Report - megafile.cc/Plod/muckmody.rar

Report Overview

Submitted URL
megafile.cc/Plod/muckmody.rar
IP
138.201.48.112
ASN
#24940 Hetzner Online GmbH
Submitted
2022-11-25 15:26:00
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	3.2 kB	172.67.22.216
bedrapiona.com	34930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	1.1 kB	139.45.197.234
megafile.cc	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	559 kB	138.201.48.112
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60
datatechonert.com	46154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	479 B	37.48.68.71
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	6.6 kB	104.21.84.149
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	41 kB	34.120.237.76
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	32 kB	142.250.74.170
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	133 kB	104.17.24.14
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	6.2 kB	104.16.124.175
onmarshtompor.com	24517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	2.7 kB	139.45.197.243
mediasama.com	166244	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	4.1 MB	144.217.67.42
iclickcdn.com	45415	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	1.0 kB	104.26.12.118
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.0 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	19 kB	151.101.85.229
ibrapush.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	37 kB	139.45.197.250
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	746 B	142.250.74.10
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	740 B	139.45.195.8
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
nanouwho.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	129 kB	139.45.197.242
betotodilea.com	52465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	17 kB	139.45.197.237
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	mediasama.com/hentaiheroes/22/s/	Phishing
2022-11-25	medium	mediasama.com/hentaiheroes/22/s/js/main.js	Phishing
2022-11-25	medium	mediasama.com/hentaiheroes/22/s/audio/btn_1.mp3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-25	medium	datatechonert.com	Sinkholed
2022-11-25	medium	nanouwho.com	Sinkholed
2022-11-25	medium	nanouwho.com	Sinkholed
2022-11-25	medium	nanouwho.com	Sinkholed
2022-11-25	medium	nanouwho.com	Sinkholed

JavaScript (33)

	URL	Size	First Seen	Last Seen
	betotodilea.com/400/4250687	82 kB	2023-03-11	2023-03-11
Pretty URL betotodilea.com/400/4250687 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:09 Times Seen1 Hash a125075226a33a6501bdfd28a5c344f2 1135e2798f162a4ec80744bc4bd2bdabc540d58e f7c7b46a5e83f0f9811a325d727898072efc5ba9bf96b365a19f7f264338ff3a Loading...

	http:text/javascript,document.write(new%20Date().getFullYear())	40 B	2023-03-07	2024-04-26
Pretty URL http:text/javascript,document.write(new%20Date().getFullYear()) IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-26 07:22:58 Times Seen4703 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	http:text/javascript,let%20mode%3D'light'%3Blet%20theme%3DlocalStorage.getItem(%22theme%22)%3Bif(theme%3D%3Dnull)%7Bif(mode%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7D%7Delse%7Bif(theme%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7Delse%7B%24('.theme').removeClass('dark')%3B%7D%7D	213 B	2023-03-07	2023-08-29
Pretty URL http:text/javascript,let%20mode%3D'light'%3Blet%20theme%3DlocalStorage.getItem(%22theme%22)%3Bif(theme%3D%3Dnull)%7Bif(mode%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7D%7Delse%7Bif(theme%3D%3D'dark')%7B%24('.theme').addClass('dark')%3B%7Delse%7B%24('.theme').removeClass('dark')%3B%7D%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-08-29 21:14:02 Times Seen131 Hash ccea0e1846102f4f1ed17644f6c6baa6 e43c87b583bef9f3e325ab7bf9ccf4a1f80bc35a e84714cb230edad68ac36e473976e94ca40d378d53fc1b7b539c03879f7ab887 Loading...

	iclickcdn.com/tag.min.js	73 kB	2023-03-11	2023-03-11
Pretty URL iclickcdn.com/tag.min.js IP 104.26.12.118 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:17:02 Last Seen2023-03-11 23:31:48 Times Seen1 Hash 63761b977d8cb9d017f60f63aaca634b 172ac1cac1983f0ce6dd437b7f3217d64ade8291 bd48c41ac9699227ddf2783338474f177b437c948c342227b13de973c386e8dd Loading...

	ibrapush.com/pfe/current/tag.min.js?z=4250689	15 kB	2023-03-11	2023-03-11
Pretty URL ibrapush.com/pfe/current/tag.min.js?z=4250689 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:16:59 Last Seen2023-03-11 22:12:19 Times Seen1 Hash 46403d2e1a0e106be1c82062e2d107e1 d1d3a8858de98ccc6df20dc4c7b981d705b28f88 b3003c3ab4f9e4ac15d2f96fe35686dfd975147278ef23f3ef3270679c54038d Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	64 kB	2023-03-11	2024-01-07
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:46:05 Last Seen2024-01-07 21:57:00 Times Seen15 Hash 25afc20bf69e421378f7c53e44ce4213 fbf759080a5066611e6186d1e5f03a4a7a6e2faf 56f7e1601df5d674340d20872f2cde285af5939e732db75219dd56377a106bc1 Loading...

	megafile.cc/Plod/muckmody.rar	98 kB	2023-03-11	2023-03-11
Pretty URL megafile.cc/Plod/muckmody.rar IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:16:59 Last Seen2023-03-11 22:16:10 Times Seen1 Hash 5f80c8eb753898d27f5fb26afe52b14d eefa351bfc41556385afaaf718da738be44f7158 1457cd0f9f509a2452e9f1ab9f0f4b5fad2f27d7d91003f122367dac9b1b8fe5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 07:36:12 Times Seen106279 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js	19 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-25 20:59:34 Times Seen2345 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js	7.4 kB	2023-03-07	2024-02-08
Pretty URL unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-02-08 07:46:02 Times Seen604 Hash 6170d2a086cb1d5769c6fd1f76edf99b d61c541caceb4e5deb35d8642702b89091a8bb42 6fc678b64782a17a266b5675e195be5956efd7513fd228143901b427983df928 Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js	11 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:42 Last Seen2024-04-25 20:59:34 Times Seen707 Hash 27784b7376dd992368c71b6c5559f358 f86d2ac408c4de0d5281cf91d6ddfb93e5e5d2ff 11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js	59 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-25 20:59:34 Times Seen3276 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	nanouwho.com/1?z=4250688	17 kB	2023-03-11	2023-03-11
Pretty URL nanouwho.com/1?z=4250688 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:09 Times Seen1 Hash cfc42bbeb44bf5059b88c6e9a1ddac02 8f5f863d6d79d5e634265923ef13b4333920a6c5 b21f3fc1c0b855862caf5f4acb7553e515f2ca0940180b3faaea6c0549891bf1 Loading...

	mediasama.com/hentaiheroes/22/s/js/main.js	1.3 kB	2023-03-07	2024-03-04
Pretty URL mediasama.com/hentaiheroes/22/s/js/main.js IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2024-03-04 05:36:19 Times Seen58 Hash dee042800157426b09099ecf3eb7d004 f0a082059f6f9174869ce1f52b7ee6423a311641 4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587 Loading...

	megafile.cc/Plod/muckmody.rar	3.9 kB	2023-03-11	2023-03-11
Pretty URL megafile.cc/Plod/muckmody.rar IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:09 Times Seen1 Hash 814d04d76c52f7c646a3ef134aa79c14 a46cb8d15dc2b1f2f3d72201dd3e2d3e7c645124 ce9fe610ad54c64a06641b408777756f31a51d71ee1efaeec10eef5a250795dd Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:46:55 Times Seen37086552 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js	6.8 kB	2023-03-07	2023-03-17
Pretty URL unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-03-17 12:45:31 Times Seen1 Hash 504ad616f6fd714ea19cb18c5f002ec0 51fa2aebcca15418f3deb887e700062570f8d295 3f530043897758190014c6b777195dad6846a4f579ff416cf24829b5c702f33b Loading...

	megafile.cc/js/site.js	6.5 kB	2023-03-07	2023-12-13
Pretty URL megafile.cc/js/site.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-12-13 20:16:01 Times Seen190 Hash 643fea0198e4fb9e271ddd811cf34f68 0d8277c1cde619b82a6867bc17cfdbbcd6674a46 f68f8db8d8fe95d02e60e2f4f97c74e4eb521d845cee1c7d53bec6159dc92ad5 Loading...

	megafile.cc/sw.js	5.2 kB	2023-03-07	2023-06-27
Pretty URL megafile.cc/sw.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:39 Last Seen2023-06-27 15:25:24 Times Seen13 Hash 6f46986d6263ef4723170b6ac178d850 d7018ec249cbb6ec6117b66011b0c2de3733d445 94f76eaf36e004dbb0c87a78f6dcf238093a08ac326d4a2d1ab2cbe6ab010f57 Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-08	2023-03-12
Pretty URL tzegilo.com/stattag.js IP 104.21.84.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-12 10:48:49 Times Seen1 Hash d0de06f954f7dedba242231b0ec4052d 188d75bb9077832384f889dd15584845790bc146 efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16 Loading...

	nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db	377 kB	2023-03-11	2023-03-11
Pretty URL nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 21:45:06 Times Seen1 Hash 70630ea7c0776dd2a7cc3c3576d619fa 0dfe2a8b29c710d56d5c34530cb824aa9f6bb2c9 1d183ac4bcf181265fe408b7fb7fc69cb572e69d51b659045d470e7355ef33b2 Loading...

	mediasama.com/hentaiheroes/22/s/	66 B	2023-03-07	2023-04-05
Pretty URL mediasama.com/hentaiheroes/22/s/ IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash a34c74f5a0f4c82a893bd20da6a62f14 8a062e7b3d648e5a4bd24d63c34fb6d77bf8853a f8ad5d8fad94dc20cfc2d172435b5556d3ca13289566d16bb8a3f84ecaa11ef1 Loading...

	megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js	12 kB	2023-03-07	2024-04-04
Pretty URL megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-04 06:40:42 Times Seen473 Hash 2387078eae8410f7e540e3866bcb2fda 324d38dcb7f7bcb16b355b6afdbbc87bd089422d 59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 07:31:38 Times Seen261573 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	megafile.cc/Plod/muckmody.rar	103 B	2023-03-11	2023-03-11
Pretty URL megafile.cc/Plod/muckmody.rar IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:09 Times Seen1 Hash 7c80916d6088ccd14e6decb65018d3d7 5760e72c6026b21678c04d9b9a72c07a4d698bfa 3d7b2c703cbc2ad848928d99cc9f97ee3c7c71ee19fc76bd5091fe21eed046c9 Loading...

	http:text/javascript,window.pagespeed.psatemp%3D0%3B	27 B	2023-03-07	2024-04-04
Pretty URL http:text/javascript,window.pagespeed.psatemp%3D0%3B IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-04 06:40:42 Times Seen258 Hash f86030401d659579ca9f2dca91d7d691 bc05f88ca4d9dce8d78d6d39a3eed592ed714998 6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9 Loading...

	http:text/javascript,(function(s%2Cu%2Cz%2Cp)%7Bs.src%3Du%2Cs.setAttribute('data-zone'%2Cz)%2Cp.appendChild(s)%3B%7D)(document.createElement('script')%2C'https%3A%2F%2Ficlickcdn.com%2Ftag.min.js'%2C4250690%2Cdocument.body%7C%7Cdocument.documentElement)	193 B	2023-03-07	2023-06-27
Pretty URL http:text/javascript,(function(s%2Cu%2Cz%2Cp)%7Bs.src%3Du%2Cs.setAttribute('data-zone'%2Cz)%2Cp.appendChild(s)%3B%7D)(document.createElement('script')%2C'https%3A%2F%2Ficlickcdn.com%2Ftag.min.js'%2C4250690%2Cdocument.body%7C%7Cdocument.documentElement) IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:39 Last Seen2023-06-27 15:25:24 Times Seen7 Hash c092bf52889e0079ec60a2528584cb55 5c22cdd0d2d1415cd556081059732cc539b9615f b14e51a0b832914deed2152dbba7972822426ef5d05866fe24e0e8205946391f Loading...

	http:text/javascript,var%20sTime%3Dnew%20Date().getTime()%3Bvar%20countDown%3D10%3Bfunction%20UpdateCountDownTime()%7Bvar%20cTime%3Dnew%20Date().getTime()%3Bvar%20diff%3DcTime-sTime%3Bvar%20timeStr%3D''%3Bvar%20seconds%3DcountDown-Math.floor(diff%2F1000)%3Bif(seconds%3E%3D0)%7Bvar%20hours%3DMath.floor(seconds%2F3600)%3Bvar%20minutes%3DMath.floor((seconds-(hours3600))%2F60)%3Bseconds-%3D(minutes60)%3Bif(seconds%3CcountDown)%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Delse%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Ddocument.getElementById(%22download%22).innerHTML%3D'%3Cbutton%20id%3D%22download_file%22%20class%3D%22download_file%20btn%20btn-secondary%20btn%20disabled%22%3EPlease%20wait%20%3Cstrong%3E'%2BtimeStr%2B'%3C%2Fstrong%3E%20seconds%3C%2Fbutton%3E'%3B%7Delse%7B%24('.download_file').remove()%3B%24('%23download').append('%3Ca%20href%3D%22https%3A%2F%2Fmegafile.cc%2Fdl%2F6bd6e15c-d9f1-45ae-9792-4185ad3febcb%22%20download%3D%22muckmody.rar%22%20class%3D%22btn%20btn-info%22%3EDownload%20(681.25%20KB)%3C%2Fa%3E')%3BclearInterval(counter)%3B%7D%7DUpdateCountDownTime()%3Bvar%20counter%3DsetInterval(UpdateCountDownTime%2C500)%3Bconst%20swalWithBootstrapButtons%3DSwal.mixin(%7BcustomClass%3A%7BconfirmButton%3A'btn%20btn-falcon-info%20m-1'%2CcancelButton%3A'btn%20btn-falcon-danger%20m-1'%2Cinput%3A'text-dark'%7D%2CbuttonsStyling%3Afalse%7D)%0A%24(document).on('click'%2C'.qrcode'%2Cfunction(e)%7Be.preventDefault()%3Bvar%20link%3D%24(this).data('link')%3BswalWithBootstrapButtons.fire(%7BimageUrl%3Alink%2CshowCancelButton%3Afalse%2Cbackground%3A'%23121e2d'%2C%7D)%3B%7D)%3B	1.2 kB	2023-03-11	2023-03-11
Pretty URL http:text/javascript,var%20sTime%3Dnew%20Date().getTime()%3Bvar%20countDown%3D10%3Bfunction%20UpdateCountDownTime()%7Bvar%20cTime%3Dnew%20Date().getTime()%3Bvar%20diff%3DcTime-sTime%3Bvar%20timeStr%3D''%3Bvar%20seconds%3DcountDown-Math.floor(diff%2F1000)%3Bif(seconds%3E%3D0)%7Bvar%20hours%3DMath.floor(seconds%2F3600)%3Bvar%20minutes%3DMath.floor((seconds-(hours3600))%2F60)%3Bseconds-%3D(minutes60)%3Bif(seconds%3CcountDown)%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Delse%7BtimeStr%3DtimeStr%2B%22%22%2Bseconds%3B%7Ddocument.getElementById(%22download%22).innerHTML%3D'%3Cbutton%20id%3D%22download_file%22%20class%3D%22download_file%20btn%20btn-secondary%20btn%20disabled%22%3EPlease%20wait%20%3Cstrong%3E'%2BtimeStr%2B'%3C%2Fstrong%3E%20seconds%3C%2Fbutton%3E'%3B%7Delse%7B%24('.download_file').remove()%3B%24('%23download').append('%3Ca%20href%3D%22https%3A%2F%2Fmegafile.cc%2Fdl%2F6bd6e15c-d9f1-45ae-9792-4185ad3febcb%22%20download%3D%22muckmody.rar%22%20class%3D%22btn%20btn-info%22%3EDownload%20(681.25%20KB)%3C%2Fa%3E')%3BclearInterval(counter)%3B%7D%7DUpdateCountDownTime()%3Bvar%20counter%3DsetInterval(UpdateCountDownTime%2C500)%3Bconst%20swalWithBootstrapButtons%3DSwal.mixin(%7BcustomClass%3A%7BconfirmButton%3A'btn%20btn-falcon-info%20m-1'%2CcancelButton%3A'btn%20btn-falcon-danger%20m-1'%2Cinput%3A'text-dark'%7D%2CbuttonsStyling%3Afalse%7D)%0A%24(document).on('click'%2C'.qrcode'%2Cfunction(e)%7Be.preventDefault()%3Bvar%20link%3D%24(this).data('link')%3BswalWithBootstrapButtons.fire(%7BimageUrl%3Alink%2CshowCancelButton%3Afalse%2Cbackground%3A'%23121e2d'%2C%7D)%3B%7D)%3B IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:10 Times Seen1 Hash 07301369b18c4b438483ac61b4ed038e 2cd707b744184e5d781588024a7b6f2c4e7e6a08 62ef60f8d4ac1bb14f8ce39de9c363b9606de69f450d095df86b5f62f1c3a89b Loading...

	mediasama.com/hentaiheroes/22/s/	1.5 kB	2023-03-07	2023-04-05
Pretty URL mediasama.com/hentaiheroes/22/s/ IP 144.217.67.42 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash 4d9b111ab737a0a624f183fabc53f9e0 8f00b34fb084ab6d382adf2eaf39ce63d6c0a485 69e434a040e615971563c02e2d45d52b362510ba6131141e72f60f9208564a51 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 56cec86d2062369c1181696d8e57079d	42 B	2023-03-07	2023-12-17
Pretty Observations First Seen2023-03-07 01:23:52 Last Seen2023-12-17 23:38:32 Times Seen150 Hash 56cec86d2062369c1181696d8e57079d a829bc3ec7acab468fc649127853881751b2e61d 2477b814b8ad1a91f87132c07e73e884d9448987538b5be15f5292327cbbca6f Loading...

	#2 Eval - 83b06f960af85c44c3d98276968bf329	80 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:10:09 Last Seen2023-03-11 20:10:09 Times Seen1 Hash 83b06f960af85c44c3d98276968bf329 ed3c1360a058d70486ccda06afd965a0edcab4ea c36ce926b338b6ba7e6a33451d9fcbafd0f596f0abbb033afd2f88c19d374758 Loading...

	#3 Eval - f96d83934e83b7c3439361709c1e29e0	82 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 01:23:52 Last Seen2024-02-12 04:31:14 Times Seen101 Hash f96d83934e83b7c3439361709c1e29e0 4885eab8ff5ca4b045c71e7dab5b30474774be97 00e41f092e36fcf832d3f2482e988d3d32d25444d754f76a13fc41d07a5e4586 Loading...

		Size	First Seen	Last Seen
	#1 Write - 763f7f1aec350cd1a46238d1d5c3c229	7 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-26 06:16:51 Times Seen1024 Hash 763f7f1aec350cd1a46238d1d5c3c229 b4ee6522335b033249255b4cc1d572993282aafb 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5 Loading...

HTTP Transactions (93)

URL IP Response Size

megafile.cc/Plod/muckmody.rar

138.201.48.112

301 Moved Permanently

162 B

URL HTTP/1.1
megafile.cc/Plod/muckmody.rar
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /Plod/muckmody.rar HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 15:25:49 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megafile.cc/Plod/muckmody.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13701
Expires: Fri, 25 Nov 2022 19:14:10 GMT
Date: Fri, 25 Nov 2022 15:25:49 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:49 GMT
Last-Modified: Fri, 25 Nov 2022 14:46:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11725
Expires: Fri, 25 Nov 2022 18:41:14 GMT
Date: Fri, 25 Nov 2022 15:25:49 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 15:19:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 400
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1GWRjOqGWtGUFZyWaZcdHw5kFCs2l/djFyLeFRmn86ig3yrIZOShlXXwXC7mqMJjAArnRooVdPw=
x-amz-request-id: G96MSC00YEWV5Z6N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 14:43:52 GMT
age: 2517
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

megafile.cc/css/theme.min.css

138.201.48.112

200 OK

75 kB

URL HTTP/2
megafile.cc/css/theme.min.css
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
75 kB (74660 bytes)
Hash
f007a5fedaae8c4b6b09ad257e793705
5dfb33189703b79058a8c8b0fe80ef45efd156dc
cc19d724d6299bd2c720e998d4953ee46a2486dbea6c52d8d0eac2b0050cd8a1

HTTP Headers

GET /css/theme.min.css HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/css
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74660
etag: W/"PSA-aj-KFkkUdcMAX"
date: Fri, 25 Nov 2022 15:25:49 GMT
expires: Mon, 22 Nov 2032 11:32:01 GMT
cache-control: max-age=315345971
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 15:08:53 GMT
cache-control: public,max-age=3600
age: 1016
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

megafile.cc/img/logo-mega-info.webp

138.201.48.112

200 OK

48 kB

URL HTTP/2
megafile.cc/img/logo-mega-info.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
48 kB (47744 bytes)
Hash
24b5e70e71e83c8c562ac2d40374fea0
b6679e95ff055f03b9f3cd01b42266e75e491447
fa36bc0ece4ea1b26647c9f1ec5f22558d000e32549edfbba2089e866f83ae72

HTTP Headers

GET /img/logo-mega-info.webp HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:49 GMT
content-type: image/webp
content-length: 47744
last-modified: Sat, 04 Jun 2022 20:46:27 GMT
vary: Accept-Encoding
etag: "629bc4a3-ba80"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2

megafile.cc/img/main/footer.webp

138.201.48.112

200 OK

243 kB

URL HTTP/2
megafile.cc/img/main/footer.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
243 kB (243166 bytes)
Hash
49fd922b97901a44010fad28a7a0cc64
253a5c0e3063b4c30fffaeb114ffd18b6cc10187
538f51f2ee8976117cb2791163a6baa5d5e029f2a05b902464707c317fc29f6c

HTTP Headers

GET /img/main/footer.webp HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:49 GMT
content-type: image/webp
content-length: 243166
last-modified: Sat, 04 Jun 2022 21:06:56 GMT
vary: Accept-Encoding
etag: "629bc970-3b5de"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

104.17.24.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65345)
Size
14 kB (14374 bytes)
Hash
642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10269868
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC6bfEOR%2B4YArR95U4KBcMXtydWBR0VvmLeMR5zC5y5s5oeexPCKFyCxDF5CRkZw1B6LL6J3h74zfao09bw4fLjcrXlcT0uyPH1CAcyDRl8uN2CMG16ndLcNGPVI0eO3mbem4Cjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb6633e9aa0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1203675
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdxPkoDPMmQleG%2Fc67QbzqwxA7UMmndPEmrlTS37SwpSfZmKT%2F%2BvUY7XvgVK9xQWaxAS%2BG%2Bo6LnC0I9KOrhhw%2B%2Bkt1pwJax1dFffIlDApUEkhITm4FITHaieMXb7BWkD%2Bb3IZ%2BIQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663409c90af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js

104.17.24.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65370)
Size
30 kB (29707 bytes)
Hash
d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e

HTTP Headers

GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10433838
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TixVyehIEJDJm%2BJ%2BNTxxHqkLBfMsH5faC5YO03xnvzBk8NjZM2QD1BENY%2F6a%2B7%2F91piUlgKbZesYbadsbuOL8KIMscKfDahmb4CCxtQUkcYIcbEXz6ILFSe0BKvTQvvvuvpR1Uds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663409c80af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js

104.17.24.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58940)
Size
15 kB (14584 bytes)
Hash
28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362

HTTP Headers

GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 771691
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHTjsqaJoM5s6KxALkBt69bPmX%2Bc9A7r28KRl6binCTao%2B8owI2W2XHgdrlKh1Vi6LvD8DXae7XTfB15KNs%2BXTpv35pS7tZA7fpi6H0PMiSVNSwN1hGPqqRluw9O5jF8VBx54Xa4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663419dd0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js

104.17.24.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (10584)
Size
3.0 kB (3000 bytes)
Hash
e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a

HTTP Headers

GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1979815
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKtMH631LImqTQSpBbxTSCr7ddjm7IJAO2Dwncx%2BVNlXQfb2w6QQhi8%2B9q7H3TV7LhLZfU2yLPG6x3XSoqx%2Bi3gLN%2Be0YiraSwI9Nn4SudVjqwERzbbXgoKbwmVZN7z7SY7NWLF%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663419e10af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js

104.17.24.14

200 OK

6.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18706)
Size
6.0 kB (6037 bytes)
Hash
3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d

HTTP Headers

GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1271890
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK7LpKfFyRx655U3s2vNV2x3GlR50yWJFBVTkI%2Bp0MqZ2F8gGEck2i5EfpIqSxLiVfYOGN4NSDH1rHCgnBKSFhw1ayrn0SZ7pSrET2pd2WCZJGKX9TAXalipy8SpIhxu6rRmbQe%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663419d90af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js

104.17.24.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65370)
Size
30 kB (29707 bytes)
Hash
d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e

HTTP Headers

GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10433838
expires: Wed, 15 Nov 2023 15:25:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRKMOZBKU8Kq5V9XGdYIdvznJPqKudqJvLEXCxp6iQz%2FqYEwMK07x8DG34fKPkamec1xeZtuagnuRUa1zXnfN0MG2p402gj9axPxYi1ZNnCYtZtbdF4rDam7VlIcdZZlgEKhkmIZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76fb663429ef0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megafile.cc/js/site.js

138.201.48.112

200 OK

2.0 kB

URL HTTP/2
megafile.cc/js/site.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5640)
Size
2.0 kB (1993 bytes)
Hash
a779d1605363c034784168e0553fee12
203adaeac5eec419f7bdf4ba6840c9378c9692e5
0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6

HTTP Headers

GET /js/site.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Fri, 25 Nov 2022 15:25:50 GMT
expires: Mon, 22 Nov 2032 11:32:01 GMT
cache-control: max-age=315345970
X-Firefox-Spdy: h2

megafile.cc/sw.js

138.201.48.112

200 OK

2.4 kB

URL HTTP/2
megafile.cc/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5209), with no line terminators
Size
2.4 kB (2363 bytes)
Hash
60024048781353f7bc51300aff2ef6f3
fc88d0f69d4a5eff9deed7f510ddc842308cb0cb
a6e21637c84e841563ca45be1191fb5a294d9bd11b64e90dca4b735ad6f6b707

HTTP Headers

GET /sw.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-original-content-length: 5236
vary: Accept-Encoding
content-encoding: gzip
content-length: 2363
etag: W/"PSA-aj-b0aYbWJj70"
date: Fri, 25 Nov 2022 15:25:50 GMT
expires: Mon, 22 Nov 2032 11:32:01 GMT
cache-control: max-age=315345970
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
37421d0455431f58cbdbbd9300326121
bb2f721cf76c55dd3c3e0bcedf7cdeb7d2601261
071386cdf61026fbbfe6c87ba1ea655434735b7fbf4d5c41645fd692f486ea76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=90417
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Etag: "637f85c8-117"
Expires: Sat, 26 Nov 2022 16:32:47 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
37421d0455431f58cbdbbd9300326121
bb2f721cf76c55dd3c3e0bcedf7cdeb7d2601261
071386cdf61026fbbfe6c87ba1ea655434735b7fbf4d5c41645fd692f486ea76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=90417
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Etag: "637f85c8-117"
Expires: Sat, 26 Nov 2022 16:32:47 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3429
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Last-Modified: Fri, 25 Nov 2022 14:28:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.85.229

200 OK

18 kB

URL HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43295)
Size
18 kB (18033 bytes)
Hash
d1c014750780316b0165f72b7c5dbdfa
f6304c0a6d279485b2729de0213500a9cbcd5b5a
bfa1a4e1470d6f6bb522befcef6c60098ecfae855c4dfe9157c5a81ebac45bc6

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.14
x-jsd-version-type: version
etag: W/"fb49-+/dZCApQZmEeYYbR5fA6SnpuL68"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 15:25:50 GMT
age: 12673
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18033
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js

104.16.124.175

200 OK

3.9 kB

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.9 kB (3873 bytes)
Hash
836e345b1894912d1a38d217966890b4
3fada2223ec2776af741bec9594aa06a6dd1966f
5b9116212aaf84d27a2c600e419a6f01bf4b851b1cf8769641a200b015ae287f

HTTP Headers

GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 17216902
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fb6634bcc9b527-OSL
content-encoding: br
X-Firefox-Spdy: h2

megafile.cc/img/logo-mega-info.png

138.201.48.112

200 OK

179 kB

URL HTTP/2
megafile.cc/img/logo-mega-info.png
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 4167 x 4167, 8-bit/color RGBA, non-interlaced\012- data
Size
179 kB (179409 bytes)
Hash
2e0ba32bb3fad3ba8048f1bf5c697931
9abc4eec9254ec6dd28bd5493604a1fdd13e0895
bb5076513ee0effdab48ff5826a0e8f02b4eb03d4e04eef3e0ea157f2feffa23

HTTP Headers

GET /img/logo-mega-info.png HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 179409
etag: "629bc4a3-2bcd1"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 25 Nov 2022 15:25:28 GMT
expires: Fri, 25 Nov 2022 15:30:28 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d22e5a12a7f20c773d8bf6c5a40ac26d
2c34c10a3c0975877ad1ae08bd4596c88a953ab2
04bb4df1f6afbc93ffb910c83ce273cc47bff4b1e9e33fb9c35934ade15fc392

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3367
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Last-Modified: Fri, 25 Nov 2022 14:29:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JbgItYMwqUh6EY4KAh1FRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qL3VFcOmSPbsy+Cc1XRRdgZDP5o=

megafile.cc/ngx_pagespeed_beacon?url=http%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar

138.201.48.112

204 No Content

0 B

URL HTTP/2
megafile.cc/ngx_pagespeed_beacon?url=http%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
cache-control: max-age=0, no-cache
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js

138.201.48.112

200 OK

4.5 kB

URL HTTP/2
megafile.cc/pagespeed_static/js_defer.I4cHjq6EEP.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (534)
Size
4.5 kB (4467 bytes)
Hash
be2bcedb4d271961b761bee94ac696ed
734fcbac88635e48cfe355c7004cbbd199eaf9e0
6f2c165015cbc30ce0706a81b226d628e16ae554ea5d51e95202ea2fbbe41e06

HTTP Headers

GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/Plod/muckmody.rar
Cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
date: Fri, 25 Nov 2022 15:25:49 GMT
last-modified: Fri, 25 Nov 2022 15:25:49 GMT
cache-control: max-age=315360000
etag: W/"0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=153458
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Etag: "63807a6d-118"
Expires: Sun, 27 Nov 2022 10:03:28 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=153458
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:50 GMT
Etag: "63807a6d-118"
Expires: Sun, 27 Nov 2022 10:03:28 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4330c15cbec5a3d8735a66499971ca16
febc3a5d12f6def79afd74003b370d054e713196
3f1ebf6792cb8c53345a7378cef23d086f94e57aa9b3826e17c51ec5555edd5d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F1EBF6792CB8C53345A7378CEF23D086F94E57AA9B3826E17C51EC5555EDD5D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13070
Expires: Fri, 25 Nov 2022 19:03:40 GMT
Date: Fri, 25 Nov 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a5c1b54daca67c400e76b7224ae5521
2583cebe55e8d1bfe6c921d595d8d36cf480ff2f
941e5441730c4558040e0decdec018ff15dad6abc6be4858c6417f2e941dbcbd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "941E5441730C4558040E0DECDEC018FF15DAD6ABC6BE4858C6417F2E941DBCBD"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17748
Expires: Fri, 25 Nov 2022 20:21:38 GMT
Date: Fri, 25 Nov 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e68c324e41ae169558e89399b1b4d40c
919c280129abd6ecf072365f561115a13cf5f443
01a6529c43f106c52d7ea6c95de88e33ee12b7adfa79ca79480746f8bf76400f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01A6529C43F106C52D7EA6C95DE88E33EE12B7ADFA79CA79480746F8BF76400F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5625
Expires: Fri, 25 Nov 2022 16:59:35 GMT
Date: Fri, 25 Nov 2022 15:25:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
59c1adfb2a09cc500ad2b6631ff9e7c8
f103db395786d68c4983c036b55888f235eb4194
62e1acf4fae269659ef8e273ffa40b1ff252b4af63276dd1eea973e4676bfaf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E1ACF4FAE269659EF8E273FFA40B1FF252B4AF63276DD1EEA973E4676BFAF8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12537
Expires: Fri, 25 Nov 2022 18:54:47 GMT
Date: Fri, 25 Nov 2022 15:25:50 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=138fe010f41f49feaa871a450d5e5eba

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=138fe010f41f49feaa871a450d5e5eba
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
488a92fbb1f0dfec95f01e742a38097d
e40054e2618e98d3301b2bbad086610f6d99513b
52f6752243bb4ddb1523c42cf328c673491abfaae2694864dc0ade5790c23083

HTTP Headers

GET /gid.js?userId=138fe010f41f49feaa871a450d5e5eba HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ibrapush.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3=

139.45.197.250

200 OK

664 B

URL HTTP/2
ibrapush.com/zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
61b8e425f14abb04a28256d7bbfcf9bb
8f5ef264bdfb8cee94436e1df0cebb6ffa55a0f3
7a54762394e3d98ad90830d3d762d0aa4243b6e1983f1c05948776c41a3bc82d

HTTP Headers

GET /zone?pub=0&zone_id=4250689&is_mobile=false&domain=megafile.cc&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 154aa61ae3791fb7d52e491571114a73
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/universal.min.js?v=3.1.405

139.45.197.250

200 OK

34 kB

URL HTTP/2
ibrapush.com/pfe/current/universal.min.js?v=3.1.405
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
34 kB (33975 bytes)
Hash
e35377dfc911297b8fb3842966874c61
9ed95f9700e3e5820e14eb25eb3f62b7a6d4d2b9
e4acd92ebb64745556ba4b2be9c448e7a9844c8107c8bda4a7ae8c65f388b8b7

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=597444,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fb6638ed40b509-OSL

datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

37.48.68.71

200 OK

12 B

URL HTTP/1.1
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
37.48.68.71:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 898
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 15:25:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://megafile.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db

139.45.197.242

200 OK

123 kB

URL HTTP/2
nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
data
Size
123 kB (123070 bytes)
Hash
a864f6880b935c360f0060605b459f9f
0a3d527c59d1748cd2cd7d16da6097e548bef649
36d4b14433eb8094c6f520fb1c3e49292d5e67845b2028ca801d6d2a5138bebb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=176b4b56080b47f795b510d1b3d5a902; oaidts=1669389950
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Content-Type: application/json
Origin: https://megafile.cc
Content-Length: 757
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c66b44282726d5524f8eeee9f9c31046
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=138fe010f41f49feaa871a450d5e5eba

139.45.197.242

204 No Content

0 B

URL HTTP/2
nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=138fe010f41f49feaa871a450d5e5eba
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=138fe010f41f49feaa871a450d5e5eba HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

139.45.197.242

200 OK

2.8 kB

URL HTTP/2
nanouwho.com/9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=138fe010f41f49feaa871a450d5e5eba
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (6590), with no line terminators
Size
2.8 kB (2776 bytes)
Hash
19dc1600d6520a24d8a522b7c23783ab
8fddf62cbbb0e17c170bf56015693412aa5a1789
88e60cee9897e0afbc28bbcb56159d0a91598ed6fd3566f459a281092a522e1a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /9?z=4250688&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=138fe010f41f49feaa871a450d5e5eba HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 109
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: scm=1; OAID=176b4b56080b47f795b510d1b3d5a902; oaidts=1669389950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: cd77ad0b683bc0d813e723ebe2460944
access-control-expose-headers: X-Sc
set-cookie: OAID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:51 GMT; secure; SameSite=None
oaidts=1669389950; expires=Sat, 25 Nov 2023 15:25:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=ciPQAbPm9qiXpjZR9PuWnkj3OlJBDUeBJbfTc3XOkKXjg140cLSsUk-EwN4hxEmNxU60mOx5nlxiwr9uUxo6KG9e48_fxGx2bbJwQ78CyrOHPzMVz-LNWAPz-gmwU_qiJWeZkPMt2pVYHII2yShy6YDIVuGNhtrH_g_hqVtnGWiTTHBe1xOCPTopn9CnNlWT5_5Q0G1i5ub8Cnl6Ll-YBlyVc6qd-YF0z_qrxO2rUDY%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4e7345bd-ef9b-4f4f-95ce-ebd1bd0ab398&userId=138fe010f41f49feaa871a450d5e5eba&m=link

139.45.197.243

200 OK

1.7 kB

URL HTTP/2
onmarshtompor.com/?rb=ciPQAbPm9qiXpjZR9PuWnkj3OlJBDUeBJbfTc3XOkKXjg140cLSsUk-EwN4hxEmNxU60mOx5nlxiwr9uUxo6KG9e48_fxGx2bbJwQ78CyrOHPzMVz-LNWAPz-gmwU_qiJWeZkPMt2pVYHII2yShy6YDIVuGNhtrH_g_hqVtnGWiTTHBe1xOCPTopn9CnNlWT5_5Q0G1i5ub8Cnl6Ll-YBlyVc6qd-YF0z_qrxO2rUDY%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4e7345bd-ef9b-4f4f-95ce-ebd1bd0ab398&userId=138fe010f41f49feaa871a450d5e5eba&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (2232), with no line terminators
Size
1.7 kB (1689 bytes)
Hash
b246a38c6732c656dd54a7790cd34ac4
60fce4902b7c50d309de9db71f51710773d27c7d
a978162a07579c263ac1ca9115c971d054b123079ae6dee0f14a5b17eb08005e

HTTP Headers

GET /?rb=ciPQAbPm9qiXpjZR9PuWnkj3OlJBDUeBJbfTc3XOkKXjg140cLSsUk-EwN4hxEmNxU60mOx5nlxiwr9uUxo6KG9e48_fxGx2bbJwQ78CyrOHPzMVz-LNWAPz-gmwU_qiJWeZkPMt2pVYHII2yShy6YDIVuGNhtrH_g_hqVtnGWiTTHBe1xOCPTopn9CnNlWT5_5Q0G1i5ub8Cnl6Ll-YBlyVc6qd-YF0z_qrxO2rUDY%3D&request_ab2=96001&zoneid=4250690&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4e7345bd-ef9b-4f4f-95ce-ebd1bd0ab398&userId=138fe010f41f49feaa871a450d5e5eba&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: application/json
x-trace-id: 082fae9d36651e1e4db07cef396f3ef4
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:51 GMT; path=/; secure; SameSite=None
oaidts=1669389951; expires=Sat, 25 Nov 2023 15:25:51 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 02 Dec 2022 15:25:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/500/4250687?excludes=&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4250687?excludes=&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4250687?excludes=&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17054ba5605a5e3265c0007f0bcb3054
278c2e5beb8f5764e12d3ff71567bf4c48006e8d
9f2999a85c93fde1a188b2685eb3994e7d73329d5ed6ffb62f8434e223a0382e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F2999A85C93FDE1A188B2685EB3994E7D73329D5ED6FFB62F8434E223A0382E"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2741
Expires: Fri, 25 Nov 2022 16:11:32 GMT
Date: Fri, 25 Nov 2022 15:25:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12773
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 15:25:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12773
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 15:25:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12773
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 15:25:51 GMT
Connection: keep-alive

tzegilo.com/stattag.js

104.21.84.149

200 OK

5.7 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.84.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12966), with no line terminators
Size
5.7 kB (5735 bytes)
Hash
4f759a45e7b3521d110cc4bfaab66f86
54c204fd3bf2dc4550c465e038251c62b52ac5e2
97b111f938886c7eb9b4c6cc344e86db5f76025fd95e28b94e3c230b8fc0b8cc

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4231
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZlfqqv2U%2Bg%2FOf3pXXKb0cYLj5Qfoht3LI3P5lw6a59WRDp5Zyr10ShWnXUp5Jr4CoNxJ6HGxi7S1UlbMqhzpG1eYfpdfn98VrZaMfpc%2FIumuVg52dnMCDVG%2BgXAuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fb66383a840afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12773
Expires: Fri, 25 Nov 2022 18:58:44 GMT
Date: Fri, 25 Nov 2022 15:25:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4270 bytes)
Hash
648677a7e7bab1896a190d2e5fb7243c
6217a262002244ef3f2e8034076a735cafd9888a
72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4270
x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xFwXoAMFkqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rKROwsZ-X8yDd4iVaYBaNFe6bgHaThxafIt76PBgLoOTrPMqAVQ9iQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:22:43 GMT
age: 61388
etag: "6217a262002244ef3f2e8034076a735cafd9888a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fe29cf8b79ffa4c0adb3ab4ca8265a83
e9d128a7b2c275f0bb0e7c0b9707b769b150f7db
4b543fabe82e66efbae309130363c09e8209582c288fa2f81831b7b9c7ffa078

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: max-age=127353
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:51 GMT
Etag: "63801531-117"
Expires: Sun, 27 Nov 2022 02:48:24 GMT
Last-Modified: Fri, 25 Nov 2022 01:06:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3955 bytes)
Hash
4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 39771
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:46:20 GMT
age: 27571
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8006 bytes)
Hash
8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 63072
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 63478
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

139.45.197.237

200 OK

13 kB

URL HTTP/2
betotodilea.com/500/4250687?excludes=&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
13 kB (12906 bytes)
Hash
7f9824758d35cdacc61115700d1021bd
9015158d9d94abba09ea125d80e80dd6b8ea0dcc
095d5523d42370a69a253da9efe976705851d39c39ca28b2b200078e004e1b93

HTTP Headers

GET /500/4250687?excludes=&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=2193dbe6b1ce46c882ed3f17bae81bf8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: application/javascript
x-trace-id: 7261cb975fe3568112b46bab19250738
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megafile.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

offerimage.com/www/images/5f22624db7437e4fcaa7b047f57da38a.png

172.67.22.216

200 OK

2.5 kB

URL HTTP/2
offerimage.com/www/images/5f22624db7437e4fcaa7b047f57da38a.png
IP
172.67.22.216:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2530 bytes)
Hash
5f22624db7437e4fcaa7b047f57da38a
f22bcd530fc732bc470dc0983ab70a59920126f4
b703b099a1da49f9a80fc7dc79073caf5aaf2ea9d72c36a57a6617937340a923

HTTP Headers

GET /www/images/5f22624db7437e4fcaa7b047f57da38a.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:51 GMT
content-type: image/png
content-length: 2530
last-modified: Tue, 22 Nov 2022 22:14:45 GMT
etag: "637d49d5-9e2"
expires: Fri, 25 Nov 2022 22:20:28 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 61518
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fb663dcd3eb4e8-OSL
X-Firefox-Spdy: h2

mediasama.com/hentaiheroes/22/s/

144.217.67.42

200 OK

1.5 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1500 bytes)
Hash
e40cc2f1d4301f91421ce2859b3ce9c3
3a0cfef6f1d6dfa4f9698c72a6dfe35ecb9047ef
f0569656de507e0e7e8898708ede07e5b128e8344d80c2d6fbf139dadceafb12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /hentaiheroes/22/s/ HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:51 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:48 GMT
ETag: "175e-5d8098dbf8f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1500
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 15:30:11 GMT
expires: Fri, 24 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 86140
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 15:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mediasama.com/hentaiheroes/22/s/styles.css

144.217.67.42

200 OK

2.4 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/styles.css
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (420)
Size
2.4 kB (2406 bytes)
Hash
8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98

HTTP Headers

GET /hentaiheroes/22/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:51 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:48 GMT
ETag: "2638-5d8098dce9b6b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css

mediasama.com/hentaiheroes/22/s/js/main.js

144.217.67.42

200 OK

549 B

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/js/main.js
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
549 B (549 bytes)
Hash
d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /hentaiheroes/22/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:58 GMT
ETag: "516-5d8098e646333-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript

mediasama.com/hentaiheroes/22/s/audio/btn_1.mp3

144.217.67.42

206 Partial Content

20 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/audio/btn_1.mp3
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
20 kB (20321 bytes)
Hash
d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /hentaiheroes/22/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:49 GMT
ETag: "4f61-5d8098dd2a2ab"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg

mediasama.com/hentaiheroes/22/s/img/1.jpg

144.217.67.42

200 OK

343 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/1.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
343 kB (342819 bytes)
Hash
261ae81540184eed653580a9c3cf99f0
3ea16580255cd6f906792446ad57ae2a96692c29
b342b406e4abe1cc9c7991638ab0afdcb91f223a566f193342ec06150515ea6f

HTTP Headers

GET /hentaiheroes/22/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:49 GMT
ETag: "53b23-5d8098dddfcec"
Accept-Ranges: bytes
Content-Length: 342819
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/2.jpg

144.217.67.42

200 OK

462 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/2.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
462 kB (461917 bytes)
Hash
7943e98ba6a2560db7912f45c267c66b
322d698d1acf50e7616d0f776d02d699dd4ef7fb
60c939dab27c6ee7d53b2ae6116ab00628e5fa8d646970c89203bc479b0087f9

HTTP Headers

GET /hentaiheroes/22/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:51 GMT
ETag: "70c5d-5d8098df9454d"
Accept-Ranges: bytes
Content-Length: 461917
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/5.jpg

144.217.67.42

200 OK

360 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/5.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
360 kB (359692 bytes)
Hash
3a854f6c9d34e4095b874c712e1bcee0
b477c19f4ac016a2e0a8f36c9f4e91d074dd0552
6f3ae6bc38afe0590c280d6710455f8616df0a500dd45c8439e138b5716ec562

HTTP Headers

GET /hentaiheroes/22/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:55 GMT
ETag: "57d0c-5d8098e362f10"
Accept-Ranges: bytes
Content-Length: 359692
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/7.jpg

144.217.67.42

200 OK

372 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/7.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
372 kB (371818 bytes)
Hash
27b6dbe827d236ff44790d59d29d686f
0c7f1ac2d7a18e47164cbf643c397390d6d73510
33d1a087ed9c8f16fd9477b007f1a483edf4ecbac7991c1501e2ae0c99835075

HTTP Headers

GET /hentaiheroes/22/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:55 GMT
ETag: "5ac6a-5d8098e2af410"
Accept-Ranges: bytes
Content-Length: 371818
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/4.jpg

144.217.67.42

200 OK

279 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/4.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
279 kB (279079 bytes)
Hash
8c890eef6a31512d5cd9c373744e1327
58165207f6f8f09cad708a8cd9082f7c4c2d29da
e5576157a1d82f4dc4eda82c813e989d894b81a8414034567546ca4236d9b1cd

HTTP Headers

GET /hentaiheroes/22/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:56 GMT
ETag: "44227-5d8098e4292f1"
Accept-Ranges: bytes
Content-Length: 279079
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/8.jpg

144.217.67.42

200 OK

388 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/8.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
388 kB (388443 bytes)
Hash
6eeefb58172d4f266d568589477d893d
eb6504c9c240f5160b2acfd73e3df094a2d47a04
83bd932c2e2f769ff3d85440995f67c454cc7e01e165a7b54c6770fcf3b02722

HTTP Headers

GET /hentaiheroes/22/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:54 GMT
ETag: "5ed5b-5d8098e1f4baf"
Accept-Ranges: bytes
Content-Length: 388443
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/3.jpg

144.217.67.42

200 OK

340 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/3.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
340 kB (339771 bytes)
Hash
9dfd17fc96a15a3de68727df09a8da13
94ea754748adb054a9a8fb36581bdf6829671fcb
4b126f0d6a74c8b66a10a1003d856e7d71ab5ffafb28470e5b07a114786eceec

HTTP Headers

GET /hentaiheroes/22/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:51 GMT
ETag: "52f3b-5d8098dfc23ad"
Accept-Ranges: bytes
Content-Length: 339771
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/10.jpg

144.217.67.42

200 OK

283 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/10.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
283 kB (283076 bytes)
Hash
ba49a7b1320c4c2ebb9a31544276691b
392a00eb23ce5caeab5aacd7c4882e7d4fbcb948
f211b4c743465addd0944426025e868e847f2a4482d97dadaf6e04e961fe60d1

HTTP Headers

GET /hentaiheroes/22/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "451c4-5d8098dffadee"
Accept-Ranges: bytes
Content-Length: 283076
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/6.jpg

144.217.67.42

200 OK

383 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/6.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
383 kB (383030 bytes)
Hash
144b871814f9347ba8b32064fa1fc210
e101e3bf226640762f98c431c62cad3795dc297c
7a737450e072727561cc36b4fb6006317b013d60ebfa0a9a4142d77a938e7005

HTTP Headers

GET /hentaiheroes/22/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "5d836-5d8098dfd4c8d"
Accept-Ranges: bytes
Content-Length: 383030
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/9.jpg

144.217.67.42

200 OK

441 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/9.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
441 kB (440871 bytes)
Hash
dddf47702c4913e09dc3ac95cb3fbbe1
f91b79edbb86a84d744bd1ef636ac6bf9b2be31b
fa7a7b7c228713758a3aab37eed8c8db587901d8684845f6aa876910540f8e9b

HTTP Headers

GET /hentaiheroes/22/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:54 GMT
ETag: "6ba27-5d8098e27c790"
Accept-Ranges: bytes
Content-Length: 440871
Content-Type: image/jpeg

mediasama.com/hentaiheroes/22/s/img/11.jpg

144.217.67.42

200 OK

403 kB

URL HTTP/1.1
mediasama.com/hentaiheroes/22/s/img/11.jpg
IP
144.217.67.42:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
403 kB (402740 bytes)
Hash
c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2

HTTP Headers

GET /hentaiheroes/22/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 15:25:52 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "62534-5d8098e056aae"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg

betotodilea.com/impression/SvCIHo0i9tCj33y3vFvATyPbWhZKjoFwpuFkvzwSun2AEHYKeiqC3bgLQK_bDGFo82DKjqwZ8jAWXhxgwK3zIuN2QYDjvlA08Ijq624MUlRDkUjF4OxASIPXqn3anrzC0ndbsDP7S5ug3_ELwJHr6cR8J4bIgaK-0RI6ioio0xE_k0pDAKHvSK1S2j78D6AQxAotipbqz3voVUsJS2UGI_avD1spWcklwwklzPY_yrYrNlqmwGqzBvJJE5yQJYBloG7ySre0n9-d2PDQoAp8DZFFoegy-z9X4diMboReEVbpozPQ5ssIjXcBhzhfR84IDSqDm98o5Jdgfh_i1yM31IcqHAUkMujxMHLLZf6zb_idGHZttILwmjHQ7FAjt5w3TLU2uzfa60uF5V8wQIIZQfuAzslJ5LTGWfkI5DMIlermX4v3T9nhAhqSt4kv2PHUyyFNDvj5kX0nJjT2iCH8lzyaNhhxVOdeO2BarLX0Cx_mPncLQgrYfXn4m-0SHHwrmZ-m9bgvCpYLkbkPUDOSf4x2HmJcZUGnKVGkRkXUbZRkp156wLAqqCoahIrSuZ4Fh9Y53neTz08nLdfy4wfPXHxfhiQ_Y_4VNlXgznYnr2181m6uYLK7q-94oBJxb-z6VzQt78GERK832wBALdS2Xo7BcW7KIm8_MpJHUeitaEzazFa_bsDvGH8-bISmI835Y_ynHwSrIq_K5lvw3JBkxQt7Jdf5kue_FWbhEeQkAE0f36fa-zxF25hmmyWZTLgn?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
betotodilea.com/impression/SvCIHo0i9tCj33y3vFvATyPbWhZKjoFwpuFkvzwSun2AEHYKeiqC3bgLQK_bDGFo82DKjqwZ8jAWXhxgwK3zIuN2QYDjvlA08Ijq624MUlRDkUjF4OxASIPXqn3anrzC0ndbsDP7S5ug3_ELwJHr6cR8J4bIgaK-0RI6ioio0xE_k0pDAKHvSK1S2j78D6AQxAotipbqz3voVUsJS2UGI_avD1spWcklwwklzPY_yrYrNlqmwGqzBvJJE5yQJYBloG7ySre0n9-d2PDQoAp8DZFFoegy-z9X4diMboReEVbpozPQ5ssIjXcBhzhfR84IDSqDm98o5Jdgfh_i1yM31IcqHAUkMujxMHLLZf6zb_idGHZttILwmjHQ7FAjt5w3TLU2uzfa60uF5V8wQIIZQfuAzslJ5LTGWfkI5DMIlermX4v3T9nhAhqSt4kv2PHUyyFNDvj5kX0nJjT2iCH8lzyaNhhxVOdeO2BarLX0Cx_mPncLQgrYfXn4m-0SHHwrmZ-m9bgvCpYLkbkPUDOSf4x2HmJcZUGnKVGkRkXUbZRkp156wLAqqCoahIrSuZ4Fh9Y53neTz08nLdfy4wfPXHxfhiQ_Y_4VNlXgznYnr2181m6uYLK7q-94oBJxb-z6VzQt78GERK832wBALdS2Xo7BcW7KIm8_MpJHUeitaEzazFa_bsDvGH8-bISmI835Y_ynHwSrIq_K5lvw3JBkxQt7Jdf5kue_FWbhEeQkAE0f36fa-zxF25hmmyWZTLgn?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/SvCIHo0i9tCj33y3vFvATyPbWhZKjoFwpuFkvzwSun2AEHYKeiqC3bgLQK_bDGFo82DKjqwZ8jAWXhxgwK3zIuN2QYDjvlA08Ijq624MUlRDkUjF4OxASIPXqn3anrzC0ndbsDP7S5ug3_ELwJHr6cR8J4bIgaK-0RI6ioio0xE_k0pDAKHvSK1S2j78D6AQxAotipbqz3voVUsJS2UGI_avD1spWcklwwklzPY_yrYrNlqmwGqzBvJJE5yQJYBloG7ySre0n9-d2PDQoAp8DZFFoegy-z9X4diMboReEVbpozPQ5ssIjXcBhzhfR84IDSqDm98o5Jdgfh_i1yM31IcqHAUkMujxMHLLZf6zb_idGHZttILwmjHQ7FAjt5w3TLU2uzfa60uF5V8wQIIZQfuAzslJ5LTGWfkI5DMIlermX4v3T9nhAhqSt4kv2PHUyyFNDvj5kX0nJjT2iCH8lzyaNhhxVOdeO2BarLX0Cx_mPncLQgrYfXn4m-0SHHwrmZ-m9bgvCpYLkbkPUDOSf4x2HmJcZUGnKVGkRkXUbZRkp156wLAqqCoahIrSuZ4Fh9Y53neTz08nLdfy4wfPXHxfhiQ_Y_4VNlXgznYnr2181m6uYLK7q-94oBJxb-z6VzQt78GERK832wBALdS2Xo7BcW7KIm8_MpJHUeitaEzazFa_bsDvGH8-bISmI835Y_ynHwSrIq_K5lvw3JBkxQt7Jdf5kue_FWbhEeQkAE0f36fa-zxF25hmmyWZTLgn?_z=4250687&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=138fe010f41f49feaa871a450d5e5eba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:56 GMT
content-type: image/gif
content-length: 43
x-trace-id: a7d66fb4880e721d8704f907258f1a03
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/500/4250687?excludes=15811606&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4250687?excludes=15811606&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/4250687?excludes=15811606&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megafile.cc/
Origin: https://megafile.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:56 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megafile.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js

104.16.124.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJQNWAP80W36G8A3A29QR6YZ-ams
cf-cache-status: HIT
age: 455
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fb66349c9eb527-OSL
X-Firefox-Spdy: h2

bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.454.0

139.45.197.234

200 OK

0 B

URL HTTP/2
bedrapiona.com/5/4250690/?oo=1&js_build=iclick-v1.454.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5/4250690/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/json
x-trace-id: fc10c31119bec0a981947a536a0a1be3
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://megafile.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:50 GMT; path=/; secure; SameSite=None
oaidts=1669389950; expires=Sat, 25 Nov 2023 15:25:50 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

nanouwho.com/1?z=4250688

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/1?z=4250688
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1?z=4250688 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bc2d6af2b6e26d290039b8412ac6a896
access-control-expose-headers: X-Sc
x-sc: em8GqaAdGlUil5UTXNtITgOoN01Auk0-tdaSd0NKQgr4RsTc0q48aC8jDjufw0tEDyK53WtcTEGDRL2EhHZNa8VgJRI=
set-cookie: scm=1; expires=Sat, 25 Nov 2023 15:25:50 GMT; secure; SameSite=None
OAID=176b4b56080b47f795b510d1b3d5a902; expires=Sat, 25 Nov 2023 15:25:50 GMT; secure; SameSite=None
oaidts=1669389950; expires=Sat, 25 Nov 2023 15:25:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

iclickcdn.com/tag.min.js

104.26.12.118

200 OK

0 B

URL HTTP/2
iclickcdn.com/tag.min.js
IP
104.26.12.118:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 81fe81c498b6ffb5763e09910772f1f2
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:06:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 26 Nov 2022 05:56:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 34154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbXHhfw3ZITkKuYVprmV%2BgWKcwIegOeudyGGku0FbroUDc9khKsDKT8iLQ5Npwm%2BMCXqLe1OlQ0K3kmFMaaWrm3vcT75hWnPtOrjrzuk66%2FynlOfWr6JLDUhD89T%2FTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fb66367d0cb511-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js

104.16.124.175

200 OK

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megafile.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 12433194
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fb6634bcc6b527-OSL
content-encoding: br
X-Firefox-Spdy: h2

betotodilea.com/400/4250687

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/400/4250687
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /400/4250687 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: application/javascript
x-trace-id: f915bac844961d6345511df72a50e37b
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=2193dbe6b1ce46c882ed3f17bae81bf8; expires=Sat, 25 Nov 2023 15:25:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

megafile.cc/Plod/muckmody.rar

138.201.48.112

200 OK

0 B

URL HTTP/2
megafile.cc/Plod/muckmody.rar
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Plod/muckmody.rar HTTP/1.1
Host: megafile.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IkJNdTBwYXduNzJoUDhCQ0h5WUg2Zmc9PSIsInZhbHVlIjoiTW1CTWkyMGYyZEswdUQyeXViakpKZjZUbGdxclk5OWJJNjBMWXdMV3R2V1g1NllhVnBvdjlkZ3J3eEZlaElLck13bXhWOEZHY01CTmxEVGVMRHh2Mk11MzBqRVRBVmE5Y2JFOXlURWFucThvUTJncjJDL3F0bFZyUXVjVnJXWWgiLCJtYWMiOiIxZDY3OWJjNzE1MWUwYjI3ZDBjYmRhZTE5YmU1OGEzNTMwYzQzNDJiMGU5NTc5YmZjNjg3Nzg1ZjRmNjE5NWYyIiwidGFnIjoiIn0%3D; expires=Mon, 26-Dec-2022 15:25:49 GMT; Max-Age=2678400; path=/; samesite=lax
megafile_session=eyJpdiI6IlBWeWdDa0ZsRHJSR3lvdm5LOUdPNVE9PSIsInZhbHVlIjoiNGFueFVlcVp0RTlJWnVPYXRNM3RrMm54VG05YzRkbnM0NWlNenZyTENKS3JnMkZlaGNxTExQV3pQOHNWcVNYY2VqdHpTa1ZrSFhOdjZlR3BncDZWTDMxVnJkKzN1WUVNTWd4MEJyYVNGa21qVWlJVW1HdmxMeTE5c09yQ2tpWUUiLCJtYWMiOiJiYjU5NzMzYWNkMDExYzRlMjAxMzRlYTM4ODZiYzA1OGNiOWM5NjRmODI5NjRhNTY1ODllNWMxYjJlZDI3ZTFiIiwidGFnIjoiIn0%3D; expires=Mon, 26-Dec-2022 15:25:49 GMT; Max-Age=2678400; path=/; httponly; samesite=lax
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 25 Nov 2022 15:25:49 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js

104.16.124.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP
104.16.124.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megafile.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 25 Nov 2022 15:25:50 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJQP1B52CFPRDY4HSA9B1VG2-ams
cf-cache-status: HIT
age: 291
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fb6634acacb527-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 15:25:51 GMT
date: Fri, 25 Nov 2022 15:25:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/4250687?excludes=15811606&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /500/4250687?excludes=15811606&oaid=138fe010f41f49feaa871a450d5e5eba&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmegafile.cc%2FPlod%2Fmuckmody.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megafile.cc
Connection: keep-alive
Referer: https://megafile.cc/
Cookie: OAID=138fe010f41f49feaa871a450d5e5eba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 15:25:56 GMT
content-type: application/javascript
x-trace-id: 0c238abb9c825b64b877067288d7dd2a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megafile.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=138fe010f41f49feaa871a450d5e5eba; expires=Sat, 25 Nov 2023 15:25:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations