aecb-f2d7-4bf0-9a1e-c900adc7b219%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmegafile.cc%252Fo7xV%252Fdx9.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: image/jpeg
content-length: 54176
last-modified: Thu, 16 Dec 2021 06:39:29 GMT
vary: Accept-Encoding
etag: "61badf21-d3a0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=cJb9vRQCfEi-N9cY_4SH192Bp5j1x8SygIiK81VAJdo7AAKcaDNHcB0AbY5PAm6vzJdtOy6ycvAF4bjrJHbtYyM7mko2GklBUJjrjrXu2xQQztFP1BVFVLzkSti-C9VpkoUlMRzlf6O6iCYnhqZ_BdiR7d4g6NQNK8tTfnBtkjcJO4HJ7AcPIIojmhnrkDfGC_eGyNmOKQHqFQR8v0CudDU-O4Lye6a1wbNw3K-3k3g%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=1c25e267-2a74-4313-87e7-a2015cdde96e&userId=50c1ad23c326478594f915fd8ee34184&m=link

139.45.197.243

200 OK

7.5 kB

URL HTTP/2
onmarshtompor.com/?rb=cJb9vRQCfEi-N9cY_4SH192Bp5j1x8SygIiK81VAJdo7AAKcaDNHcB0AbY5PAm6vzJdtOy6ycvAF4bjrJHbtYyM7mko2GklBUJjrjrXu2xQQztFP1BVFVLzkSti-C9VpkoUlMRzlf6O6iCYnhqZ_BdiR7d4g6NQNK8tTfnBtkjcJO4HJ7AcPIIojmhnrkDfGC_eGyNmOKQHqFQR8v0CudDU-O4Lye6a1wbNw3K-3k3g%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=1c25e267-2a74-4313-87e7-a2015cdde96e&userId=50c1ad23c326478594f915fd8ee34184&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
data
Size
7.5 kB (7522 bytes)
Hash
384f2531da5d913354bc5b7bfbde55f2
2d14331eda8c6351495c5bd85d9f61973081142a
26ac57d31261d9ab4e8fbec2dfac42ddbc575e3cacc8cade37fe3e7f188046c6

