| megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip | 138.201.48.112 | 301 Moved Permanently | 162 B |
URL HTTP/1.1megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 07 Oct 2022 02:32:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash282f6e1328452c1cb41f6a6272fff757 20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262 6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16306
Expires: Fri, 07 Oct 2022 07:04:24 GMT
Date: Fri, 07 Oct 2022 02:32:38 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 54.230.111.65 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YrDiIh75BRWRrc0OmuoJlnITjRcT3MsR2WTK5fYLa4FSGh2D8Fnn8A==
Age: 125120
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4ab7d8709d334de0e46dcb86aabfbff1 f221138a8ad9d0bfa3c054370dcdb363a67dc310 b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12153
Expires: Fri, 07 Oct 2022 05:55:11 GMT
Date: Fri, 07 Oct 2022 02:32:38 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SiPBzeF/kweS0YI2pTnX4x+13+l8OVXI/HGxLmDdAgS5mMI2xHl72bnRqaLIRnjLdA8RQU942MA=
x-amz-request-id: B4TJYBSSHENEQX99
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 01:58:59 GMT
age: 2019
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| megafile.cc/css/theme.min.css | 138.201.48.112 | 200 OK | 75 kB |
URL HTTP/2megafile.cc/css/theme.min.css IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Hashf007a5fedaae8c4b6b09ad257e793705 5dfb33189703b79058a8c8b0fe80ef45efd156dc cc19d724d6299bd2c720e998d4953ee46a2486dbea6c52d8d0eac2b0050cd8a1
GET /css/theme.min.css HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74660
etag: W/"PSA-aj-KFkkUdcMAX"
date: Fri, 07 Oct 2022 02:32:39 GMT
expires: Sun, 03 Oct 2032 22:11:45 GMT
cache-control: max-age=315344345
X-Firefox-Spdy: h2
|
|
| megafile.cc/img/logo-mega-info.webp | 138.201.48.112 | 200 OK | 48 kB |
URL HTTP/2megafile.cc/img/logo-mega-info.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Hash24b5e70e71e83c8c562ac2d40374fea0 b6679e95ff055f03b9f3cd01b42266e75e491447 fa36bc0ece4ea1b26647c9f1ec5f22558d000e32549edfbba2089e866f83ae72
GET /img/logo-mega-info.webp HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 47744
etag: "629bc4a3-ba80"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 07 Oct 2022 02:32:37 GMT
expires: Fri, 07 Oct 2022 02:37:37 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2
|
|
| megafile.cc/img/main/footer.webp | 138.201.48.112 | 200 OK | 243 kB |
URL HTTP/2megafile.cc/img/main/footer.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Size243 kB (243166 bytes) Hash49fd922b97901a44010fad28a7a0cc64 253a5c0e3063b4c30fffaeb114ffd18b6cc10187 538f51f2ee8976117cb2791163a6baa5d5e029f2a05b902464707c317fc29f6c
GET /img/main/footer.webp HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 243166
etag: "629bc970-3b5de"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 07 Oct 2022 02:32:38 GMT
expires: Fri, 07 Oct 2022 02:37:38 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css | 104.17.25.14 | 200 OK | 2.9 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css IP104.17.25.14:0
File typeassembler source, ASCII text, with very long lines (17282) Hash78aabb09e30a9eb6f833cbb1b48bdb2e e876ff16b6c511bc217973e51202aaaf23a4e936 8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 723715
expires: Wed, 27 Sep 2023 02:32:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZBH6EKwMWn%2FjtQL88fcICNknEQ6AFfGW551J2QvNW6Xh3Lf8SlEkLP5rFU1bIZG98urjKfrBAt%2Bh1L89lgFrsisaAUdji1G3sVJvlsyM%2BpcnzhvB0DArr%2BJ%2FJyu9XyJ6hDe1ADw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75633a3e695b0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css | 104.17.25.14 | 200 OK | 14 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (65345) Hash642445b86596bdeaa98e92faa2064fc6 6c5539660bf533d34e37b917973c941d1c963374 4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5989877
expires: Wed, 27 Sep 2023 02:32:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Maf443zFGVPHqBzW7OP2MQqKzzvnXFw5pqEgG3Oa5oTlewYpK0b800rwwr%2B4XBuz3qg6uaxp5Y9Pse2Gi%2FAxhTU4oupE7nAPU8qC6967495FhsPnlVyoJP1w9gkD5nQMY7PhgIxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75633a3e6ae6b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megafile.cc/img/logo-mega-info.png | 138.201.48.112 | 200 OK | 179 kB |
URL HTTP/2megafile.cc/img/logo-mega-info.png IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 4167 x 4167, 8-bit/color RGBA, non-interlaced\012- data Size179 kB (179409 bytes) Hash2e0ba32bb3fad3ba8048f1bf5c697931 9abc4eec9254ec6dd28bd5493604a1fdd13e0895 bb5076513ee0effdab48ff5826a0e8f02b4eb03d4e04eef3e0ea157f2feffa23
GET /img/logo-mega-info.png HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 179409
etag: "629bc4a3-2bcd1"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 07 Oct 2022 02:32:39 GMT
expires: Fri, 07 Oct 2022 02:37:39 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2
|
|
| megafile.cc/js/site.js | 138.201.48.112 | 200 OK | 2.0 kB |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (5640) Hasha779d1605363c034784168e0553fee12 203adaeac5eec419f7bdf4ba6840c9378c9692e5 0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6
GET /js/site.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Fri, 07 Oct 2022 02:32:39 GMT
expires: Sun, 03 Oct 2032 22:06:44 GMT
cache-control: max-age=315344044
X-Firefox-Spdy: h2
|
|
| megafile.cc/js/sw.js | 138.201.48.112 | 200 OK | 2.2 kB |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (4955), with no line terminators Hash2ce73f68c419965f076c5900c6f1b9e7 f28854598ab2c2ffdf9bf9cd48c9041fb85b4173 39bd09349ed4a072356d7d50d6766ba762fab802a4c927c399d489896122dd6b
GET /js/sw.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 4982
vary: Accept-Encoding
content-encoding: gzip
content-length: 2233
etag: W/"PSA-aj-ircMs4wEim"
date: Fri, 07 Oct 2022 02:32:39 GMT
expires: Sun, 03 Oct 2032 22:18:19 GMT
cache-control: max-age=315344739
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.65 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 02:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 03:00:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BQcSvVYTc1EygjaRXwvS-Ag1C6troeJUCGyP2mVsd4Ljmcmw-W464A==
Age: 178
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8be5570b9a5ca76c580da007a824b029 38840f2ac6476bdd5608121c5653e338c7ad9715 0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 02:32:39 GMT
Last-Modified: Fri, 07 Oct 2022 01:29:35 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha9ab062b715ddac45bef491600c90a99 73a952596f3e051c78ab61be77160f5ca9e06161 58cf31cb4c369ac6785c74e79615ab7f5a67eaa6adf518303953f394c212087f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58CF31CB4C369AC6785C74E79615AB7F5A67EAA6ADF518303953F394C212087F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15034
Expires: Fri, 07 Oct 2022 06:43:13 GMT
Date: Fri, 07 Oct 2022 02:32:39 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.43.46.140 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.46.140:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O81r/+yQGsjd6rbZNxja8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WQGeemfYfFMU5QrS3EQNJs23zWo=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7fec4ca2d12f880f43c26286774b53a2 229dfff518f6d5c21d5357c86acdfc243477bd3f d2c1462ff26dd4842f8a795da1c1b5812f230f7fb0ef39055ccc38add3a87a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2C1462FF26DD4842F8A795DA1C1B5812F230F7FB0EF39055CCC38ADD3A87A69"
Last-Modified: Wed, 05 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5276
Expires: Fri, 07 Oct 2022 04:00:36 GMT
Date: Fri, 07 Oct 2022 02:32:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5ac31442f61c6fbba0479b5aa7ded58f 63c42442bf9676036255328da9ec1612b20c5355 9ee6b943b43e9cfde84ab4685940f38980448220fad6c43248ce31d961a89169
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EE6B943B43E9CFDE84AB4685940F38980448220FAD6C43248CE31D961A89169"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Fri, 07 Oct 2022 03:22:37 GMT
Date: Fri, 07 Oct 2022 02:32:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4605881d81987895764b4644965ceb50 1eb3d62f4689f276ec2d49f0cd462b07d601f07b cf1ccfa5b3c21c8c289f6a51f0f18b8019d31ba10ae9bb76ed87c2350ab5cd9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF1CCFA5B3C21C8C289F6A51F0F18B8019D31BA10AE9BB76ED87C2350AB5CD9E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17477
Expires: Fri, 07 Oct 2022 07:23:57 GMT
Date: Fri, 07 Oct 2022 02:32:40 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash5690c00c386c753af6de22646db06434 aa5b0574bf8aa58bc5608d593e7dcba23100b454 741af8ab8cb30aac3a08fe0ae823577cb602c717416f9bcd52cef5b830b5fb0e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 18:25:20 GMT
Expires: Thu, 13 Oct 2022 18:25:19 GMT
Etag: "aa5b0574bf8aa58bc5608d593e7dcba23100b454"
Cache-Control: max-age=574958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75633a430f2eb527-OSL
|
|
| my.rtmark.net/gid.js?userId=4c55a12078ce413a944ce3bbcf87b6f5 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=4c55a12078ce413a944ce3bbcf87b6f5 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash91a25d37f738acf1a026480c1dfa61b1 ebf9fbd134dbde84e95e641cb50ab517b17e916a a86d647b9f594448af4565edbec9b59042093727ea91be4ec4caed367cb4568b
GET /gid.js?userId=4c55a12078ce413a944ce3bbcf87b6f5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| pseepsie.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3= | 139.45.197.250 | 200 OK | 664 B |
URL HTTP/2pseepsie.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3= IP139.45.197.250:0
File typeJSON data\012- , ASCII text, with very long lines (663) Hash61b8e425f14abb04a28256d7bbfcf9bb 8f5ef264bdfb8cee94436e1df0cebb6ffa55a0f3 7a54762394e3d98ad90830d3d762d0aa4243b6e1983f1c05948776c41a3bc82d
GET /zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3= HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 5f97c5153bd78934509e034fe741508d
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash966c3031e485ede683e6d3a60e394062 8e0d0284287e797890dbe611c7a62e7f101d1684 392c591a8f522a1b18b5b4d9d017bcee661d0679d4c55c940e3692c13b48e700
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "392C591A8F522A1B18B5B4D9D017BCEE661D0679D4C55C940E3692C13B48E700"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4517
Expires: Fri, 07 Oct 2022 03:47:57 GMT
Date: Fri, 07 Oct 2022 02:32:40 GMT
Connection: keep-alive
|
|
| tovanillitechan.com/42/38?z=4250688 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2tovanillitechan.com/42/38?z=4250688 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /42/38?z=4250688 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=161af994282049e6b4af601753eb2a7a; oaidts=1665109960
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 0960830b78944cde4cc6b5dec5da4f84
access-control-expose-headers: X-Sc
set-cookie: OAID=161af994282049e6b4af601753eb2a7a; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
oaidts=1665109960; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| onmarshtompor.com/?rb=NzK9DFMs7J_QtYp0q0kxnu0_WdvL31rUEfBHXYpSHtzpcFrqeJGhP9y0EQTLymhkqQiG1dqUbEqTur8zJKA_IZCOl2K2dhJt72yCWTFzof3-tOzjDiQDmn1G_7dZ176QwZjhBPWfBHTzRglLHm5ki0sDe8WZigAoyOoqpYniLyH3kAMNrFTzeUvF9Tb386V8AYj4R8Hw1qPBgW-WDieQRA%3D%3D&request_ab2=0&zoneid=4250690&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=8979327d-a895-4fe6-9582-fe8b001da83e&userId=4c55a12078ce413a944ce3bbcf87b6f5&m=link | 139.45.197.243 | 200 OK | 1.7 kB |
URL HTTP/2onmarshtompor.com/?rb=NzK9DFMs7J_QtYp0q0kxnu0_WdvL31rUEfBHXYpSHtzpcFrqeJGhP9y0EQTLymhkqQiG1dqUbEqTur8zJKA_IZCOl2K2dhJt72yCWTFzof3-tOzjDiQDmn1G_7dZ176QwZjhBPWfBHTzRglLHm5ki0sDe8WZigAoyOoqpYniLyH3kAMNrFTzeUvF9Tb386V8AYj4R8Hw1qPBgW-WDieQRA%3D%3D&request_ab2=0&zoneid=4250690&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=8979327d-a895-4fe6-9582-fe8b001da83e&userId=4c55a12078ce413a944ce3bbcf87b6f5&m=link IP139.45.197.243:0
File typeJSON data\012- , ASCII text, with very long lines (2206), with no line terminators Hash441a10a33846a9a59aa0f37faa7baf43 0688f24021608712c6a173c8dc7dde599cff65cd d72e88c957a0e816a7286026967c748baa7166681551845bda2aa8b4390135a1
GET /?rb=NzK9DFMs7J_QtYp0q0kxnu0_WdvL31rUEfBHXYpSHtzpcFrqeJGhP9y0EQTLymhkqQiG1dqUbEqTur8zJKA_IZCOl2K2dhJt72yCWTFzof3-tOzjDiQDmn1G_7dZ176QwZjhBPWfBHTzRglLHm5ki0sDe8WZigAoyOoqpYniLyH3kAMNrFTzeUvF9Tb386V8AYj4R8Hw1qPBgW-WDieQRA%3D%3D&request_ab2=0&zoneid=4250690&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=8979327d-a895-4fe6-9582-fe8b001da83e&userId=4c55a12078ce413a944ce3bbcf87b6f5&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json
x-trace-id: dc030cde86dc1fa0a3a666713bf79e6a
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:40 GMT; path=/; secure; SameSite=None
oaidts=1665109960; expires=Sat, 07 Oct 2023 02:32:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 14 Oct 2022 02:32:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pseepsie.com/pfe/current/universal.min.js?v=3.1.396 | 139.45.197.250 | 200 OK | 170 kB |
URL HTTP/2pseepsie.com/pfe/current/universal.min.js?v=3.1.396 IP139.45.197.250:0
File typeASCII text, with very long lines (65536), with no line terminators Size170 kB (169620 bytes) Hash7df5b6b691368734dccd742a1e2872d1 824a84082e92599599bcaf7de1a6fb0851f53cec c2b2e9a07f688884417d35548141630b6441b6ce9d69a53780516ed78c4ad35c
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megafile.cc/sw.js | 138.201.48.112 | 200 OK | 2.4 kB |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (5209), with no line terminators Hash60024048781353f7bc51300aff2ef6f3 fc88d0f69d4a5eff9deed7f510ddc842308cb0cb a6e21637c84e841563ca45be1191fb5a294d9bd11b64e90dca4b735ad6f6b707
GET /sw.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D; prefetchAd_4250690=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 5236
vary: Accept-Encoding
content-encoding: gzip
content-length: 2363
etag: W/"PSA-aj-b0aYbWJj70"
date: Fri, 07 Oct 2022 02:32:40 GMT
expires: Sun, 03 Oct 2032 22:06:44 GMT
cache-control: max-age=315344043
X-Firefox-Spdy: h2
|
|
| pseepsie.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | fortinet | Malware | |
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: application/json
Origin: https://megafile.cc
Content-Length: 412
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a892326761bc025ac73d6c962c052939
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| pseepsie.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | fortinet | Malware | |
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: application/json
Origin: https://megafile.cc
Content-Length: 770
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 78bdd4a9f8f261b7a614bd40b825ad76
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| tovanillitechan.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 | 139.45.197.239 | 204 No Content | 0 B |
URL HTTP/2tovanillitechan.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| tovanillitechan.com/11?rnd=778491446&z=4250688&b=14566425&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UYrXuwbe_gWMEM7oPahFHOLTo-lLha2HkCFTDwhU0ZDfs79xqFDnt1Y7ZZlb2paNWtHrdhMyIMtK3uxl0gCobSJpZ8fw2qlLssqt9avKX5NJqvvxMdHffaKpK1c1pKtHcZ2GlcWPAittcOmSiY6c9I4yfpv2J8r5MWohvm5puiVt6xRPHHaOFIIDsStbnGQh565vykUdGItM6x76qXmtRuBqJ8c6G_pLYx7DsAMxfcwe9TmsDiKGME_i45y8xGQeeXX53oO4Wz3KW_AQ1EmtcqoF7rH4vD4Wn1VUaeeJ08kYnJwfNXK7XzlcUnvqeKnAUsx0s6xKiPSTB7rK2SSMJbB80JSHLNgyJO7YdZZXzpz05-PhG2qm5FzYatjv2-5tkR5RoUpMTZW9v_bDyiUSd4Ef7BEghzi3E6tGr__MALnfMYFuSpAvIyMeid2zTut53HUc-uw-IKv0bO4BZvw53pOrOfNqzDBRbzssXCLuvrnRME3RO9xBPUQoU1edM2O_aYwTSLVzL_LGOAtVB_O0uMZuWhMAGswaUPCnZOxMCMDs8Xpt7uUNsA312q5e7fBv5z-herbC3twN60ivZ_g4cf0rsroX5Km8wS5BGmV9ehkUh9dQfbvPYgtOQWhD9PHq0B1G286QxsdKk6Ut&ruid=794b63af-cd8f-4389-8a26-4e058512ed09&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2tovanillitechan.com/11?rnd=778491446&z=4250688&b=14566425&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UYrXuwbe_gWMEM7oPahFHOLTo-lLha2HkCFTDwhU0ZDfs79xqFDnt1Y7ZZlb2paNWtHrdhMyIMtK3uxl0gCobSJpZ8fw2qlLssqt9avKX5NJqvvxMdHffaKpK1c1pKtHcZ2GlcWPAittcOmSiY6c9I4yfpv2J8r5MWohvm5puiVt6xRPHHaOFIIDsStbnGQh565vykUdGItM6x76qXmtRuBqJ8c6G_pLYx7DsAMxfcwe9TmsDiKGME_i45y8xGQeeXX53oO4Wz3KW_AQ1EmtcqoF7rH4vD4Wn1VUaeeJ08kYnJwfNXK7XzlcUnvqeKnAUsx0s6xKiPSTB7rK2SSMJbB80JSHLNgyJO7YdZZXzpz05-PhG2qm5FzYatjv2-5tkR5RoUpMTZW9v_bDyiUSd4Ef7BEghzi3E6tGr__MALnfMYFuSpAvIyMeid2zTut53HUc-uw-IKv0bO4BZvw53pOrOfNqzDBRbzssXCLuvrnRME3RO9xBPUQoU1edM2O_aYwTSLVzL_LGOAtVB_O0uMZuWhMAGswaUPCnZOxMCMDs8Xpt7uUNsA312q5e7fBv5z-herbC3twN60ivZ_g4cf0rsroX5Km8wS5BGmV9ehkUh9dQfbvPYgtOQWhD9PHq0B1G286QxsdKk6Ut&ruid=794b63af-cd8f-4389-8a26-4e058512ed09&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /11?rnd=778491446&z=4250688&b=14566425&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UYrXuwbe_gWMEM7oPahFHOLTo-lLha2HkCFTDwhU0ZDfs79xqFDnt1Y7ZZlb2paNWtHrdhMyIMtK3uxl0gCobSJpZ8fw2qlLssqt9avKX5NJqvvxMdHffaKpK1c1pKtHcZ2GlcWPAittcOmSiY6c9I4yfpv2J8r5MWohvm5puiVt6xRPHHaOFIIDsStbnGQh565vykUdGItM6x76qXmtRuBqJ8c6G_pLYx7DsAMxfcwe9TmsDiKGME_i45y8xGQeeXX53oO4Wz3KW_AQ1EmtcqoF7rH4vD4Wn1VUaeeJ08kYnJwfNXK7XzlcUnvqeKnAUsx0s6xKiPSTB7rK2SSMJbB80JSHLNgyJO7YdZZXzpz05-PhG2qm5FzYatjv2-5tkR5RoUpMTZW9v_bDyiUSd4Ef7BEghzi3E6tGr__MALnfMYFuSpAvIyMeid2zTut53HUc-uw-IKv0bO4BZvw53pOrOfNqzDBRbzssXCLuvrnRME3RO9xBPUQoU1edM2O_aYwTSLVzL_LGOAtVB_O0uMZuWhMAGswaUPCnZOxMCMDs8Xpt7uUNsA312q5e7fBv5z-herbC3twN60ivZ_g4cf0rsroX5Km8wS5BGmV9ehkUh9dQfbvPYgtOQWhD9PHq0B1G286QxsdKk6Ut&ruid=794b63af-cd8f-4389-8a26-4e058512ed09&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=4c55a12078ce413a944ce3bbcf87b6f5; oaidts=1665109960
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 010231e0a315858305dd64f79d17e77f
access-control-expose-headers: X-Sc
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
oaidts=1665109960; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4f02499111f3797c5a096e9f9a23f37c 19daaa3d50e5acd25ec41242b0bedf54a9dd5a37 8158e4bd8ad6b27907098b5e0e958152f08f95ec1f99d3f31f3d5f49038e865e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8158E4BD8AD6B27907098B5E0E958152F08F95EC1F99D3F31F3D5F49038E865E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1525
Expires: Fri, 07 Oct 2022 02:58:05 GMT
Date: Fri, 07 Oct 2022 02:32:40 GMT
Connection: keep-alive
|
|
| offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg | 104.22.32.172 | 200 OK | 11 kB |
URL HTTP/2offerimage.com/www/images/96d73cf80f752e9319997c6e575c3b82.jpeg IP104.22.32.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash96d73cf80f752e9319997c6e575c3b82 3dcf9d3b3e94698a842b1a98de17a02a8c3b4457 44dc0e0d92f12e669842f12722ca1a1848fb4be50deabd86c7d9deb64946db86
GET /www/images/96d73cf80f752e9319997c6e575c3b82.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: image/jpeg
content-length: 11449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "627e5574-2cb9"
expires: Fri, 07 Oct 2022 04:56:42 GMT
last-modified: Fri, 13 May 2022 12:56:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 77758
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75633a477aad98ee-ARN
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash8f914c75d78aabd8f442473c89339139 65f9275088f83adaabf31e48c76de615ceaf238d e609b19f355624c89679e3029f5f54f6c1b0398d8b13aae97c6d11b2598dee66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 02:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 12:52:20 GMT
Expires: Thu, 13 Oct 2022 12:52:19 GMT
Etag: "65f9275088f83adaabf31e48c76de615ceaf238d"
Cache-Control: max-age=554978,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75633a46a917b527-OSL
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: text/plain;charset=UTF-8
Origin: https://megafile.cc
Content-Length: 1560
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 07 Oct 2022 02:33:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://megafile.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg | 139.45.197.153 | 200 OK | 20 kB |
URL HTTP/2interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg IP139.45.197.153:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data Hashd657d0b45c722c9203953e7fbb92fc33 e1ff29e4b8f1ea03d163e6a3c8f4d381cae5a3e2 40785963d6afef460b6d58db44d00d3bbed11a81f88e64e6a1b91d317b220d40
GET /contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=cJn1yDWhtv1vRuI&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D2244573049%26z%3D4250688%26b%3D14566425%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DUYrXuwbe_gWMEM7oPahFHOLTo-lLha2HkCFTDwhU0ZDfs79xqFDnt1Y7ZZlb2paNWtHrdhMyIMtK3uxl0gCobSJpZ8fw2qlLssqt9avKX5NJqvvxMdHffaKpK1c1pKtHcZ2GlcWPAittcOmSiY6c9I4yfpv2J8r5MWohvm5puiVt6xRPHHaOFIIDsStbnGQh565vykUdGItM6x76qXmtRuBqJ8c6G_pLYx7DsAMxfcwe9TmsDiKGME_i45y8xGQeeXX53oO4Wz3KW_AQ1EmtcqoF7rH4vD4Wn1VUaeeJ08kYnJwfNXK7XzlcUnvqeKnAUsx0s6xKiPSTB7rK2SSMJbB80JSHLNgyJO7YdZZXzpz05-PhG2qm5FzYatjv2-5tkR5RoUpMTZW9v_bDyiUSd4Ef7BEghzi3E6tGr__MALnfMYFuSpAvIyMeid2zTut53HUc-uw-IKv0bO4BZvw53pOrOfNqzDBRbzssXCLuvrnRME3RO9xBPUQoU1edM2O_aYwTSLVzL_LGOAtVB_O0uMZuWhMAGswaUPCnZOxMCMDs8Xpt7uUNsA312q5e7fBv5z-herbC3twN60ivZ_g4cf0rsroX5Km8wS5BGmV9ehkUh9dQfbvPYgtOQWhD9PHq0B1G286QxsdKk6Ut%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D794b63af-cd8f-4389-8a26-4e058512ed09%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmegafile.cc%252Fdont-hotlink%252Fb127e6f6-21f1-496b-8425-860f2f88f624.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: image/jpeg
content-length: 19879
last-modified: Wed, 05 Oct 2022 17:04:55 GMT
etag: "633db937-4da7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg | 139.45.197.153 | 200 OK | 63 kB |
URL HTTP/2interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg IP139.45.197.153:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data Hash9b2c293f4695bb8f89f5bdc53f2634e2 fda95c173965012fa72bd0386a0f1e4f0e5220fa f7090a9b5e00f32721b1d83183b54e836e4237f6d407186327f7835caf3c265a
GET /contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=cJn1yDWhtv1vRuI&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D2244573049%26z%3D4250688%26b%3D14566425%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DUYrXuwbe_gWMEM7oPahFHOLTo-lLha2HkCFTDwhU0ZDfs79xqFDnt1Y7ZZlb2paNWtHrdhMyIMtK3uxl0gCobSJpZ8fw2qlLssqt9avKX5NJqvvxMdHffaKpK1c1pKtHcZ2GlcWPAittcOmSiY6c9I4yfpv2J8r5MWohvm5puiVt6xRPHHaOFIIDsStbnGQh565vykUdGItM6x76qXmtRuBqJ8c6G_pLYx7DsAMxfcwe9TmsDiKGME_i45y8xGQeeXX53oO4Wz3KW_AQ1EmtcqoF7rH4vD4Wn1VUaeeJ08kYnJwfNXK7XzlcUnvqeKnAUsx0s6xKiPSTB7rK2SSMJbB80JSHLNgyJO7YdZZXzpz05-PhG2qm5FzYatjv2-5tkR5RoUpMTZW9v_bDyiUSd4Ef7BEghzi3E6tGr__MALnfMYFuSpAvIyMeid2zTut53HUc-uw-IKv0bO4BZvw53pOrOfNqzDBRbzssXCLuvrnRME3RO9xBPUQoU1edM2O_aYwTSLVzL_LGOAtVB_O0uMZuWhMAGswaUPCnZOxMCMDs8Xpt7uUNsA312q5e7fBv5z-herbC3twN60ivZ_g4cf0rsroX5Km8wS5BGmV9ehkUh9dQfbvPYgtOQWhD9PHq0B1G286QxsdKk6Ut%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D794b63af-cd8f-4389-8a26-4e058512ed09%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmegafile.cc%252Fdont-hotlink%252Fb127e6f6-21f1-496b-8425-860f2f88f624.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: image/jpeg
content-length: 63121
last-modified: Wed, 05 Oct 2022 17:04:52 GMT
etag: "633db934-f691"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash671e371ca656241a058e39f941f52b91 e2f8c597830dbf6798c6e67563b25f8f2c5b9761 c8cf9147235e2f68fb2a2aa6aaab3d8934bb8e1a2a19e94e8c9ef6310ffdf88a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8CF9147235E2F68FB2A2AA6AAAB3D8934BB8E1A2A19E94E8C9EF6310FFDF88A"
Last-Modified: Wed, 05 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13586
Expires: Fri, 07 Oct 2022 06:19:07 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| unphionetor.com/vctx?t=72747 | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vctx?t=72747 IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 02:32:41 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 47ae9981a2d16c419c99275c79b07273
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 02:32:41 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 154f905189ed1db6f811334f47e8709f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16207
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16207
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16207
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16207
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16207
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 02:32:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashae567a6922213a56f35ddc5d5cc1d0f1 fc49df76e8625d8542b0634bfcf12b8d6cda445c 135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: i1F72tYrdjpymITjLWOWsfF_d-uZp_aXH-TWvE491s7IOtJZArpOqA==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 17303
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| tovanillitechan.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 | 139.45.197.239 | 200 OK | 17 kB |
URL HTTP/2tovanillitechan.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 IP139.45.197.239:0
Hash2a45e1dda0f1d5b285cffab65b7e7877 4617f66f4fe3388dec83e97105281d63d6be4968 ce9f43e8303b4b0792632fb611e099e091b4143ca5b14f37be95591ba097e9a1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=4c55a12078ce413a944ce3bbcf87b6f5 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 209
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=161af994282049e6b4af601753eb2a7a; oaidts=1665109960
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 112873528b6f97fec0995647986027fa
access-control-expose-headers: X-Sc
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
oaidts=1665109960; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg | 34.120.237.76 | 200 OK | 2.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe9646987c0395eec23e32dc00954d386 5545b691aeefcd31bbc6b6cad6726234773e9d74 900a2bfbe3984db79056d38764b1986399d827a7f54d1c54d4fd3b06c7981385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36097bf9-dd7a-4dde-af42-0e23e000e84a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2732
x-amzn-requestid: 004a85ab-b33b-4b7f-86f2-9762e6cd2f0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkQGWgoAMF7mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494e-473458094dc2ded55a681505;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eJltrBVIRbJ-_OUHZjw8mtfK6Ivb9C51B6lC1C11eaq_O4Psd7evRg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:46:38 GMT
age: 17163
etag: "5545b691aeefcd31bbc6b6cad6726234773e9d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash16339989f5c6c229a3dcc0ed1e52032f a1ea26d6e4eb4a72cc8c87100b40035dab69d285 16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 16243
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 10 kB |
URL HTTP/2dozubatan.com/500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashb81f336c56b828bd646a43a0d05e2837 621cc47a4e8fcfa65c7a49b8b2930a107a4f5c16 0e5b7b30f2d4607fd8e742d91e16a68296893284fb1d11b8b43ea7a43f109901
GET /500/4250687?excludes=&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=e9349d2af74744968781ea847086b28a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/javascript
x-trace-id: 1813f944e94e8a8d3d17f118dc9f11c4
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://megafile.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e1d0226194b6ccc5e2d460745b53fb4 715224d106cc3342482c53905322d6418421f6d2 0992c3232fd28edf9a9af56c2cc7f64f9ae53a2ec0cc4fb38c2cdb468a6a5791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee0abd8-4ecf-437c-9675-8f3d0154f2b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 2d3dc175-26a9-40a2-b629-0c8b533d5037
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhktGcloAMF0SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4951-23e7e2852fe1f11c009d4c26;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:32:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: XZZtr9fG5zlx9W9TIX5zVjqvyZ5NEeSEPqtNUhwArlhBEIdcT5unpQ==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:47 GMT
etag: "715224d106cc3342482c53905322d6418421f6d2"
content-type: image/jpeg
age: 16254
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dozubatan.com/impression/Sp5O-QOrar90GtwvTheSkQgypucn87aBMluy1Ulfvxw_ADnUTsZ5FqNMcNyGx1HVPLnrheMd36gFfSxg69n2Xc01GxuUCQCdIOBJhpmySpCO3kG8pqWCf-A026qVr8dkfNkXqC4Dbavf9FtvZspAg86-2pj_bedcFcjIuThbahU6Lbpb2GNMPi6pIs3lPYiv8iJ8h9xU01orPVQmwsIN33NZjYYZdk0GobwsFxEFsypbxYfMWJ6XI1pePEQ_AXz152oCze7z3UcptGtN8HXE0ZS4Vr3JluvKnyi6Yd9a3mWbnGOH7ZpTSDhgzZ0Lq0ATQfQJQL9kuU3vDFem9zxv-1NoyVcHkbCv1SWQEOl9q-pZnKYlWz3Pf3DYOqrAs1jmdnbNkjEfwdNPAIT6Ms4iyLy7P0jb_hZXP5zSWkYh7NcfW6Gpi8KvFwRj1tRuGl7OPV_kPY-YPn1Dymlk6YXX1zzeY5bEBPnffKUbIyFxuiQAafPYsu_Jefiu0pNlucsQP7yyXm4b4R8vQoTQtFJ5wzNpGnIJ0jzwfLON9I7fhiFSHjd3oBHScLOOybPI6M65faHtcfQlQuQlhbZ3h3aUSE7jOyo=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 43 B |
URL HTTP/2dozubatan.com/impression/Sp5O-QOrar90GtwvTheSkQgypucn87aBMluy1Ulfvxw_ADnUTsZ5FqNMcNyGx1HVPLnrheMd36gFfSxg69n2Xc01GxuUCQCdIOBJhpmySpCO3kG8pqWCf-A026qVr8dkfNkXqC4Dbavf9FtvZspAg86-2pj_bedcFcjIuThbahU6Lbpb2GNMPi6pIs3lPYiv8iJ8h9xU01orPVQmwsIN33NZjYYZdk0GobwsFxEFsypbxYfMWJ6XI1pePEQ_AXz152oCze7z3UcptGtN8HXE0ZS4Vr3JluvKnyi6Yd9a3mWbnGOH7ZpTSDhgzZ0Lq0ATQfQJQL9kuU3vDFem9zxv-1NoyVcHkbCv1SWQEOl9q-pZnKYlWz3Pf3DYOqrAs1jmdnbNkjEfwdNPAIT6Ms4iyLy7P0jb_hZXP5zSWkYh7NcfW6Gpi8KvFwRj1tRuGl7OPV_kPY-YPn1Dymlk6YXX1zzeY5bEBPnffKUbIyFxuiQAafPYsu_Jefiu0pNlucsQP7yyXm4b4R8vQoTQtFJ5wzNpGnIJ0jzwfLON9I7fhiFSHjd3oBHScLOOybPI6M65faHtcfQlQuQlhbZ3h3aUSE7jOyo=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/Sp5O-QOrar90GtwvTheSkQgypucn87aBMluy1Ulfvxw_ADnUTsZ5FqNMcNyGx1HVPLnrheMd36gFfSxg69n2Xc01GxuUCQCdIOBJhpmySpCO3kG8pqWCf-A026qVr8dkfNkXqC4Dbavf9FtvZspAg86-2pj_bedcFcjIuThbahU6Lbpb2GNMPi6pIs3lPYiv8iJ8h9xU01orPVQmwsIN33NZjYYZdk0GobwsFxEFsypbxYfMWJ6XI1pePEQ_AXz152oCze7z3UcptGtN8HXE0ZS4Vr3JluvKnyi6Yd9a3mWbnGOH7ZpTSDhgzZ0Lq0ATQfQJQL9kuU3vDFem9zxv-1NoyVcHkbCv1SWQEOl9q-pZnKYlWz3Pf3DYOqrAs1jmdnbNkjEfwdNPAIT6Ms4iyLy7P0jb_hZXP5zSWkYh7NcfW6Gpi8KvFwRj1tRuGl7OPV_kPY-YPn1Dymlk6YXX1zzeY5bEBPnffKUbIyFxuiQAafPYsu_Jefiu0pNlucsQP7yyXm4b4R8vQoTQtFJ5wzNpGnIJ0jzwfLON9I7fhiFSHjd3oBHScLOOybPI6M65faHtcfQlQuQlhbZ3h3aUSE7jOyo=?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:45 GMT
content-type: image/gif
content-length: 43
x-trace-id: ec18ec7f7808f8d3539bcc7d399d3851
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg | 104.22.32.172 | 200 OK | 13 kB |
URL HTTP/2offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg IP104.22.32.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash375d4eace3e9692bfe2fc21648f4c59a 57ef9b8278b63d567eab92b8607b68cee29071b8 46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:45 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b480-3489"
expires: Fri, 07 Oct 2022 13:45:32 GMT
last-modified: Wed, 16 Mar 2022 09:57:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 46032
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75633a654b0f98ee-ARN
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js | 104.16.122.175 | 302 Found | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP104.16.122.175:0
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GER4K8X0Y8AB9GTRYZVD3APD-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75633a3f4bdc0b69-OSL
X-Firefox-Spdy: h2
|
|
| megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip
Cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
date: Fri, 07 Oct 2022 02:32:39 GMT
last-modified: Fri, 07 Oct 2022 02:32:39 GMT
cache-control: max-age=315360000
etag: W/"0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js | 104.16.122.175 | 200 OK | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js IP104.16.122.175:0
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 12936911
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75633a3fcc080b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.433.0 | 139.45.197.234 | 200 OK | 0 B |
URL HTTP/2bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.433.0 IP139.45.197.234:0
GET /5/4250690/?oo=1&js_build=iclick-v1.433.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: application/json
x-trace-id: 93cf315e21dc2af88166fc3b77f42959
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:39 GMT; path=/; secure; SameSite=None
oaidts=1665109959; expires=Sat, 07 Oct 2023 02:32:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2megafile.cc/dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /dont-hotlink/b127e6f6-21f1-496b-8425-860f2f88f624.zip HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6InV3ZUhDVzFKQTRwK3drRGFZbUFmZXc9PSIsInZhbHVlIjoicGpobStsN3Y5VnFxcmFsQm85OE1uZkZWSmxyWkpFeHhONloxdHY0TUJLMVliN3BQSmFFb1RnRmZ3ZDhFZUxxMkJYNWRjUkFFVk1uV3dXL09oemkrUDRmZWdFckpLemUvcGdzYzA1dE1la29meUgvc0hWVjNZYTQrSzQrQU1nbk4iLCJtYWMiOiIxOTdhOTEyMmI2N2E3ZDIyYWQ4MTY4ODc0OGMxMDE4NWMwNWI2NGI0ZmU2MTc3NzJkMzg5NTA5ZWRjMzE2MmEyIiwidGFnIjoiIn0%3D; expires=Mon, 07-Nov-2022 02:32:39 GMT; Max-Age=2678400; path=/; samesite=lax
megafile_session=eyJpdiI6IkpPRldPemUrV3pVOFlac3AxVUZGSnc9PSIsInZhbHVlIjoiOER3ejJjQXhDcFFoMEhoZnFIMFR0NnZjM1FXK3F2c0VGd2lZQy9YT2swVUpka3R2SkNJREJMQ0U0cFZtNDlQNWZIZm4xVVZhODIxNzNMYVVDZHNrK1pqY0oyRVRkN0Nya1pmMFBqMERlOUU5dXQ1am5yZStsenZjT0t0ZHBITkIiLCJtYWMiOiJkNmYzOTVmNzQzYTFlOWQ1MmY3NzE1ZDIzYjdiMThmMTBmYTdkZGEzNjcwMDBhOWNkODgwNDVjNTFjYTE0ZDA3IiwidGFnIjoiIn0%3D; expires=Mon, 07-Nov-2022 02:32:39 GMT; Max-Age=2678400; path=/; httponly; samesite=lax
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Oct 2022 02:32:39 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| dozubatan.com/400/4250687 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/400/4250687 IP139.45.197.237:0
GET /400/4250687 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/javascript
x-trace-id: 74c4ffc4b742b4027c5befbb62e8ea10
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e9349d2af74744968781ea847086b28a; expires=Sat, 07 Oct 2023 02:32:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pseepsie.com/pfe/current/tag.min.js?z=4250689 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2pseepsie.com/pfe/current/tag.min.js?z=4250689 IP139.45.197.250:0
GET /pfe/current/tag.min.js?z=4250689 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.64.205.17 | 200 OK | 0 B |
IP172.64.205.17:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvn3aN0M8rt9gBX8HCMia1nQ8jQizITNwWDBZpX27be4KmmUTBNBmvz7tXO4vjVyaWVW2fzpChj9qbhfFhwOd6hXQF3vFi626hKJXLPUdyxTI2%2FRZHWefrjtKWYKPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75633a443d5871ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
GET /500/4250687?excludes=15111844&oaid=4c55a12078ce413a944ce3bbcf87b6f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2Fdont-hotlink%2Fb127e6f6-21f1-496b-8425-860f2f88f624.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:45 GMT
content-type: application/javascript
x-trace-id: e40293d48a749209cffdeaf2a3825f19
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megafile.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4c55a12078ce413a944ce3bbcf87b6f5; expires=Sat, 07 Oct 2023 02:32:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unphionetor.com/fv.js?t=72747&cb=1238288186 | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2unphionetor.com/fv.js?t=72747&cb=1238288186 IP139.45.197.236:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /fv.js?t=72747&cb=1238288186 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:41 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 50bea0613b10d1e45f1378113def8336
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tovanillitechan.com/1?z=4250688 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2tovanillitechan.com/1?z=4250688 IP139.45.197.239:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /1?z=4250688 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 02:32:40 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 6318733daaa377027fd285178e26df08
access-control-expose-headers: X-Sc
x-sc: abHV824M3Qd7w2R2-gFL4GkbJnsWBIsa6rW3umLmIRoQtIM8UqSLSG45uKPKmFNYdPP0h2KdI925kPBCwnT9ZAtK0Cw=
set-cookie: scm=1; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
OAID=161af994282049e6b4af601753eb2a7a; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
oaidts=1665109960; expires=Sat, 07 Oct 2023 02:32:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js | 104.16.122.175 | 200 OK | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js IP104.16.122.175:0
GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 8153203
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75633a3fdc090b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| iclickcdn.com/tag.min.js | 172.67.75.9 | 200 OK | 0 B |
IP172.67.75.9:0
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 3135d9cbe81bf521a77295f376df42e8
cache-control: max-age=86400
last-modified: Wed, 05 Oct 2022 15:42:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 08 Oct 2022 01:17:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcDvZvw185GsXZenaK%2BbOt4vU6toIkbWqJ1M692kFKoH%2BXevSyCDK14zvX8M5oLmsN13dlhFYPBT0rkEFYa%2BDo1y5GDAS73ujuThLELUXqJfBkk%2Bq5CQsxGSVRQ%2BDro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75633a3fe8b7b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js | 104.16.122.175 | 302 Found | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP104.16.122.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 02:32:39 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GER4K8X0F0NZ1K78QD8Q6WKZ-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75633a3f4bdd0b69-OSL
X-Firefox-Spdy: h2
|
|