| use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css | 104.21.27.152 | 200 OK | 7.2 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css IP104.21.27.152:443
Requested byhttps://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (30343) Hash36082410df2ef7f83932219089dc1443 7961402d7d01e19387fe609a38454b0bc8c6cca4 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.megawinner.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:51:03 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 559475
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BiLXHVj3r7hYkVvHWbEBUSweczbmWkwnoyBZrxzS1fS5k0mBds7kpbkuhe0cKF5UZS7zy4oXWkwyAG6K%2F%2B5X8pIcXMHt%2BHCWxnh%2BkO7IOUVLMZ%2BfUGxlSwDX8X8K9xFxoE2x%2FRs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fe97bd0a5d56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.megawinner.xyz/dl/all/offer/sub/video/style.css | 94.237.26.82 | 200 OK | 40 kB |
URL GET HTTP/2www.megawinner.xyz/dl/all/offer/sub/video/style.css IP94.237.26.82:443
Requested byhttps://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream CertificateIssuerLet's Encrypt Subject*.megawinner.xyz FingerprintE1:3F:35:F8:78:45:55:BE:FA:4F:C2:BE:D0:9B:8A:89:8A:6E:FE:37 ValidityFri, 19 Apr 2024 07:20:12 GMT - Thu, 18 Jul 2024 07:20:11 GMT
File typegzip compressed data, from Unix Hash6761a4eb4388de0401b536a2dd049be9 f7e0427a7a144f84bc925a324738ee934ae26c87 641e087c7a36ed3030a84538ee17716b0990de10523d6aed973bb599e749b56b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dl/all/offer/sub/video/style.css HTTP/1.1
Host: www.megawinner.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 04:51:03 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 10:38:01 GMT
vary: Accept-Encoding
etag: W/"660fd489-3fe83"
expires: Wed, 07 May 2025 04:51:03 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream | 94.237.26.82 | 200 OK | 29 kB |
URL User Request GET HTTP/2www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream IP94.237.26.82:443
CertificateIssuerLet's Encrypt Subject*.megawinner.xyz FingerprintE1:3F:35:F8:78:45:55:BE:FA:4F:C2:BE:D0:9B:8A:89:8A:6E:FE:37 ValidityFri, 19 Apr 2024 07:20:12 GMT - Thu, 18 Jul 2024 07:20:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream HTTP/1.1
Host: www.megawinner.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Tue, 07 May 2024 04:51:03 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.megawinner.xyz/dl/all/offer/sub/video/font.css | 94.237.26.82 | 200 OK | 1.0 kB |
URL GET HTTP/2www.megawinner.xyz/dl/all/offer/sub/video/font.css IP94.237.26.82:443
Requested byhttps://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream CertificateIssuerLet's Encrypt Subject*.megawinner.xyz FingerprintE1:3F:35:F8:78:45:55:BE:FA:4F:C2:BE:D0:9B:8A:89:8A:6E:FE:37 ValidityFri, 19 Apr 2024 07:20:12 GMT - Thu, 18 Jul 2024 07:20:11 GMT
File typeASCII text, with very long lines (1052), with no line terminators Hashbdf4ad58efd8c7a67df5bf5c698aa26a 6726e13361ecbdc14eba7d1f02ae30903e0ce194 ee348b108b05b9e9a91a472f3c4937c1ddc264ab23992c6c356879bbfe227837
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dl/all/offer/sub/video/font.css HTTP/1.1
Host: www.megawinner.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 04:51:03 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2024 10:38:01 GMT
vary: Accept-Encoding
etag: W/"660fd489-407"
expires: Wed, 07 May 2025 04:51:03 GMT
pragma: public
cache-control: max-age=31536000, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Muli:300,400,700,800 | 142.250.74.106 | 200 OK | 4.3 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Muli:300,400,700,800 IP142.250.74.106:443
Requested byhttps://www.megawinner.xyz/dl/all/offer/sub/video/?tid=lvvww74dbqfpg4ryvv48cs4g8,17414631,5,8553&flow=app&ctrack=1715057399.763826298&p=8553&pi=nonmob&media_type=mainstream CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (4408), with no line terminators Hash157627e6a6500a7afb22fd8b021455c8 d5ebccc6e2974a1504e67784c50897c52c24c560 e9fd212d9fcd2c67db2a10523a1a17b1e795fa343a0859c01b224b970dda766f
GET /css?family=Muli:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.megawinner.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 04:51:03 GMT
date: Tue, 07 May 2024 04:51:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|