megastongh.sbs Open in urlscan Pro
162.241.87.185 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://megastongh.sbs/main
Effective URL:
http://megastongh.sbs/main/mega/login.php?l=secure
Submission: On October 24 via api (October 24th 2021, 4:03:04 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 162.241.87.185, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is megastongh.sbs.

This is the only time megastongh.sbs was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Paxful (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 13	162.241.87.185 162.241.87.185	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
15	3

13 162.241.87.185 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-87-185.unifiedlayer.com

megastongh.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	megastongh.sbs 1 redirects megastongh.sbs	4 MB
2	gstatic.com fonts.gstatic.com	64 KB
15	2

	Domain	Requested by
13	megastongh.sbs	1 redirects megastongh.sbs
2	fonts.gstatic.com	megastongh.sbs
15	2

This site contains no links.

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://megastongh.sbs/main/mega/login.php?l=secure
Frame ID: 0FB3A1FAE83A39A02C6BE50F944A90C5
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paxful Accounts

Page URL History Show full URLs

http://megastongh.sbs/main HTTP 301
http://megastongh.sbs/main/ Page URL
http://megastongh.sbs/main/mega/login.php?l=secure Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4559 kB
Transfer

4556 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://megastongh.sbs/main HTTP 301
http://megastongh.sbs/main/ Page URL
http://megastongh.sbs/main/mega/login.php?l=secure Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://megastongh.sbs/main HTTP 301
http://megastongh.sbs/main/

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
megastongh.sbs/main/
Redirect Chain

http://megastongh.sbs/main
http://megastongh.sbs/main/

151 B
392 B

137ms
137ms

Document
text/html

162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Host: megastongh.sbs
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 24 Oct 2021 16:02:56 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 00:14:52 GMT
Accept-Ranges: bytes
Content-Length: 151
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Sun, 24 Oct 2021 16:02:56 GMT
Server: Apache
Location: http://megastongh.sbs/main/
Content-Length: 235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET login.php
megastongh.sbs/main/mega/ 0
0

GET
H/1.1 200
OK Primary Request login.php Show response
megastongh.sbs/main/mega/ 20 KB
20 KB 154ms
154ms Document
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/login.php?l=secure
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 3cbf07a018db39fe391ea9ce085b3d4a93943e8ca64cd8842f34d25847a56d2f

Request headers

Host: megastongh.sbs
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://megastongh.sbs/main/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/

Response headers

Date: Sun, 24 Oct 2021 16:02:56 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK vendors.chunk.css
megastongh.sbs/main/mega/fege/ 38 KB
38 KB 144ms
137ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/vendors.chunk.css
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:56 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 39070

GET
H/1.1 200
OK main.af63dc631e61fb87f6de.css
megastongh.sbs/main/mega/fege/ 4 MB
4 MB 250ms
123ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/main.af63dc631e61fb87f6de.css
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 7d060e3c8a16ee2f9262fe1e8a436d464d550e4e8b2caf95719f271f3e9610f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3977868

GET
H/1.1 200
OK css
megastongh.sbs/main/mega/fege/ 13 KB
13 KB 252ms
125ms Stylesheet
text/plain 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/css
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 1550ad0c9eccbed709f8652cda3509af300e42e93bf1dd0fd6f09433e392db22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13579

GET
H/1.1 200
OK index.js.download Show response
megastongh.sbs/main/mega/fege/ 157 KB
157 KB 254ms
127ms Script
application/javascript 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/index.js.download
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 1c68d6e7f449ced5d6b14207b0ed8c3bb0c55c5350e99dc72185304a46aae371

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 160969

GET
H/1.1 200
OK gettype.php Show response
megastongh.sbs/main/mega/fege/ 515 B
722 B 127ms
126ms Script
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/gettype.php
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: c370c516ab3d4461094bbcbd3734a8e70dc8e2c6e3390a5515955796a9319a9b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK fullpage.9.0.7.js.download Show response
megastongh.sbs/main/mega/fege/ 313 KB
313 KB 127ms
126ms Script
application/javascript 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/fullpage.9.0.7.js.download
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830

Request headers

Pragma: no-cache
Origin: http://megastongh.sbs
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Origin: http://megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 320282

GET
H/1.1 200
OK get.php Show response
megastongh.sbs/main/mega/fege/ 117 B
324 B 255ms
127ms Script
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/get.php
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 65b3a46be7aa4a03027d2c5cb109a5316bb1d149d2c850b90d68d993a93d7a75

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style_https.1.5.8.css
megastongh.sbs/main/mega/fege/ 40 KB
40 KB 252ms
125ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://megastongh.sbs/main/mega/fege/style_https.1.5.8.css
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40702

GET
H/1.1 200
OK https-label-91194ad43fc85d71e34a467282e95f23.webp
megastongh.sbs/main/mega/fege/ 1 KB
1 KB 126ms
126ms Image
image/webp 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://megastongh.sbs/main/mega/fege/https-label-91194ad43fc85d71e34a467282e95f23.webp
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 134f21ebaee6bd53399c56a6db3b8e30b767e8d6e0f4af10a18c71b48a395526

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:57 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:02 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1026

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 33ms
8ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/fege/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://megastongh.sbs/
Origin: http://megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 250605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 18:26:14 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 37ms
18ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/fege/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://megastongh.sbs/
Origin: http://megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 01:25:05 GMT
x-content-type-options: nosniff
age: 398274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 01:25:05 GMT

GET
H/1.1 200
OK file.png
megastongh.sbs/main/mega/fege/ 25 KB
25 KB 125ms
124ms Image
image/png 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://megastongh.sbs/main/mega/fege/file.png
Requested by: Host: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Server: 162.241.87.185 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 9f85870dd352c77d79b65b00827f4876cb1d5c8b5227376a56f474f409057396

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: megastongh.sbs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://megastongh.sbs/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 16:02:58 GMT
Last-Modified: Thu, 21 Oct 2021 00:01:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25463

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: megastongh.sbs
URL: http://megastongh.sbs/main/mega/login.php?l=secure

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paxful (Crypto Exchange)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
megastongh.sbs
megastongh.sbs
162.241.87.185
172.217.16.131
134f21ebaee6bd53399c56a6db3b8e30b767e8d6e0f4af10a18c71b48a395526
1550ad0c9eccbed709f8652cda3509af300e42e93bf1dd0fd6f09433e392db22
1c68d6e7f449ced5d6b14207b0ed8c3bb0c55c5350e99dc72185304a46aae371
3cbf07a018db39fe391ea9ce085b3d4a93943e8ca64cd8842f34d25847a56d2f
48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
65b3a46be7aa4a03027d2c5cb109a5316bb1d149d2c850b90d68d993a93d7a75
7d060e3c8a16ee2f9262fe1e8a436d464d550e4e8b2caf95719f271f3e9610f9
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
9f85870dd352c77d79b65b00827f4876cb1d5c8b5227376a56f474f409057396
c370c516ab3d4461094bbcbd3734a8e70dc8e2c6e3390a5515955796a9319a9b
dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

megastongh.sbs Open in urlscan Pro 162.241.87.185 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

13 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

4559 kBTransfer

4556 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

megastongh.sbs Open in urlscan Pro
162.241.87.185 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

4559 kB
Transfer

4556 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!