HTTP Headers

GET /?rb=cJb9vRQCfEi-N9cY_4SH192Bp5j1x8SygIiK81VAJdo7AAKcaDNHcB0AbY5PAm6vzJdtOy6ycvAF4bjrJHbtYyM7mko2GklBUJjrjrXu2xQQztFP1BVFVLzkSti-C9VpkoUlMRzlf6O6iCYnhqZ_BdiR7d4g6NQNK8tTfnBtkjcJO4HJ7AcPIIojmhnrkDfGC_eGyNmOKQHqFQR8v0CudDU-O4Lye6a1wbNw3K-3k3g%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.457.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.457.0&bs=1c25e267-2a74-4313-87e7-a2015cdde96e&userId=50c1ad23c326478594f915fd8ee34184&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
content-type: application/json
x-trace-id: 012434f5d577cb41998c7cca39b53327
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=50c1ad23c326478594f915fd8ee34184; expires=Sat, 02 Dec 2023 21:14:30 GMT; path=/; secure; SameSite=None
oaidts=1670015670; expires=Sat, 02 Dec 2023 21:14:30 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 09 Dec 2022 21:14:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 21:14:30 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: cfb9a00c39ef6a8902b78888b37ad757
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/impression/fkVnk1igp7OBhjnBGFdAAaM9qKi_S-3-1rHYLO_9GuQuH5335GiWcjR72bCbrqBzjIZpPe6nvrUj89yejZUCZOvhovBBq4r0GIkW1A1nj1XwYkWzLcjkN1QchTBgELha124tFm5dj40CN4hilPDzZG6c-Jw4qqlJxOWPl_Ojz4Tm9Yy-mBLCp6ToZboMYHuqsMTW8x6cOCeqK7mb97haZGcGfmhYWPKmh7TEym0Yoks5mIS3G-Sgi4ffjW8YdsqmdNQlokInxVDtlSu89RbLMflUsYu-4B1AglAfwclC7bzWnVSW4h9dNHsnzJLsBGWvaGLEXmdqMVpO2KtJ2J65KOg8t9J-cdRs6AI0H2M_HEh7HH-eb-B6RqtbcM04RA7PfSFkko0Fz5UJSO1IJs08LYNBUYj5XuhuMCd-_qyjt3Dpvda69rJNagzcqSWibDZtWq6k65TD3xSziIcpRQGcZaYA9D-cnQ8xH9U-lxkMVUm5wQM6FjXviciKWEJ_vAveGoRXQjeBJkDBD970XB8GbCWAEqX9kV2P8XDjDH6cYnv5Mp_p9YW71aoEZpGFHTwhO1VqVlN6c3uXVyNCvIQ1QVp5UGI=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
betotodilea.com/impression/fkVnk1igp7OBhjnBGFdAAaM9qKi_S-3-1rHYLO_9GuQuH5335GiWcjR72bCbrqBzjIZpPe6nvrUj89yejZUCZOvhovBBq4r0GIkW1A1nj1XwYkWzLcjkN1QchTBgELha124tFm5dj40CN4hilPDzZG6c-Jw4qqlJxOWPl_Ojz4Tm9Yy-mBLCp6ToZboMYHuqsMTW8x6cOCeqK7mb97haZGcGfmhYWPKmh7TEym0Yoks5mIS3G-Sgi4ffjW8YdsqmdNQlokInxVDtlSu89RbLMflUsYu-4B1AglAfwclC7bzWnVSW4h9dNHsnzJLsBGWvaGLEXmdqMVpO2KtJ2J65KOg8t9J-cdRs6AI0H2M_HEh7HH-eb-B6RqtbcM04RA7PfSFkko0Fz5UJSO1IJs08LYNBUYj5XuhuMCd-_qyjt3Dpvda69rJNagzcqSWibDZtWq6k65TD3xSziIcpRQGcZaYA9D-cnQ8xH9U-lxkMVUm5wQM6FjXviciKWEJ_vAveGoRXQjeBJkDBD970XB8GbCWAEqX9kV2P8XDjDH6cYnv5Mp_p9YW71aoEZpGFHTwhO1VqVlN6c3uXVyNCvIQ1QVp5UGI=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/fkVnk1igp7OBhjnBGFdAAaM9qKi_S-3-1rHYLO_9GuQuH5335GiWcjR72bCbrqBzjIZpPe6nvrUj89yejZUCZOvhovBBq4r0GIkW1A1nj1XwYkWzLcjkN1QchTBgELha124tFm5dj40CN4hilPDzZG6c-Jw4qqlJxOWPl_Ojz4Tm9Yy-mBLCp6ToZboMYHuqsMTW8x6cOCeqK7mb97haZGcGfmhYWPKmh7TEym0Yoks5mIS3G-Sgi4ffjW8YdsqmdNQlokInxVDtlSu89RbLMflUsYu-4B1AglAfwclC7bzWnVSW4h9dNHsnzJLsBGWvaGLEXmdqMVpO2KtJ2J65KOg8t9J-cdRs6AI0H2M_HEh7HH-eb-B6RqtbcM04RA7PfSFkko0Fz5UJSO1IJs08LYNBUYj5XuhuMCd-_qyjt3Dpvda69rJNagzcqSWibDZtWq6k65TD3xSziIcpRQGcZaYA9D-cnQ8xH9U-lxkMVUm5wQM6FjXviciKWEJ_vAveGoRXQjeBJkDBD970XB8GbCWAEqX9kV2P8XDjDH6cYnv5Mp_p9YW71aoEZpGFHTwhO1VqVlN6c3uXVyNCvIQ1QVp5UGI=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=50c1ad23c326478594f915fd8ee34184
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:34 GMT
content-type: image/gif
content-length: 43
x-trace-id: a3fc57a8cfc7c5bbed13e3675ead67e8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/500/4250687?excludes=15161934&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4250687?excludes=15161934&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4250687?excludes=15161934&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:35 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

139.45.197.237

200 OK

44 kB

URL HTTP/2
betotodilea.com/500/4250687?excludes=15161934&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
44 kB (44321 bytes)
Hash
26d519ed77399f24861e1acd066f9f6e
3cd04a515d92401a93bdc8b5a3dfd61568d1ddcc
4ea4f476b73462d39333a68731fc150e5ec309eadf34775cd9cdcf25c1ce4852

HTTP Headers

GET /500/4250687?excludes=15161934&oaid=50c1ad23c326478594f915fd8ee34184&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fo7xV%2Fdx9.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=50c1ad23c326478594f915fd8ee34184
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:35 GMT
content-type: application/javascript
x-trace-id: 6bea608e046c9c279e8709959005e4ba
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megafile.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=50c1ad23c326478594f915fd8ee34184; expires=Sat, 02 Dec 2023 21:14:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js

104.16.125.175

200 OK

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 375050
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773712870f97b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js

104.16.125.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKAB1M1BCTS5V024C9N9FRWQ-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773712868f05b509-OSL
X-Firefox-Spdy: h2

nanouwho.com/27/1ead059fa749da4c72410ffa55976f24

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=e938f6b18cbc4a0ea9cc0f93965e031d; oaidts=1670015669
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js

138.201.48.112

200 OK

0 B

URL HTTP/2
megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/o7xV/dx9.zip
Cookie: XSRF-TOKEN=eyJpdiI6IlZiSnhGZGl5Q0N6Tm5GWk43Z2tKWlE9PSIsInZhbHVlIjoiRnhEdE5aN2g0ay9UNzF1S1Nsc2wvd3ZYSmdRVmltaDJ1d2RzdW9GcnVPcHFIWHh5Q0pUMzBVNktGWmo4SU15TWRjcnpjSUZTVDdLMHFtWitQYllObTcwWUZXZ054bG54dUtMQmZTblpYSkpQTXZNUU5VV0hDZkNBV0VVWDlvM1oiLCJtYWMiOiI5YzVhZDhkYjJmZWYwOGViODA4MWYyNTI0ZDE2MWQ0ZGI1YjY2ODZlODE5YzVmNDc5YjE4NjQ3NjE5ZTg1M2Y0IiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6Ild4amxXcVBYOXhvbHZjQ3BTSlNYM3c9PSIsInZhbHVlIjoidVdMLzE3aUFLRGtTbUhsanc5L1lsVWd3Y0pidWtCQnpVelcyLzhqZXNiUUtYU0FPTW92VGhYNDZoeisvSlVkbGwveUdqWVdyZ2JVNHVadFBmU0FKS2N1ejVYUC9Zc3dUQ0I5QVhOVk9jd1pBWHVXQmM1VmZPRlhiYy9oK2xDQlEiLCJtYWMiOiI0Yzk4ODhhMTA2YTFiY2Y1ZjU4MjExMmY2ODdiZDk0ZTA0ZjIwNDI5MzM4NTBjZmY2NmRkZmU1MmUxMjEyMTNiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
date: Fri, 02 Dec 2022 21:14:27 GMT
last-modified: Fri, 02 Dec 2022 21:14:27 GMT
cache-control: max-age=315360000
etag: W/"0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js

104.16.125.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 02 Dec 2022 21:14:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKAB1M15CAAA59TY2TXKBQXW-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773712868efab509-OSL
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/tag.min.js?z=4250689

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/pfe/current/tag.min.js?z=4250689
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/tag.min.js?z=4250689 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/400/4250687

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/400/4250687
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/4250687 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:14:29 GMT
content-type: application/javascript
x-trace-id: 9520ebfdb02cce63c2fe261a8f67e8c2
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=35b859fb9e1f46f79c9e4bf652db4877; expires=Sat, 02 Dec 2023 21:14:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations