| megaup.net/themes/flow/images/main_logo_inverted.png | 91.209.70.182 | 200 OK | 7.1 kB |
URL GET HTTP/2megaup.net/themes/flow/images/main_logo_inverted.png IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typePNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced Hash5d15526be10b904a6b48d1af04a10cc3 c09b6874359ac6d71db95593618a9acb55baa984 894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/images/loading_small.gif | 91.209.70.182 | 200 OK | 184 kB |
URL GET HTTP/2megaup.net/themes/flow/images/loading_small.gif IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeGIF image data, version 89a, 64 x 64 Size184 kB (184355 bytes) Hashb0dd5b3af9c4c0644d7bddee83716209 30002468d0266b893b3559b8d0d260c6cbf0ad7c 2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js | 91.209.70.182 | 200 OK | 5.7 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15714), with CRLF line terminators Hash38c5167c8052d0c73892c3742b16e903 213ef9210b4a5c4e73a242e832a08f4abef69a74 743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-108868042-1 | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-108868042-1 IP142.250.74.168:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash1cd960d2de562780bda072080afe31af 21c5aa468fe6e649b98447d8fe8dbbf2c1a5ef03 f58ef3e7e08d1db47fc0844669807dadd0842027bc16022ad7c5827610e80ff7
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 11:19:55 GMT
expires: Tue, 16 Apr 2024 11:19:55 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31836, version 1.1 Hash4514fa5a5b3d1e0b14aa32a7d068124a e634977bfabc20ed15fe7ed03d3876cf68834b93 5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff | 91.209.70.182 | 200 OK | 31 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31344, version 1.1 Hash21f79e4c0fbe54a555170aa70bb4c8b7 9d4aaf2016cd21f16bc45089a48de84dba951fa7 2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31980, version 1.1 Hash99ac81a158028ac2023fb3350d2497e7 f08c12c91ab29282a616c3ba8e533f49b5b433ca 92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css | 91.209.70.182 | 200 OK | 7.6 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashed12cc46f06e67ca636a1ad8a717a7fd 570b3588ff8e186929233b93a6ecb0d7a76adbcb aed2be655d20468968674662b26c808a995b7288e82168ada025531738e766ba
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/a3JRanRETTIZSQglZCQXLx4XMiwbOhVaMg4UBA0+OkMpT0YpIxArUh8bNVdMXERiW0xNAjgOSVlLdxkACgYkGUlaVDgEEgRPdxxJWlxhREJbXGVMAVZDdx4EChVsW1IbBiUGSVpFYFlGXURiU0FeRmA | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/a3JRanRETTIZSQglZCQXLx4XMiwbOhVaMg4UBA0+OkMpT0YpIxArUh8bNVdMXERiW0xNAjgOSVlLdxkACgYkGUlaVDgEEgRPdxxJWlxhREJbXGVMAVZDdx4EChVsW1IbBiUGSVpFYFlGXURiU0FeRmA IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a3JRanRETTIZSQglZCQXLx4XMiwbOhVaMg4UBA0+OkMpT0YpIxArUh8bNVdMXERiW0xNAjgOSVlLdxkACgYkGUlaVDgEEgRPdxxJWlxhREJbXGVMAVZDdx4EChVsW1IbBiUGSVpFYFlGXURiU0FeRmA HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JajOzBeN1XXKUyuiX5sPY%2FLkw1jJpGPLjjj9ayxLTf09rrf%2FHYTjLiJImn8AwT1gPqt37MrafBxttOpToDt0fsONBrU1RE9xNFaoWL5Q1%2FYudzKeutb0iGiE9xmJXMuk%2BnfOxAgQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c78385687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/Y2tVdkVMVDYFeAYABxsnNwMFEnQ5MhEjMRs+E0IJMCMTLh0UBHMCLAdWbURwWlpkUDUKD2hFd0UYIRcxFhhoR2MKBTMZeEUdaEZrWkVnWHNFHmhHYxcbNBF4Uk0lAjEPVmRBdFBZY0B2Wl5gQ3M | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/Y2tVdkVMVDYFeAYABxsnNwMFEnQ5MhEjMRs+E0IJMCMTLh0UBHMCLAdWbURwWlpkUDUKD2hFd0UYIRcxFhhoR2MKBTMZeEUdaEZrWkVnWHNFHmhHYxcbNBF4Uk0lAjEPVmRBdFBZY0B2Wl5gQ3M IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y2tVdkVMVDYFeAYABxsnNwMFEnQ5MhEjMRs+E0IJMCMTLh0UBHMCLAdWbURwWlpkUDUKD2hFd0UYIRcxFhhoR2MKBTMZeEUdaEZrWkVnWHNFHmhHYxcbNBF4Uk0lAjEPVmRBdFBZY0B2Wl5gQ3M HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLs6NAiIm5YUpgasUtinCdHae8zs01M2WkQhokMotxpw3wA1ANQQmXuw8ho6bi6aX%2FyVeifap30UZO0jRuozZjJp5l3%2B3uY5UFZNcarZLMTRsfElQLEuudFb3yeu5FXyUKfbDmBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c68275687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/styles/file-upload.css | 91.209.70.182 | 200 OK | 2.0 kB |
URL GET HTTP/2megaup.net/themes/flow/styles/file-upload.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeassembler source, ASCII text Hashcb955fdb824b31e9b744b6aef1f99dfe de2a57a8524c1ad48078bd2e3003efdd2d668b27 b6264c4c05c786e5215a5fa9feb5a99a81c924bc26b3e962eeff230750a2d134
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/Mzl6ZUccBhkWelZsICojX1EwAXQCeBswARYLPAF3CkspVgUHaEhVYUdQHlh+BwBCU3MVSRMBegIBXBYzUk0PFnoCHxMLIVwEXBN6AhdKS3UdDFwQegIfDhUmVARLQzdHTRZYdgQISVdxBQpDUHIECA | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/Mzl6ZUccBhkWelZsICojX1EwAXQCeBswARYLPAF3CkspVgUHaEhVYUdQHlh+BwBCU3MVSRMBegIBXBYzUk0PFnoCHxMLIVwEXBN6AhdKS3UdDFwQegIfDhUmVARLQzdHTRZYdgQISVdxBQpDUHIECA IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Mzl6ZUccBhkWelZsICojX1EwAXQCeBswARYLPAF3CkspVgUHaEhVYUdQHlh+BwBCU3MVSRMBegIBXBYzUk0PFnoCHxMLIVwEXBN6AhdKS3UdDFwQegIfDhUmVARLQzdHTRZYdgQISVdxBQpDUHIECA HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7k3yDkIRBr%2Bk8N4A2iUdi6t8%2B2SiCFut7CrqTg8dB8zk3Bxt2p50XBUTGu6E72hdNPTbBYcOrDJouzZCR36hnIxe0h1j1G3o%2Bcbq4CSHNufiJ2JPsY8%2B6RpOc6qTRA4dJ%2BsKOesG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c88705687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/eFdxcXhXaBICRSxlPwIrFCdDJ0kIYBAfACoAKQESHQEVJB0/GlcFERxqRkdMSWNAVwgRM0xAXgsjEAUNC2pAVxEWMR5MXg5qQF9LTHlCR1ZMcQRMSV4jARAfRWZXAQwMO0xAT0lkQ0dOS25EREFK | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/eFdxcXhXaBICRSxlPwIrFCdDJ0kIYBAfACoAKQESHQEVJB0/GlcFERxqRkdMSWNAVwgRM0xAXgsjEAUNC2pAVxEWMR5MXg5qQF9LTHlCR1ZMcQRMSV4jARAfRWZXAQwMO0xAT0lkQ0dOS25EREFK IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eFdxcXhXaBICRSxlPwIrFCdDJ0kIYBAfACoAKQESHQEVJB0/GlcFERxqRkdMSWNAVwgRM0xAXgsjEAUNC2pAVxEWMR5MXg5qQF9LTHlCR1ZMcQRMSV4jARAfRWZXAQwMO0xAT0lkQ0dOS25EREFK HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fsm3Mr6bolO7aPbe78g5SoHwTqKrk5Zh%2Fq3nwEg68cnao%2Bubvj5DOp1b2q7u0CKcTVssicKLNI8HYPm6hbandfu0z9ff5CWar%2B%2ByDzfEzls1DkRMtpdSaGDn5eGJJmAP2xrVf6Xj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c987e5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/clipboardjs/clipboard.min.js | 91.209.70.182 | 200 OK | 8.8 kB |
URL GET HTTP/2megaup.net/themes/flow/js/clipboardjs/clipboard.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (8746) Hash55db0ff82a3b6b247844ae0d07d85fc6 9bc5c7dc92ef0b31d212a66bbdff591e484f427c 404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| funjoobpolicester.info/OXh1U2xYGhY+U1hFF3UZSxRIdl5/XUcVCAsSBiUZVR0ZOggKHUF9D1UXADcKSxcbJ0JXHQF2Xn8sJDgIci8gJARyOyR2Xn8bDwoZdRUnYw9xMg8yJAgTOykLATMbax11AkEnIkMcHh0VUkosAC1IMQwkX10BOHZeezIxGlt3KxJhJ2ELIhg7aAI4F11BGxgWAXY7PD8JVA9NGgV/ThBgVE0yHAVfWy8aYSJALQwwOFoIOTkbSDMMOBppLxpgJlcbRRoWXg0/OTlNIkYGIVs/Pyo1VxAFCShJShBgFBxKMxIrc0wUAC1LMyFrBFggN2AhVD5DGzR/XUcRCnFANAoCFBAFAwZrERABBAgcMj9aWj8ZJAhASE0fFVIXF2Efchs9N1tYIA0pCAoMTTUCcBA8Kh9JMjY0FV8wQRYKVwBGNStoARFhCx8SBjwCSUUPIQpMCRk3GFdJOjY | 52.85.243.29 | 200 OK | 1.2 kB |
URL GET HTTP/2funjoobpolicester.info/OXh1U2xYGhY+U1hFF3UZSxRIdl5/XUcVCAsSBiUZVR0ZOggKHUF9D1UXADcKSxcbJ0JXHQF2Xn8sJDgIci8gJARyOyR2Xn8bDwoZdRUnYw9xMg8yJAgTOykLATMbax11AkEnIkMcHh0VUkosAC1IMQwkX10BOHZeezIxGlt3KxJhJ2ELIhg7aAI4F11BGxgWAXY7PD8JVA9NGgV/ThBgVE0yHAVfWy8aYSJALQwwOFoIOTkbSDMMOBppLxpgJlcbRRoWXg0/OTlNIkYGIVs/Pyo1VxAFCShJShBgFBxKMxIrc0wUAC1LMyFrBFggN2AhVD5DGzR/XUcRCnFANAoCFBAFAwZrERABBAgcMj9aWj8ZJAhASE0fFVIXF2Efchs9N1tYIA0pCAoMTTUCcBA8Kh9JMjY0FV8wQRYKVwBGNStoARFhCx8SBjwCSUUPIQpMCRk3GFdJOjY IP52.85.243.29:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectfunjoobpolicester.info FingerprintC9:AE:3F:99:48:2B:C5:F6:AB:84:C9:28:9A:95:12:77:78:1B:F8:8B ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3038), with no line terminators Hash7e62b1d53f0279acbc84ca601a304fb4 16c7bb8cbffe4dddb0abde231c6cd25cbd54957b 3f812e8d46523dfc7f1a56f8b81c83cfb4e4226bcfc4368f883fe0ea801a25bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /OXh1U2xYGhY+U1hFF3UZSxRIdl5/XUcVCAsSBiUZVR0ZOggKHUF9D1UXADcKSxcbJ0JXHQF2Xn8sJDgIci8gJARyOyR2Xn8bDwoZdRUnYw9xMg8yJAgTOykLATMbax11AkEnIkMcHh0VUkosAC1IMQwkX10BOHZeezIxGlt3KxJhJ2ELIhg7aAI4F11BGxgWAXY7PD8JVA9NGgV/ThBgVE0yHAVfWy8aYSJALQwwOFoIOTkbSDMMOBppLxpgJlcbRRoWXg0/OTlNIkYGIVs/Pyo1VxAFCShJShBgFBxKMxIrc0wUAC1LMyFrBFggN2AhVD5DGzR/XUcRCnFANAoCFBAFAwZrERABBAgcMj9aWj8ZJAhASE0fFVIXF2Efchs9N1tYIA0pCAoMTTUCcBA8Kh9JMjY0FV8wQRYKVwBGNStoARFhCx8SBjwCSUUPIQpMCRk3GFdJOjY HTTP/1.1
Host: funjoobpolicester.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Tue, 16 Apr 2024 11:19:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: SEPgc2qCAOtCn-7hW2NwtA1aPYkg9P3vgBLvS-UxsPL8STTzoYPEUA==
X-Firefox-Spdy: h2
|
|
| funjoobpolicester.info/MVh1Z0RQOhYKe1BlF0ExQzRIQnZ3fUchIAMyBhExXT0ZDiACPUFJJ103AAMiQzcbE2pfPQFCdnceJwowfjojIihzGzQrJlsRNiwoczcWCw4DD0cxI3YiAi4KAisyLDNeLzgfMFYZDzY9ZQskAhRYPxcEM0UwMA83YQgCAHdwIAJCdnMTNAsKfjAWViEALBomEHA3MS8KfRY2AA1SaQ1UDkZgBjIDZz89Dn1gCDYMFnsvMF4OAW1NLHZjNyJVMFcBIlMQV2kNVyBiNAc/dnQpNA4FaBMiKR5XMCMXJ3UKQTAcY2k+MDBXASE2IFBpQTYiAGkSPxxZMiI/aQUTOyQRcBEgDy5wHhlCdnMAMiF2ZjZABCB5ChcsBWAyPBB0WR4tNXR9ABEFIgICOyh1cz9TDTdeNgVaIgEMBSYWaCkdNRdIFw | 52.85.243.29 | 200 OK | 1.2 kB |
URL GET HTTP/2funjoobpolicester.info/MVh1Z0RQOhYKe1BlF0ExQzRIQnZ3fUchIAMyBhExXT0ZDiACPUFJJ103AAMiQzcbE2pfPQFCdnceJwowfjojIihzGzQrJlsRNiwoczcWCw4DD0cxI3YiAi4KAisyLDNeLzgfMFYZDzY9ZQskAhRYPxcEM0UwMA83YQgCAHdwIAJCdnMTNAsKfjAWViEALBomEHA3MS8KfRY2AA1SaQ1UDkZgBjIDZz89Dn1gCDYMFnsvMF4OAW1NLHZjNyJVMFcBIlMQV2kNVyBiNAc/dnQpNA4FaBMiKR5XMCMXJ3UKQTAcY2k+MDBXASE2IFBpQTYiAGkSPxxZMiI/aQUTOyQRcBEgDy5wHhlCdnMAMiF2ZjZABCB5ChcsBWAyPBB0WR4tNXR9ABEFIgICOyh1cz9TDTdeNgVaIgEMBSYWaCkdNRdIFw IP52.85.243.29:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectfunjoobpolicester.info FingerprintC9:AE:3F:99:48:2B:C5:F6:AB:84:C9:28:9A:95:12:77:78:1B:F8:8B ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3020), with no line terminators Hash7592069c90c6444f44fd1cc51e746dce 2d2c19bfb2d61b368393e7359fecc2a018098f26 db4a1c7faff5873ff376de0028d7e3fe95bf393c894de713c19923931ddc50d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /MVh1Z0RQOhYKe1BlF0ExQzRIQnZ3fUchIAMyBhExXT0ZDiACPUFJJ103AAMiQzcbE2pfPQFCdnceJwowfjojIihzGzQrJlsRNiwoczcWCw4DD0cxI3YiAi4KAisyLDNeLzgfMFYZDzY9ZQskAhRYPxcEM0UwMA83YQgCAHdwIAJCdnMTNAsKfjAWViEALBomEHA3MS8KfRY2AA1SaQ1UDkZgBjIDZz89Dn1gCDYMFnsvMF4OAW1NLHZjNyJVMFcBIlMQV2kNVyBiNAc/dnQpNA4FaBMiKR5XMCMXJ3UKQTAcY2k+MDBXASE2IFBpQTYiAGkSPxxZMiI/aQUTOyQRcBEgDy5wHhlCdnMAMiF2ZjZABCB5ChcsBWAyPBB0WR4tNXR9ABEFIgICOyh1cz9TDTdeNgVaIgEMBSYWaCkdNRdIFw HTTP/1.1
Host: funjoobpolicester.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Tue, 16 Apr 2024 11:19:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Yur6L3p8vaPXABaQ0ZPHHbQbCDLRXjjkMBB-MDzxUNwQ457rl8xx1A==
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff | 91.209.70.182 | 200 OK | 21 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 20972, version 1.0 Hashcad75e2dacc6794c4e6b14727d4a989d 694d04c8f643df4100c23efc1463ac9f4e732f60 ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| funjoobpolicester.info/QUNjUFkgIQA9ZiB+AXYsMy9edWsHZlEWPXMpECYsLSYPOT1yJld+Oi0sFjQ/MywNJHcvJhd1awcyOjw1CA0lNxsPKjkDAzkaFBwYLSQ1B2B2ATQSHAoXEwIJLXtTHA8MdiUpNSwUCWAOJzopGBc2NBM0DjYrKDo+NwEJHQojASEIPykaCRwYLSwxFAwxFAlpPyc6UjEWcHoMMjUUeyIXC3kGCicKDyouGhUDBgkdHBg6IBM+dBsNZAEOCzUKFzkkFBofJnYxYioOAjsKCicLDBU6AzMMNQsHMSoYIXcBJwEVDzlSHT8XARMdGDk2MwdgeQY0Iz4nC04/HAorMWg8chULBhEldysIaBAiMGkLDjQIYjsQGgYFHi12IRcxFSI7OwsgLyp1awcKNglgAwc6JxwWLAgJEXUiAhUIMicyBX8rMAw+KXwbGhg4JnEIIGwZIA | 52.85.243.29 | 200 OK | 1.2 kB |
URL GET HTTP/2funjoobpolicester.info/QUNjUFkgIQA9ZiB+AXYsMy9edWsHZlEWPXMpECYsLSYPOT1yJld+Oi0sFjQ/MywNJHcvJhd1awcyOjw1CA0lNxsPKjkDAzkaFBwYLSQ1B2B2ATQSHAoXEwIJLXtTHA8MdiUpNSwUCWAOJzopGBc2NBM0DjYrKDo+NwEJHQojASEIPykaCRwYLSwxFAwxFAlpPyc6UjEWcHoMMjUUeyIXC3kGCicKDyouGhUDBgkdHBg6IBM+dBsNZAEOCzUKFzkkFBofJnYxYioOAjsKCicLDBU6AzMMNQsHMSoYIXcBJwEVDzlSHT8XARMdGDk2MwdgeQY0Iz4nC04/HAorMWg8chULBhEldysIaBAiMGkLDjQIYjsQGgYFHi12IRcxFSI7OwsgLyp1awcKNglgAwc6JxwWLAgJEXUiAhUIMicyBX8rMAw+KXwbGhg4JnEIIGwZIA IP52.85.243.29:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectfunjoobpolicester.info FingerprintC9:AE:3F:99:48:2B:C5:F6:AB:84:C9:28:9A:95:12:77:78:1B:F8:8B ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3037), with no line terminators Hash6390e362c40f4a7b815a21bf780eea3f 93a9a2c6e95ad00f1c0aad516d57a9ca3c577c90 2664f2de1371d7136e0093249e31be482be440570578b54583cdddf99640e265
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /QUNjUFkgIQA9ZiB+AXYsMy9edWsHZlEWPXMpECYsLSYPOT1yJld+Oi0sFjQ/MywNJHcvJhd1awcyOjw1CA0lNxsPKjkDAzkaFBwYLSQ1B2B2ATQSHAoXEwIJLXtTHA8MdiUpNSwUCWAOJzopGBc2NBM0DjYrKDo+NwEJHQojASEIPykaCRwYLSwxFAwxFAlpPyc6UjEWcHoMMjUUeyIXC3kGCicKDyouGhUDBgkdHBg6IBM+dBsNZAEOCzUKFzkkFBofJnYxYioOAjsKCicLDBU6AzMMNQsHMSoYIXcBJwEVDzlSHT8XARMdGDk2MwdgeQY0Iz4nC04/HAorMWg8chULBhEldysIaBAiMGkLDjQIYjsQGgYFHi12IRcxFSI7OwsgLyp1awcKNglgAwc6JxwWLAgJEXUiAhUIMicyBX8rMAw+KXwbGhg4JnEIIGwZIA HTTP/1.1
Host: funjoobpolicester.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1193
date: Tue, 16 Apr 2024 11:19:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: OFsa0qm0aN_HlT5TnpQ5vVgIGk_dPCBiJHMPl5gcLHZLswlSpxDbHQ==
X-Firefox-Spdy: h2
|
|
| positioner.info/cVduTnEQNQ0jThBqDGgEAztTa0M3clwIFUM9HTgEHTICJxVCMlpgEh04GyoXAzgAOl8fMhprQzctI38VNA1dKiA+FAEMIjQ0S3wzOBEeDzMmGV8bQSgBJDQoMhI/ekc4Bi8ZIxgzHw0jOx8NHUUkECh+HxQGBQwXMgI+CkErZSYcICEDAj0LKD8jACdDJ14fIwUEIR0/EAI4F0Q7Zh4JNyUOCQwkHh8NGjApECgmADwVPwAiCAIbCiArFD4ZOCIRCXpHOi9eKykLJAIfGidmNyMBKQIJCB8TFVcJMB8dXQQnOBU0NxY+EDsXBygBOAYiQ24XATQ0Hw0gXBI7Oyk3HxkGCCIwFTR3JCc8KigcNwE8fyAIHRk5KDc6Ow0nJDQtFEIjADw5OwgzAi0jJj47JjAjPyItHyg/OiknRDMrCzI1OjdoGwI4AD5MHyEhPDoZZisEIRluBio | 52.85.243.80 | 200 OK | 1.2 kB |
URL GET HTTP/2positioner.info/cVduTnEQNQ0jThBqDGgEAztTa0M3clwIFUM9HTgEHTICJxVCMlpgEh04GyoXAzgAOl8fMhprQzctI38VNA1dKiA+FAEMIjQ0S3wzOBEeDzMmGV8bQSgBJDQoMhI/ekc4Bi8ZIxgzHw0jOx8NHUUkECh+HxQGBQwXMgI+CkErZSYcICEDAj0LKD8jACdDJ14fIwUEIR0/EAI4F0Q7Zh4JNyUOCQwkHh8NGjApECgmADwVPwAiCAIbCiArFD4ZOCIRCXpHOi9eKykLJAIfGidmNyMBKQIJCB8TFVcJMB8dXQQnOBU0NxY+EDsXBygBOAYiQ24XATQ0Hw0gXBI7Oyk3HxkGCCIwFTR3JCc8KigcNwE8fyAIHRk5KDc6Ow0nJDQtFEIjADw5OwgzAi0jJj47JjAjPyItHyg/OiknRDMrCzI1OjdoGwI4AD5MHyEhPDoZZisEIRluBio IP52.85.243.80:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectpositioner.info FingerprintDA:BE:5E:9C:0D:FB:D1:41:AB:2A:84:89:1D:88:D4:1C:B0:41:62:05 ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3044), with no line terminators Hashccb0ddef82a662f14c07930470bc8fcb 2a42daf61a2707f7a9e2673bd2c08c2445ec1ecb 227983f4542a9bfa64d48533f8c3126a39eee588ad1f38097cf89f1b4a41a984
GET /cVduTnEQNQ0jThBqDGgEAztTa0M3clwIFUM9HTgEHTICJxVCMlpgEh04GyoXAzgAOl8fMhprQzctI38VNA1dKiA+FAEMIjQ0S3wzOBEeDzMmGV8bQSgBJDQoMhI/ekc4Bi8ZIxgzHw0jOx8NHUUkECh+HxQGBQwXMgI+CkErZSYcICEDAj0LKD8jACdDJ14fIwUEIR0/EAI4F0Q7Zh4JNyUOCQwkHh8NGjApECgmADwVPwAiCAIbCiArFD4ZOCIRCXpHOi9eKykLJAIfGidmNyMBKQIJCB8TFVcJMB8dXQQnOBU0NxY+EDsXBygBOAYiQ24XATQ0Hw0gXBI7Oyk3HxkGCCIwFTR3JCc8KigcNwE8fyAIHRk5KDc6Ow0nJDQtFEIjADw5OwgzAi0jJj47JjAjPyItHyg/OiknRDMrCzI1OjdoGwI4AD5MHyEhPDoZZisEIRluBio HTTP/1.1
Host: positioner.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Tue, 16 Apr 2024 11:19:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 210fa10efb175d891774d170436663b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: G6XRGPyBSHKJY5SjVEXYmofxuLJfVzLkXZFUgaJ84gOo4CkNgXZLQw==
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashbd20ee591572e6bc70d8fdc47d4c3507 b169e53ff7e63e023ed64513232a23ca9a553948 78d163825e2585095ad387c2da68a74d86d282b3e17124657dbf9d27279d25b4
GET /gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 11:19:56 GMT
expires: Tue, 16 Apr 2024 11:19:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pogothere.xyz/asd100.bin | 188.114.96.1 | 200 OK | 103 kB |
IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size103 kB (102595 bytes) Hash3408e9e0370a01f52f0fb9d192b60258 cbae1ce5566d3e8bf21be2a027ed838e16d0cc8f a2a74ff25956ca61b318abdf51c4af64d6125add60bfcb929fd68ae3487bfeb8
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6011
last-modified: Tue, 16 Apr 2024 09:39:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FhMNArMMHVvDE25H1q7tS7a3ymk4EcIYqvPm078luYyN1qVVXaRStt2%2FdINZmKhW%2FPJPrMJFtzbsguU8Zw60%2FF3jlJ3zF17pGHfHWQGotSAAE%2BvN7klLMiOJ1wPP9ls"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8753c87c99f256cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| d2jsvulelid3e4.cloudfront.net/lSnNsa0EpHAINfj4aCFZ2fEJdU3dsAx4OJ3ceCQwgPwNCBSQ+VQYYLiQDUQ4UJQsZBDAgGAtaZz4JCFZxbB8NBSZ3VQkFIndCSgolKE5YTTU6HAdWNTkJFBkrIAIdAWc/ElEGLjAaAAcgb0EqXm96Vl5baTJCXU5yCFZeWy0jHRkTZHhDFFN3FUVYTnIIVl-5bMzxWXyp4fF1cQmR4QwsOIiEcSVkHeENdW3F7Q11Oc3oVBRkkLBwUTnMMSlpFcWwGUVo | 54.230.241.193 | | 590 B |
URL d2jsvulelid3e4.cloudfront.net/lSnNsa0EpHAINfj4aCFZ2fEJdU3dsAx4OJ3ceCQwgPwNCBSQ+VQYYLiQDUQ4UJQsZBDAgGAtaZz4JCFZxbB8NBSZ3VQkFIndCSgolKE5YTTU6HAdWNTkJFBkrIAIdAWc/ElEGLjAaAAcgb0EqXm96Vl5baTJCXU5yCFZeWy0jHRkTZHhDFFN3FUVYTnIIVl-5bMzxWXyp4fF1cQmR4QwsOIiEcSVkHeENdW3F7Q11Oc3oVBRkkLBwUTnMMSlpFcWwGUVo IP54.230.241.193:0
File typeASCII text, with very long lines (855), with no line terminators Hashff8232b0199a5ac091a27a4cb96c40c0 eaea4e3dae73fa99e30998ed741e53a93f77e77a 9955f310e2b01fe2f74cdee722ff1ae6d07ddd9b3992d99eaa990b61b6ae5dc9
GET /lSnNsa0EpHAINfj4aCFZ2fEJdU3dsAx4OJ3ceCQwgPwNCBSQ+VQYYLiQDUQ4UJQsZBDAgGAtaZz4JCFZxbB8NBSZ3VQkFIndCSgolKE5YTTU6HAdWNTkJFBkrIAIdAWc/ElEGLjAaAAcgb0EqXm96Vl5baTJCXU5yCFZeWy0jHRkTZHhDFFN3FUVYTnIIVl-5bMzxWXyp4fF1cQmR4QwsOIiEcSVkHeENdW3F7Q11Oc3oVBRkkLBwUTnMMSlpFcWwGUVo HTTP/1.1
Host: d2jsvulelid3e4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://positioner.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 590
date: Tue, 16 Apr 2024 11:19:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kGB69aOc8rPjOrx9vZyo1s2hWSUA_ayD_5-1DDrJoYoKTmZWk0ksQQ==
X-Firefox-Spdy: h2
|
|
| d2jsvulelid3e4.cloudfront.net/TQkdKWUwhKCQ/czYuLmR0cHJzaH1kNzg8Kn8qLz4tNzdkNyk2YSAqIyw3dyM+JDI7NSg2KXsWKWQzMD1xcmEmOCIlemw8IiF6e38tJiV3bWo2NyUycTcpLjwqKykvPWo3Jnc0IzguJjUtZ3UMbGJyYnhpZDp2e3x/AGJ4aSArKT8haXB3MmF6HXF+fH8AYn-hpPjRieRh1dGl6cGlwdy08Lykob2sKcHd7aXxzd3t8fnIhIyspJCgyfH4Efnx3fGQyd2g | 54.230.241.193 | 200 OK | 377 B |
URL GET HTTP/2d2jsvulelid3e4.cloudfront.net/TQkdKWUwhKCQ/czYuLmR0cHJzaH1kNzg8Kn8qLz4tNzdkNyk2YSAqIyw3dyM+JDI7NSg2KXsWKWQzMD1xcmEmOCIlemw8IiF6e38tJiV3bWo2NyUycTcpLjwqKykvPWo3Jnc0IzguJjUtZ3UMbGJyYnhpZDp2e3x/AGJ4aSArKT8haXB3MmF6HXF+fH8AYn-hpPjRieRh1dGl6cGlwdy08Lykob2sKcHd7aXxzd3t8fnIhIyspJCgyfH4Efnx3fGQyd2g IP54.230.241.193:443
Requested byhttps://funjoobpolicester.info/OXh1U2xYGhY+U1hFF3UZSxRIdl5/XUcVCAsSBiUZVR0ZOggKHUF9D1UXADcKSxcbJ0JXHQF2Xn8sJDgIci8gJARyOyR2Xn8bDwoZdRUnYw9xMg8yJAgTOykLATMbax11AkEnIkMcHh0VUkosAC1IMQwkX10BOHZeezIxGlt3KxJhJ2ELIhg7aAI4F11BGxgWAXY7PD8JVA9NGgV/ThBgVE0yHAVfWy8aYSJALQwwOFoIOTkbSDMMOBppLxpgJlcbRRoWXg0/OTlNIkYGIVs/Pyo1VxAFCShJShBgFBxKMxIrc0wUAC1LMyFrBFggN2AhVD5DGzR/XUcRCnFANAoCFBAFAwZrERABBAgcMj9aWj8ZJAhASE0fFVIXF2Efchs9N1tYIA0pCAoMTTUCcBA8Kh9JMjY0FV8wQRYKVwBGNStoARFhCx8SBjwCSUUPIQpMCRk3GFdJOjY CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (480), with no line terminators Hash1245cf5f81f0c878b53e49ac92db4be6 30792e63bbb6c20ae613609be93df00938fe5395 0a2067f8ed6ddf8bb2fbf35953c94c27c7d940da3bf9be1e807adf47fe8c5e21
GET /TQkdKWUwhKCQ/czYuLmR0cHJzaH1kNzg8Kn8qLz4tNzdkNyk2YSAqIyw3dyM+JDI7NSg2KXsWKWQzMD1xcmEmOCIlemw8IiF6e38tJiV3bWo2NyUycTcpLjwqKykvPWo3Jnc0IzguJjUtZ3UMbGJyYnhpZDp2e3x/AGJ4aSArKT8haXB3MmF6HXF+fH8AYn-hpPjRieRh1dGl6cGlwdy08Lykob2sKcHd7aXxzd3t8fnIhIyspJCgyfH4Efnx3fGQyd2g HTTP/1.1
Host: d2jsvulelid3e4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funjoobpolicester.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 377
date: Tue, 16 Apr 2024 11:19:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wVFZEnMs69gJSXWHYHSmtPLaHZT99KZLdKGIslugQwLKR4CwZjaJ-A==
X-Firefox-Spdy: h2
|
|
| d2jsvulelid3e4.cloudfront.net/qYllINFgBNiZSZxYwLAlgVW97BWBEKTpRPl80LVM5FylmWj0WfyJHNwwpdWwhKjgvBjMSbBBXfhYjLAloRDUpWj9ffy1aO19oblU8AGR8EiwSNiMJLBEjMEYyCCg5Xn4XOHVZNxgwJFg5R2sOAXZSfHoEcBpoeRFrIHx6BDQLNz1MfVBpMAxuPW98EWsgfH-oEKhR8e3VhVHd4HX1QaS9ROwk2bQYeUGl5BGhTaXkRalI/IUY9BDYwEWokYH4aaEQsdQU | 54.230.241.193 | | 453 B |
URL d2jsvulelid3e4.cloudfront.net/qYllINFgBNiZSZxYwLAlgVW97BWBEKTpRPl80LVM5FylmWj0WfyJHNwwpdWwhKjgvBjMSbBBXfhYjLAloRDUpWj9ffy1aO19oblU8AGR8EiwSNiMJLBEjMEYyCCg5Xn4XOHVZNxgwJFg5R2sOAXZSfHoEcBpoeRFrIHx6BDQLNz1MfVBpMAxuPW98EWsgfH-oEKhR8e3VhVHd4HX1QaS9ROwk2bQYeUGl5BGhTaXkRalI/IUY9BDYwEWokYH4aaEQsdQU IP54.230.241.193:0
File typeASCII text, with very long lines (583), with no line terminators Hash484f51591ccdee0825b5693129425acb 5022e94b8541aeabc06dae833442dc3be783249c f1ff4c461126e729e110aecbce1b20e7e3e33d763d40ed64a6319e067886f7c2
GET /qYllINFgBNiZSZxYwLAlgVW97BWBEKTpRPl80LVM5FylmWj0WfyJHNwwpdWwhKjgvBjMSbBBXfhYjLAloRDUpWj9ffy1aO19oblU8AGR8EiwSNiMJLBEjMEYyCCg5Xn4XOHVZNxgwJFg5R2sOAXZSfHoEcBpoeRFrIHx6BDQLNz1MfVBpMAxuPW98EWsgfH-oEKhR8e3VhVHd4HX1QaS9ROwk2bQYeUGl5BGhTaXkRalI/IUY9BDYwEWokYH4aaEQsdQU HTTP/1.1
Host: d2jsvulelid3e4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://funjoobpolicester.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 453
date: Tue, 16 Apr 2024 11:19:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hgX1AozNsjxU0JkrWsPg74S9T-alqn4ur0_dOF76ZINpEGo01xMW_g==
X-Firefox-Spdy: h2
|
|
| d2jsvulelid3e4.cloudfront.net/zM1dEZ3dQOCoBSEc+IFpABWN1U0YVJzYCEQ46IQAWRidqCRJHcS4UGF0neQkBfCUPD0Z2HRQPTlszYhMNV2p0QRtSOSNaUVY5J1pGFTYgBUoHcTAXGFhqMBQNSyUuDQZCPWISFg46Kx0eXzslQkV1YmpXUgFnbB9GAnJ3JVIBZygOGUYvYVVHS29yOEEHcn-clUgFnNhFSABZ9UVkDfmFVR1QyJwwYFmUCVUcCZ3RWRwJydlcRWiUhARhLcnYhTgV5dEECDmY | 54.230.241.193 | | 603 B |
URL d2jsvulelid3e4.cloudfront.net/zM1dEZ3dQOCoBSEc+IFpABWN1U0YVJzYCEQ46IQAWRidqCRJHcS4UGF0neQkBfCUPD0Z2HRQPTlszYhMNV2p0QRtSOSNaUVY5J1pGFTYgBUoHcTAXGFhqMBQNSyUuDQZCPWISFg46Kx0eXzslQkV1YmpXUgFnbB9GAnJ3JVIBZygOGUYvYVVHS29yOEEHcn-clUgFnNhFSABZ9UVkDfmFVR1QyJwwYFmUCVUcCZ3RWRwJydlcRWiUhARhLcnYhTgV5dEECDmY IP54.230.241.193:0
File typeASCII text, with very long lines (858), with no line terminators Hash409ae115493729c9da748d7d98796cff 60a246d82e54e155a1609c6642db1ae5e1f911a2 22efe16c5d53cece27e8c69a9e2c2aa6db610280e87f724a97d36bc51c1ff886
GET /zM1dEZ3dQOCoBSEc+IFpABWN1U0YVJzYCEQ46IQAWRidqCRJHcS4UGF0neQkBfCUPD0Z2HRQPTlszYhMNV2p0QRtSOSNaUVY5J1pGFTYgBUoHcTAXGFhqMBQNSyUuDQZCPWISFg46Kx0eXzslQkV1YmpXUgFnbB9GAnJ3JVIBZygOGUYvYVVHS29yOEEHcn-clUgFnNhFSABZ9UVkDfmFVR1QyJwwYFmUCVUcCZ3RWRwJydlcRWiUhARhLcnYhTgV5dEECDmY HTTP/1.1
Host: d2jsvulelid3e4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://positioner.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 603
date: Tue, 16 Apr 2024 11:19:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C6thfZdgvLO2hQ8HgsBv6chsBZLUg16ek3jWjiKku5Z2NflnV6LNig==
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/V0lsMkJ4dg9BfwUdCHAUZ3AbcAoRIAlcExQtXmB6Mz4mRRgPeUpGKzN0VAB3bnhdFDI+LVEBcHE6GFM2IjpRAHJnfkpbLDEmUQBkIXRcHHt5e0IEZCJ0XgpwZnhVC3ZhfF4CdGFwSkYyNi5RA2QnPRhef2Z+XQFwYX9fC3RkeVU | 188.114.96.1 | 204 No Content | 0 B |
URL POST HTTP/3ncukankingwith.info/V0lsMkJ4dg9BfwUdCHAUZ3AbcAoRIAlcExQtXmB6Mz4mRRgPeUpGKzN0VAB3bnhdFDI+LVEBcHE6GFM2IjpRAHJnfkpbLDEmUQBkIXRcHHt5e0IEZCJ0XgpwZnhVC3ZhfF4CdGFwSkYyNi5RA2QnPRhef2Z+XQFwYX9fC3RkeVU IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /V0lsMkJ4dg9BfwUdCHAUZ3AbcAoRIAlcExQtXmB6Mz4mRRgPeUpGKzN0VAB3bnhdFDI+LVEBcHE6GFM2IjpRAHJnfkpbLDEmUQBkIXRcHHt5e0IEZCJ0XgpwZnhVC3ZhfF4CdGFwSkYyNi5RA2QnPRhef2Z+XQFwYX9fC3RkeVU HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Tue, 16 Apr 2024 11:19:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqb3vvATdAzyUA10v5bwoRtbILpUXxZxNyDwHqzJTNZgcEJmh1RWSBVSh3OHFAlWCirQKrvm8uy9seRpa%2F0jFR9LLBkpokm3SFe8tSVL9PdRCy%2B%2FOA1Dmjkiwt%2BWkKa8cNMQgdn2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c880fedd56a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| funjoobpolicester.info/multi?cs=NmdTYzACVGRUBgZXY1sABFVgUwk&abt=0&red=1&sm=76&k=download%20file%20takes%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_KVyi=1713266396306&crc=1 | 52.85.243.29 | 200 OK | 1.7 kB |
URL GET HTTP/2funjoobpolicester.info/multi?cs=NmdTYzACVGRUBgZXY1sABFVgUwk&abt=0&red=1&sm=76&k=download%20file%20takes%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_KVyi=1713266396306&crc=1 IP52.85.243.29:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectfunjoobpolicester.info FingerprintC9:AE:3F:99:48:2B:C5:F6:AB:84:C9:28:9A:95:12:77:78:1B:F8:8B ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (3551), with no line terminators Hash69cf46a45d77dc5a6a930129069c89b9 f5f91bde5c989ba46065cca28bf02010668b9d85 4cc2bee53155d68e274e8b780ee8ecf4c9694886547a2e9e8623f305ceff39ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /multi?cs=NmdTYzACVGRUBgZXY1sABFVgUwk&abt=0&red=1&sm=76&k=download%20file%20takes%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_KVyi=1713266396306&crc=1 HTTP/1.1
Host: funjoobpolicester.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1724
date: Tue, 16 Apr 2024 11:19:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=4b7de7f8-0862-44d6-857e-5df7db93cd84
csu=282119946520669
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ndmkDoY6coj1uVte2Z3toZkSlWi8DyVuUX0Suq2k45s3XWE6eeeD5w==
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png | 91.209.70.182 | 200 OK | 951 B |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typePNG image data, 114 x 114, 8-bit colormap, non-interlaced Hash76852bc6b2c028db97322a74e85bd020 ed52fb4de0d51f93277bbaae42fa80ba5f92c31e 8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:56 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31568, version 1.1 Hashe0c4ac0e73196bd0469c5c33304b7773 bb071565f82907d117b0732dca8013409162c67d ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:56 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| funjoobpolicester.info/floater?cs=dWs2SHFAWAZ9REReAHtCR14HekM&abt=0&red=1&sm=83&k=download%20file%20takes%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=oi1_&_63Ce=1713266396311&crc=1 | 52.85.243.29 | 200 OK | 2.0 kB |
URL GET HTTP/2funjoobpolicester.info/floater?cs=dWs2SHFAWAZ9REReAHtCR14HekM&abt=0&red=1&sm=83&k=download%20file%20takes%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=oi1_&_63Ce=1713266396311&crc=1 IP52.85.243.29:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectfunjoobpolicester.info FingerprintC9:AE:3F:99:48:2B:C5:F6:AB:84:C9:28:9A:95:12:77:78:1B:F8:8B ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (3807), with no line terminators Hashba7ec53f41170dd372b7e7fefd64d230 73467940e7dd10349c3f344342b6d60a6f74a0df d717d342ff887f84f88f63eac10356984d89657baf88044f7c78834a362c54dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /floater?cs=dWs2SHFAWAZ9REReAHtCR14HekM&abt=0&red=1&sm=83&k=download%20file%20takes%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=282119946520669&agec=1713266395&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=515.4639175257731&ref=https%3A%2F%2Fmegaup.net%2F2vDfe%2FIt_Takes_Two_%5B010092A0172E4000%5D%5Bv0%5D%5BUS%5D.nsp.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=oi1_&_63Ce=1713266396311&crc=1 HTTP/1.1
Host: funjoobpolicester.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 1964
date: Tue, 16 Apr 2024 11:19:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=a4518fbf-3f14-4094-b615-3efc80ef8f1d
csu=282119946520669
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 844de3d616579278fb702fc6b9b5c9a2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 2P2h4gFSGvcgqXjCA-peIYxHJRfaY4ZuZ-Ap_sOuLqNVlizggKsa2Q==
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 108.177.14.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:3CMmv43d9tJzmQF5_dtpQLhKG9Bp_g:I27G2uiBuelMJ_c4; Expires=Thu, 16-Apr-2026 11:19:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLXhWhTQXLPdLrDRrZ272RK0_rQPbTrv8izLPemwavGvF2f-rn4N-9YMl9PZ8bj-_7eXq3NgA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-MtmfDn1tRXj1MC7dcPWEsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 108.177.14.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:hhNCOXYRTg2FVcD_lU-PdlpAWptuzw:1Z_nf5AyVkH7KT1v; Expires=Thu, 16-Apr-2026 11:19:56 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJOmgsny-IFlAtTJa0QkHQQ1B3pIlAQ3DpmSgEl71eGPgFa_IvoSRfPCt1ypGjxbayjw_UtWg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-JTclFnjFx6SJP2UESkdjKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLXhWhTQXLPdLrDRrZ272RK0_rQPbTrv8izLPemwavGvF2f-rn4N-9YMl9PZ8bj-_7eXq3NgA | 108.177.14.84 | 302 Found | 427 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLXhWhTQXLPdLrDRrZ272RK0_rQPbTrv8izLPemwavGvF2f-rn4N-9YMl9PZ8bj-_7eXq3NgA IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File typeHTML document, ASCII text, with very long lines (404) Hasha7c10301f90a4850adf33eb3ab8d5829 12acf9c397055ba4f4302d39e5d2047a9db63f26 6f2976eb81ff992caf45310c44b0cada6974be31c3eb091c9d745cafd6e1e772
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ARZ0qKLXhWhTQXLPdLrDRrZ272RK0_rQPbTrv8izLPemwavGvF2f-rn4N-9YMl9PZ8bj-_7eXq3NgA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:--zpoz2jaSrVNOMJGKLkdLJm4pdVxw:_1M7rrSnKr6X1bdB;Path=/;Expires=Thu, 16-Apr-2026 11:19:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJQRqx3bWFrjNRj3c7-jXhH-HGpv0jcyN12-uehoVVF8gXojyGI_pzlysNAehKkTLVrpqA-kQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1845376819%3A1713266396816326&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-y-T3CayJblL5xuOYm3OuCQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJOmgsny-IFlAtTJa0QkHQQ1B3pIlAQ3DpmSgEl71eGPgFa_IvoSRfPCt1ypGjxbayjw_UtWg | 108.177.14.84 | 302 Found | 429 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJOmgsny-IFlAtTJa0QkHQQ1B3pIlAQ3DpmSgEl71eGPgFa_IvoSRfPCt1ypGjxbayjw_UtWg IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
File typeHTML document, ASCII text, with very long lines (407) Hash819f6206d2b6e28143157e802f1a7930 2cad290c9246327c980a4ea1bff1a9fbf7899115 ba77bfc496f33d030687b244ae54041199d8f32b408c2b11fb2bf23a1a09c5e4
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKJOmgsny-IFlAtTJa0QkHQQ1B3pIlAQ3DpmSgEl71eGPgFa_IvoSRfPCt1ypGjxbayjw_UtWg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2k03tUFKXBlbilmMi2S75QB77SnC4g:-UVc3xq9uh5pwAzC;Path=/;Expires=Thu, 16-Apr-2026 11:19:56 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLtSb-V3UUHHafJvYkIqjH6s7vtooCBVKMk0K8wK5VaOpJgVOOqFPbOLS3QVKJkYA3pspG1iA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1208944041%3A1713266396830842&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-C1WjW1H1FBCE-2Ii1O6FqQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31900, version 1.1 Hash1b285c8e5b7445a8e434b2cdf036bab2 c97d4772fbb5c5637d466b5f991bc7ec28830b32 09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:57 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico | 91.209.70.182 | 200 OK | 278 B |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashe95c130b43ef6c32b9c9459aff5706c1 51b8b0d3ae3eabd9c31e65098acfa9ba18e9bb30 6c3dde0843949903d807800c8d6706e357fd762d29885946bacac881d4abfb35
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:56 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31836, version 1.1 Hash4514fa5a5b3d1e0b14aa32a7d068124a e634977bfabc20ed15fe7ed03d3876cf68834b93 5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:59 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/popunder.gif | 188.114.96.1 | 200 OK | 31 kB |
URL GET HTTP/3ncukankingwith.info/popunder.gif IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
File typeGIF image data, version 89a, 1 x 1 Hashfe43ce5b348638dd103b8eac213c148a 5254da870c0dcfefb3959831ec0d7ce5cc138d9d 170508afa3ee07265d827613b4154cc2e9d717728d9f7fe67b3f26f5fed24251
GET /popunder.gif HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 11:19:56 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 86225
last-modified: Mon, 15 Apr 2024 11:22:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZltTRxmykoqrD0q9Pb7c1QrfIdWIgzjnNv610LAz9X1OWr23cNN3jZXwHc5VtF3307r21v9ZP3MRuJYHmmvWVDRM0THLBAM5MMe4ovRLFT7TmvPaXvdwOQBgGVRgd0AQvWp4bGSq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8753c880ce9c56a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31900, version 1.1 Hash1b285c8e5b7445a8e434b2cdf036bab2 c97d4772fbb5c5637d466b5f991bc7ec28830b32 09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:59 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31568, version 1.1 Hashe0c4ac0e73196bd0469c5c33304b7773 bb071565f82907d117b0732dca8013409162c67d ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:59 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31980, version 1.1 Hash99ac81a158028ac2023fb3350d2497e7 f08c12c91ab29282a616c3ba8e533f49b5b433ca 92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; _ga_Z9TE2LW16Q=GS1.1.1713266396.1.0.1713266396.0.0.0; _ga=GA1.1.1503430309.1713266396
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:59 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xml.cow-timerbudder.org/thumbnail?i=XEzrUClhfUY_0&p=1713266396.220815&imgt=icon | 198.134.116.29 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cow-timerbudder.org/thumbnail?i=XEzrUClhfUY_0&p=1713266396.220815&imgt=icon IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerLet's Encrypt Subjectcow-timerbudder.org Fingerprint89:E1:C0:DB:1B:8C:F8:47:C7:08:89:F4:24:D0:0C:35:15:5D:30:0D ValidityThu, 29 Feb 2024 07:44:27 GMT - Wed, 29 May 2024 07:44:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=XEzrUClhfUY_0&p=1713266396.220815&imgt=icon HTTP/1.1
Host: xml.cow-timerbudder.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 16 Apr 2024 11:19:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.servingserved.com/n337/ad/192x192_Lyrd9uAownGqIw1KkFn3.jpeg
|
|
| static.servingserved.com/n337/ad/192x192_Lyrd9uAownGqIw1KkFn3.jpeg | 23.36.76.160 | 200 OK | 5.4 kB |
URL GET HTTP/1.1static.servingserved.com/n337/ad/192x192_Lyrd9uAownGqIw1KkFn3.jpeg IP23.36.76.160:443 ASN#20940 Akamai International B.V.
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerLet's Encrypt Subjectstatic.servingserved.com FingerprintFE:03:30:2F:FD:AE:3C:2C:A0:08:7F:45:0B:E9:63:CB:3B:86:CF:79 ValidityMon, 25 Mar 2024 19:36:50 GMT - Sun, 23 Jun 2024 19:36:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash74d6eeeaf0eeb4b68c5190847738401e edcf07ab31b871580185d9ea1a740ca814af7be1 53c08ed0b3c05dd9e71cb603815b706d92bfc98dbe4e294f9d1f85bab9c3c398
GET /n337/ad/192x192_Lyrd9uAownGqIw1KkFn3.jpeg HTTP/1.1
Host: static.servingserved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 5355
Last-Modified: Wed, 06 Dec 2023 17:37:17 GMT
ETag: "6570b14d-14eb"
Accept-Ranges: bytes
Cache-Control: max-age=47471
Expires: Wed, 17 Apr 2024 00:31:10 GMT
Date: Tue, 16 Apr 2024 11:19:59 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
|
|
| xml.cow-timerbudder.org/thumbnail?i=vGCxxgo3D6A_0&p=1713266396.220815&imgt=icon | 198.134.116.29 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cow-timerbudder.org/thumbnail?i=vGCxxgo3D6A_0&p=1713266396.220815&imgt=icon IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerLet's Encrypt Subjectcow-timerbudder.org Fingerprint89:E1:C0:DB:1B:8C:F8:47:C7:08:89:F4:24:D0:0C:35:15:5D:30:0D ValidityThu, 29 Feb 2024 07:44:27 GMT - Wed, 29 May 2024 07:44:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=vGCxxgo3D6A_0&p=1713266396.220815&imgt=icon HTTP/1.1
Host: xml.cow-timerbudder.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 16 Apr 2024 11:20:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.servingserved.com/n337/ad/192x192_rFH1xLW8YCAi9oNkmkq3.jpeg
|
|
| ncukankingwith.info/bGs4dmZDVFsFWw0AXEUCNDFeEiMIKmlHEhU6bSwgOyNyMTRcOh4CDwhWAERTVVoJUBYFDwVFVEoYTBcSGRgFRFZcXh4fCAoEBURWXF0IRldfWR1BJQQfTAYVSVh5U1QqTgowHgEHFhUJG0ZMHwsJGVoDAggOSlgJHgwdRCAYA00bBAIKURpDXy1RU1UoHX81HhQMV0UiWipnRkNeXUhTVShaD0dVXl0ORV9aRQpEVlRaDVNUWgJVERJJWHwfBQMFHUElAh5UGkNbKAlOUFxfCEZQXF8LQVJfXwpOU11NTktWQlIWREhaTU1LVFRZCUdfVV8OQ1RcXQ5PQBgbWRFbXU1IAhIAVglBV19ZDkBSXFkPT1I | 188.114.96.1 | 204 No Content | 0 B |
URL POST HTTP/3ncukankingwith.info/bGs4dmZDVFsFWw0AXEUCNDFeEiMIKmlHEhU6bSwgOyNyMTRcOh4CDwhWAERTVVoJUBYFDwVFVEoYTBcSGRgFRFZcXh4fCAoEBURWXF0IRldfWR1BJQQfTAYVSVh5U1QqTgowHgEHFhUJG0ZMHwsJGVoDAggOSlgJHgwdRCAYA00bBAIKURpDXy1RU1UoHX81HhQMV0UiWipnRkNeXUhTVShaD0dVXl0ORV9aRQpEVlRaDVNUWgJVERJJWHwfBQMFHUElAh5UGkNbKAlOUFxfCEZQXF8LQVJfXwpOU11NTktWQlIWREhaTU1LVFRZCUdfVV8OQ1RcXQ5PQBgbWRFbXU1IAhIAVglBV19ZDkBSXFkPT1I IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bGs4dmZDVFsFWw0AXEUCNDFeEiMIKmlHEhU6bSwgOyNyMTRcOh4CDwhWAERTVVoJUBYFDwVFVEoYTBcSGRgFRFZcXh4fCAoEBURWXF0IRldfWR1BJQQfTAYVSVh5U1QqTgowHgEHFhUJG0ZMHwsJGVoDAggOSlgJHgwdRCAYA00bBAIKURpDXy1RU1UoHX81HhQMV0UiWipnRkNeXUhTVShaD0dVXl0ORV9aRQpEVlRaDVNUWgJVERJJWHwfBQMFHUElAh5UGkNbKAlOUFxfCEZQXF8LQVJfXwpOU11NTktWQlIWREhaTU1LVFRZCUdfVV8OQ1RcXQ5PQBgbWRFbXU1IAhIAVglBV19ZDkBSXFkPT1I HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Tue, 16 Apr 2024 11:20:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZjvfgwZ1G6Dskm1a0Ta68Dbwsvppi%2BQw3xwLZReXFDMWP6wVjUX%2BDU3WwN7%2Fe%2F5mKM9sHw%2BteFbEirYIEry4HtLlH9pJt7JW6xFdl662ZutD5C5Gb2x1ri%2Bvqicrv2JwLAz8CeC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c8a9797956a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.servingserved.com/n337/ad/192x192_rFH1xLW8YCAi9oNkmkq3.jpeg | 23.36.76.160 | 200 OK | 5.4 kB |
URL GET HTTP/1.1static.servingserved.com/n337/ad/192x192_rFH1xLW8YCAi9oNkmkq3.jpeg IP23.36.76.160:443 ASN#20940 Akamai International B.V.
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerLet's Encrypt Subjectstatic.servingserved.com FingerprintFE:03:30:2F:FD:AE:3C:2C:A0:08:7F:45:0B:E9:63:CB:3B:86:CF:79 ValidityMon, 25 Mar 2024 19:36:50 GMT - Sun, 23 Jun 2024 19:36:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hashd76e391083ab3bbfb065c3ac9964033e 646e240f494ca55dac98a1843390ab64347758a7 0a78ad7f59fe9109363947eda0957d3b705ba4d44637523ca9b1f67211874acc
GET /n337/ad/192x192_rFH1xLW8YCAi9oNkmkq3.jpeg HTTP/1.1
Host: static.servingserved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Content-Length: 5350
Last-Modified: Wed, 06 Dec 2023 17:38:01 GMT
ETag: "6570b179-14e6"
Accept-Ranges: bytes
Cache-Control: max-age=67508
Expires: Wed, 17 Apr 2024 06:05:10 GMT
Date: Tue, 16 Apr 2024 11:20:02 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
|
|
| megaup.net/themes/flow/js/jquery.dataTables.min.js | 91.209.70.182 | 200 OK | 70 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.dataTables.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (768) Hash737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-validate.js | 91.209.70.182 | 200 OK | 4.1 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.fileupload-validate.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4192), with no line terminators Hash4ad5c2f2ed0230271d44a12b09ea1361 2070df63b71eda62f5a90b091595ef67595273b7 84047dced279f3c811d4cb54e6a5dc9310569b51eba58aec89f03ced7bfadafc
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css | 91.209.70.182 | 200 OK | 48 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash6678bbbf8814eac6d7f987ad2a32111a aa9021d4f27c58d5ffe5a8545c20b47232d7d0cb 9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJQRqx3bWFrjNRj3c7-jXhH-HGpv0jcyN12-uehoVVF8gXojyGI_pzlysNAehKkTLVrpqA-kQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1845376819%3A1713266396816326&theme=mn&ddm=0 | 108.177.14.84 | 403 Forbidden | 0 B |
URL GET HTTP/2accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJQRqx3bWFrjNRj3c7-jXhH-HGpv0jcyN12-uehoVVF8gXojyGI_pzlysNAehKkTLVrpqA-kQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1845376819%3A1713266396816326&theme=mn&ddm=0 IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJQRqx3bWFrjNRj3c7-jXhH-HGpv0jcyN12-uehoVVF8gXojyGI_pzlysNAehKkTLVrpqA-kQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1845376819%3A1713266396816326&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-kIXp4z9LIrUMrsVXicOVSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/custom.css | 91.209.70.182 | 200 OK | 14 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/custom.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash5c6cc304ddf594371c91e46020c2dec5 5b8d133530fe6092bcd642ab20c028dd869ab45d cb11ef787fc18b87a0420239ee788379f6218b79ac81fa012ecad676ae1cb144
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js | 91.209.70.182 | 200 OK | 5.4 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6528), with no line terminators Hash86379ef62388dc773f0c909c8678823c 5eff5eeda891aeb71ef023ab40006f5e9be33642 4152201489950049e566388267c82b03eda1810018354b17055593f250d1e658
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js | 91.209.70.182 | 200 OK | 1.5 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1485), with no line terminators Hash81e829f6440dd7da485221dc6c313a11 b6530a173b945abda1e8bae3da825189ffd9efc3 d526eb464ff9722d6639269b69f241cb5816452149e5a89acd866fbcda382102
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js | 91.209.70.182 | 200 OK | 2.4 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2449), with no line terminators Hash7b61bf63f1c5a5854b24046257705068 dcac61a8cbb82440b4b09f3d391c0800eba6ee89 15eb8a14ded6c8eaf1e4f528a77c02be72e8e3d743e44b259dc8036ef26864fb
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/stylesheet.css | 91.209.70.182 | 200 OK | 28 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/stylesheet.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash8568ee885222fb5ef651a99221bfd347 0dc1b30d1a58c3cdafab8b38da04f3fc2462ee46 3b35d09fae892be2b76a67f47bbbcbe289b05a2850e02295f70f9c2e537d927a
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.iframe-transport.js | 91.209.70.182 | 200 OK | 9.3 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.iframe-transport.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9459), with no line terminators Hashe703222aaa30359454a64b070b20b7a5 bbe0de722f2f9eb912ba3fc0d960e35b3ef58b4e 917390ec2f9d9d63aaa67ee2078e601f84538945732e4a89d3be346728f80fca
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/global.js | 91.209.70.182 | 200 OK | 3.4 kB |
URL GET HTTP/2megaup.net/themes/flow/js/global.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (3612), with no line terminators Hashe44702657a9e124a9ba6ba57e941d9e8 cbfc48ed2d804918f7f97c4f1ed6ea2a4780151b 39b318c989a0ac479bbf9196494fb1bec96cd1e54186051f5ba6225877acfd83
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css | 91.209.70.182 | 200 OK | 2.8 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (3129), with no line terminators Hash51c9993916aaff91429614ae79394a6b 51383b05a8ada15406d7eff96fc706c47cfb581b 7c418339961aab6dec877ed3760307367e9deea17a1fbd175e611c215e48634f
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 188.114.96.1 | 200 OK | 27 B |
IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash6653d1f609639bd86918e580162b7fb2 81be44b9de7b25718fff2f5aa90fcc5e394b5c74 6e16a7c391d754a93a706aa5b59befc3a9bd5fd79d4b5b42fc9db3cc9848e34b
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/plain
set-cookie: csu=1150594081163066@1@1713266395; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dwg9i9J455z93aQcBIJILtSwLb5YosH3sJtA24XAia29OmB7%2BPDzJnx6uFE46djIzD8Pm4IAUvsOiu0k7zeYocHah7RjQosbKnX5MPU2gAyAL7ifLBJBnbFvDgDCvUdw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c79b756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js | 91.209.70.182 | 200 OK | 1.8 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1946), with no line terminators Hash28bfbd66415c5e20a0d8ce1ee03bd87c 144fa15fb0a7090117e6f4ef33d9f465241e5459 6eb7ee7937139b13785d0befc27eb61cffbae32d066959c6370829209c0c4e46
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css | 91.209.70.182 | 200 OK | 118 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeassembler source, ASCII text, with very long lines (540), with CRLF line terminators Size118 kB (117787 bytes) Hash26bfa8a47d74b90e1fc4632710026e85 2993c7f968fb5e5be8d256d5c7271fe64c87326d 69c6352bd7a8de550563a81b40dab2234fa30ff0ae9e90a8b5c896dea033ca3b
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| theharityhild.buzz/aTR6VEcSFgkjGBxGFnZ9S1wOIDcaDlV7KgxTGyE3R1ofIGgaQ1Q%2BNEsYWCcqDxZAZWtLRxciZVMWTnp0SxhYICYOaxMwZVMWQmd1XwdJdmtLRw82GABQSHZ9S1JCZ3QKBE42al9RSjZqXVAYZGpQAEJjag8CHzEiClEZNyQKUVgp | 54.225.185.110 | 200 OK | 64 kB |
URL GET HTTP/2theharityhild.buzz/aTR6VEcSFgkjGBxGFnZ9S1wOIDcaDlV7KgxTGyE3R1ofIGgaQ1Q%2BNEsYWCcqDxZAZWtLRxciZVMWTnp0SxhYICYOaxMwZVMWQmd1XwdJdmtLRw82GABQSHZ9S1JCZ3QKBE42al9RSjZqXVAYZGpQAEJjag8CHzEiClEZNyQKUVgp IP54.225.185.110:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerLet's Encrypt Subjecttheharityhild.buzz Fingerprint09:2B:87:B1:F8:C4:A1:F9:B2:5E:19:0A:30:CF:C3:0C:EF:6E:4E:90 ValiditySun, 31 Mar 2024 11:04:14 GMT - Sat, 29 Jun 2024 11:04:13 GMT
File typeJavaScript source, ASCII text, with very long lines (63765), with no line terminators Hash9a018cc84cff8b8527638f1de3474bec bea87e1b8fd7edfcdbd4fd95d0045a9b6a43192c 3c9e9706ef0bb765ea544b00d1a539d5be19b25358d6a9e0413013b27d261837
GET /aTR6VEcSFgkjGBxGFnZ9S1wOIDcaDlV7KgxTGyE3R1ofIGgaQ1Q%2BNEsYWCcqDxZAZWtLRxciZVMWTnp0SxhYICYOaxMwZVMWQmd1XwdJdmtLRw82GABQSHZ9S1JCZ3QKBE42al9RSjZqXVAYZGpQAEJjag8CHzEiClEZNyQKUVgp HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 708553af1f752cb67ead6e3cb500a244=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"f915-vqh+G4/X7fzb1P2V0ARam2pDGSw"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css | 91.209.70.182 | 200 OK | 36 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/responsive.css | 91.209.70.182 | 200 OK | 3.7 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/responsive.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (3795), with no line terminators Hash984d21bc996f9907b59b8e80308d1d33 6d00958737d36f4d07a0920a303d230dad004a43 94ca9c89c3f698aa1a6247d089d9d866002358183a4e8376eba5452cb5182f1f
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 188.114.96.1 | 200 OK | 26 B |
IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash629406ef322ce32644451f26f1252351 3d5b0bb98c9971e611dfd161dd353eca88389b60 5d50399807c8668923570f50c2d7909c6ada6c24686ee37d184d8cf45c4c667f
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/plain
set-cookie: csu=282119946520669@1@1713266395; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdHnonwEuB1P8uIBrGF6o9zvyTlwOZXP%2FDvt1QECkJVIgccTg2A%2BXI3pXyS9NgoDp3HILZZPfmFebu1vJJ9ELWSGh7ygWTI0ZJH%2Fm5bbkGQfrWFgtQRR%2FYyRt%2FcGXA4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c99f656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/gauge.min.js | 91.209.70.182 | 200 OK | 18 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/gauge.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1259) Hashaafe893df6f86140460a76d58dcecfe2 fe1a74890dc8f040f5f681041663b96d983163f6 2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery-1.11.0.min.js | 91.209.70.182 | 200 OK | 96 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery-1.11.0.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32341) Hash8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/ZDNnRktLDAQ1dgVnJQgcMUsEB3hVQAIQLCJWVTZuVnUwMR1cUlRybRBaA3tzVgZed3pCQw4idlcBQTU/BUcSNXZWA1dxbQ1dASl2VhURe3tKCkl0ZVIVEnt6QkcXJyxZAkE2PxBfWnd8VQBVcH1XClJzfVQ | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/ZDNnRktLDAQ1dgVnJQgcMUsEB3hVQAIQLCJWVTZuVnUwMR1cUlRybRBaA3tzVgZed3pCQw4idlcBQTU/BUcSNXZWA1dxbQ1dASl2VhURe3tKCkl0ZVIVEnt6QkcXJyxZAkE2PxBfWnd8VQBVcH1XClJzfVQ IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZDNnRktLDAQ1dgVnJQgcMUsEB3hVQAIQLCJWVTZuVnUwMR1cUlRybRBaA3tzVgZed3pCQw4idlcBQTU/BUcSNXZWA1dxbQ1dASl2VhURe3tKCkl0ZVIVEnt6QkcXJyxZAkE2PxBfWnd8VQBVcH1XClJzfVQ HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIrtUy9v3cq0NWaYsEdO7MyZN18tUX%2BPFtFstJ0FhTtcIan8D3mN3wLLWib4JgQ8aPOxWLsYuhfB4S4ZTjq8lGt5LAqHoS4HHN5fdcsG%2BGbh9joHtTF3AqcYG43eouI24zJEbRcj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c78455687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/retina/retina.js | 91.209.70.182 | 200 OK | 1.3 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/retina/retina.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1353), with no line terminators Hash63539576529cb2ba2cf10de877f1e8cc 78cf75b3bc45e3da2e5753c4d47582957b222e1c f3bf2760a81cfb66c729ad39451b437da09f7e0a04fe93ffc34e23194d813619
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 188.114.96.1 | 200 OK | 27 B |
IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash6e0a5b067faf73cd22829dee27659536 0b40082b519f7b63e26efc0c9cba3c6aa2e4e805 b69294d149adb511f2dde642a0533198e9c14286a509861281976712da212921
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/plain
set-cookie: csu=2097593264733138@1@1713266395; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O7pL8HeZludueMJ6bgIbqXIAKZtp%2FT7heMGNQLve7Ase3U8QRXEwsoeXzQt4Z5aFDWdqddwxrweyGckBiQhu8NtyFdISt4CEI8Zl188P7KQKRH7UyNS24pk4HENTsxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c79c356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css | 91.209.70.182 | 200 OK | 18 kB |
URL GET HTTP/2megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/load-image.min.js | 91.209.70.182 | 200 OK | 2.5 kB |
URL GET HTTP/2megaup.net/themes/flow/js/load-image.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2582), with no line terminators Hasha695bcdeef4ab1f27d01d2175ab9ddcd 442e6298bf7092455528a2b81e721aaf7a72ef09 ac92521ad4d3d0191d63ce8dda671b9e78c7c7e1d5f0b3fb2cf5424461f3f315
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js | 91.209.70.182 | 200 OK | 15 kB |
URL GET HTTP/2megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1288) Hashd31e0426a59b32581835680633809ea3 98caf983b9349fcf2a32d6512f998ea9a557a90e c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js | 91.209.70.182 | 200 OK | 198 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (464), with CRLF line terminators Size198 kB (197554 bytes) Hash35045d45f7d1dde1f90457c5d73700c5 a7fcee0ab1da615e828e51967c474ae91d768569 d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar | 91.209.70.182 | 200 OK | 925 kB |
URL User Request GET HTTP/2megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar IP91.209.70.182:443
CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
Size925 kB (925445 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2; expires=Wed, 17-Apr-2024 11:19:54 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| positioner.info/dm1mdEQXDwUZexdQBFIxBAFbUXYwSFQyIEQHFQIxGggKHSBFCFJaJxoCExAiBAIIAGoYCBJRdjABNRoKBQxWMTQ+LC86IhxZBzcCLF8AMQ4SOFUQNzcVUjsORQ4DNxUBCjYDCjUvNSVhRC8wJR0vIQ8lACM8UiEOJx48NgA3CiE1MBc3HEAONSs8DCY0VSg2FyxeMCUvMCQIEAclCgkYDzNYPyAQI1suNSAhIzIfDjAvDQYNNyQCNRMVSFQyARooITguNwwnNScRD1YxNS4AX0ISGlgEFRA8Lj4hcQ8uIC4hIRRWHgwkBjIuDB4pIDIKRSszIh0iAy89EhpAUxYJDBUxLD0GWQAydRU8CyZwJxoVOw0fKAUnEh0lAzEKEjpVMnMnXFc7J0UCMDYWHQYqNjMjOQg5CSUBFjInIRohIRIZSwwHKxgdWxERGRUTGzUcBgFF | 52.85.243.80 | 200 OK | 3.0 kB |
URL GET HTTP/2positioner.info/dm1mdEQXDwUZexdQBFIxBAFbUXYwSFQyIEQHFQIxGggKHSBFCFJaJxoCExAiBAIIAGoYCBJRdjABNRoKBQxWMTQ+LC86IhxZBzcCLF8AMQ4SOFUQNzcVUjsORQ4DNxUBCjYDCjUvNSVhRC8wJR0vIQ8lACM8UiEOJx48NgA3CiE1MBc3HEAONSs8DCY0VSg2FyxeMCUvMCQIEAclCgkYDzNYPyAQI1suNSAhIzIfDjAvDQYNNyQCNRMVSFQyARooITguNwwnNScRD1YxNS4AX0ISGlgEFRA8Lj4hcQ8uIC4hIRRWHgwkBjIuDB4pIDIKRSszIh0iAy89EhpAUxYJDBUxLD0GWQAydRU8CyZwJxoVOw0fKAUnEh0lAzEKEjpVMnMnXFc7J0UCMDYWHQYqNjMjOQg5CSUBFjInIRohIRIZSwwHKxgdWxERGRUTGzUcBgFF IP52.85.243.80:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerAmazon Subjectpositioner.info FingerprintDA:BE:5E:9C:0D:FB:D1:41:AB:2A:84:89:1D:88:D4:1C:B0:41:62:05 ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3063), with no line terminators Hash481c752b5caee258b088d8943efa9a9c 6a2a1d608a1d16316ff45969914d06874c48f75e 256a2dd5d5e9c328828e1e40c52952e55676d426b7ba972b44639536a00a7411
GET /dm1mdEQXDwUZexdQBFIxBAFbUXYwSFQyIEQHFQIxGggKHSBFCFJaJxoCExAiBAIIAGoYCBJRdjABNRoKBQxWMTQ+LC86IhxZBzcCLF8AMQ4SOFUQNzcVUjsORQ4DNxUBCjYDCjUvNSVhRC8wJR0vIQ8lACM8UiEOJx48NgA3CiE1MBc3HEAONSs8DCY0VSg2FyxeMCUvMCQIEAclCgkYDzNYPyAQI1suNSAhIzIfDjAvDQYNNyQCNRMVSFQyARooITguNwwnNScRD1YxNS4AX0ISGlgEFRA8Lj4hcQ8uIC4hIRRWHgwkBjIuDB4pIDIKRSszIh0iAy89EhpAUxYJDBUxLD0GWQAydRU8CyZwJxoVOw0fKAUnEh0lAzEKEjpVMnMnXFc7J0UCMDYWHQYqNjMjOQg5CSUBFjInIRohIRIZSwwHKxgdWxERGRUTGzUcBgFF HTTP/1.1
Host: positioner.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1190
date: Tue, 16 Apr 2024 11:19:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 210fa10efb175d891774d170436663b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ikiqHrYY-x_BKsqcGuX1IPfGzCVsywHIW8k0mXpK-KMiWggqhZch4g==
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/aUFkYWRGfgcSWT8WXFMxPnQONjU7LzMMMgsAVi89MAdcKT0/dUIVDQ18U1dVWHlSRxQAJVlQQho1BRURGnxVRw0HJwtcQh98VU9XXW9XV0pdZxFcVU81FAADVHBCERAdLVlQU1hyVldSWnhRVFZY | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/2ncukankingwith.info/aUFkYWRGfgcSWT8WXFMxPnQONjU7LzMMMgsAVi89MAdcKT0/dUIVDQ18U1dVWHlSRxQAJVlQQho1BRURGnxVRw0HJwtcQh98VU9XXW9XV0pdZxFcVU81FAADVHBCERAdLVlQU1hyVldSWnhRVFZY IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aUFkYWRGfgcSWT8WXFMxPnQONjU7LzMMMgsAVi89MAdcKT0/dUIVDQ18U1dVWHlSRxQAJVlQQho1BRURGnxVRw0HJwtcQh98VU9XXW9XV0pdZxFcVU81FAADVHBCERAdLVlQU1hyVldSWnhRVFZY HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 16 Apr 2024 11:19:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80jxxgULBHyTHTzKuwwWpN%2FTNHrM72B4Q%2Fu9psYpAoJYKI4CgYtF4pdBe5fv%2B7DlFjfSdtMAdSYHZvRnLkKEzpr5sFW7rAmx4F2XCJkRG998rih78ImheqqLg5s%2FQ5i%2BGalc8woe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c68235687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 188.114.96.1 | 200 OK | 27 B |
IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hash4ea8915e213113d4d1e288fe76e35a3a c7a30319227417a2c0f7f820e876137ed3b7254e e089155118f0749e6f9c273ef80385eb6f2cb667be5329f487beddb2f7eb1e3b
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/plain
set-cookie: csu=1119244846044515@1@1713266395; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsfcQz8xCzfhFfq35X6sxp73g%2BDUL9lHuREEcRQNX52q%2B1mYXGjGej0Axs%2BbSYQypaw1GEESHxFAPhMj%2BWspNmvk7lkpBd846f6OElltcAc2PeIPMU9t3l3VdybtYpkV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c87c79c256cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-ui.js | 91.209.70.182 | 200 OK | 25 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.fileupload-ui.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash6d74ec0b03e02825fef8093d64629489 de746f1c7aeb0927541e1d55bdea4672bb47aa73 5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css | 91.209.70.182 | 200 OK | 23 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators Hashf8398a4ad2442f1943b62d93f89249b6 280150fc79d01a95808b1c16ca8749e8d8cda85e 7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js | 91.209.70.182 | 200 OK | 85 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (23470) Hash04426bc66c09c8881b5b329310e903e9 ff7f2f64ed5938023a91050e27f22f77becba78c ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js | 91.209.70.182 | 200 OK | 4.2 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4394), with no line terminators Hash07d7abfc2a0b542f84b84f090361b81f ba07801dd09cbaaf882acc40f96449ea5edb878a 57c815c1f2e67478932fca8e2311f7b9308ec3fdea93379ca7b61559fc67caaa
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js | 91.209.70.182 | 200 OK | 29 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (28941) Hashba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css | 91.209.70.182 | 200 OK | 339 B |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (375), with no line terminators Hashe60adfdae6f5cf19011dbe4154390a71 e91fc65490f58b7072d25b8edeed4b213e72ad96 0633957c46201ad0d4143ecfcb0c12d9c400a8edadb2670026573d8f8c2ba2f2
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLtSb-V3UUHHafJvYkIqjH6s7vtooCBVKMk0K8wK5VaOpJgVOOqFPbOLS3QVKJkYA3pspG1iA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1208944041%3A1713266396830842&theme=mn&ddm=0 | 108.177.14.84 | 403 Forbidden | 0 B |
URL GET HTTP/2accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLtSb-V3UUHHafJvYkIqjH6s7vtooCBVKMk0K8wK5VaOpJgVOOqFPbOLS3QVKJkYA3pspG1iA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1208944041%3A1713266396830842&theme=mn&ddm=0 IP108.177.14.84:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKLtSb-V3UUHHafJvYkIqjH6s7vtooCBVKMk0K8wK5VaOpJgVOOqFPbOLS3QVKJkYA3pspG1iA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1208944041%3A1713266396830842&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 11:19:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-p64BFQBlveWXQ1n4SPohJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-process.js | 91.209.70.182 | 200 OK | 5.3 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.fileupload-process.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5466), with no line terminators Hash84f8554400d04b9a321a8f255455db13 2769a1ca8116367636343875b340505939ceff71 43958ee1d314b9876d5cd635dfd55f2b14aaacb83ee73ee276c1a96120d6dfd0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/sw.js | 91.209.70.182 | 200 OK | 103 kB |
IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size103 kB (103036 bytes) Hash9ee51131e416458b88d6da4e6e6959ca a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4 db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js | 91.209.70.182 | 200 OK | 7.4 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7733), with no line terminators Hashaaaac23173da082efba2d6874d01cf03 b14b1cd1e6bf4cf4a324182e4ee3fe3ec370b896 85ede8080213e13bdc68570d742105289541dfc11847ea8cab78c5575bac71e9
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery-ui.js | 91.209.70.182 | 200 OK | 436 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery-ui.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (840) Size436 kB (435844 bytes) Hashec9758d9508e2fd22ddbdc6d5a28f214 0ed7df6cc32be8f9687cda3cd6e109e5de44339e ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-resize.js | 91.209.70.182 | 200 OK | 8.1 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.fileupload-resize.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8281), with no line terminators Hashfe90ec8075308aa0695b41a01faa8d7c 9ef0157a99a6efd2a8672b699dbf4225d8fa67ad 782f2530cd4df35901bcdba4dab3cd8769f7cebfcfa96cec776cbcdc10d66062
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/fonts.css | 91.209.70.182 | 200 OK | 1.7 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/fonts.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (1734), with no line terminators Hash4d22ff28e999a5c332705be886a5984b 8f458405367020346f614bbe41d21da151fdfa87 65e973e0ec1ed64f42a2ad48e4d02a34c9db54a7340761d86c53149a508e9b32
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ncukankingwith.info/N0g1akEYd1YZfGAkYBMYYAZDMCZ9HWMHNVAKcyAQVg90LhQGDRMeKFN1DVh0DnkETDFeLAhZcxE7QQs1QjsIWHEHfRMDL1EnCFhxB34FWnAEehBdAl88QRoyEnt0T3NxbQcsOVokGwkuQGVBAyxSOlcfJVMtR0QuRS8QWAdDIEAHI1kpXAZkBA5cT3JzEHAQM2ILWQInYhFqWmQFfkVPcnN5AltyBX4DWXgBZgdYcQ95AE9zASFYDTUSe3EDIlgmEF0CBnoMUngFcGpccgdxAFxzEn92W3kBeAFacQF4AVl2A3sBWHkCeRMcfAdmDERzGX4TH3wFcAdbcA5xAVx0BXgDXHgRPEULJgp5Exo1QyQIW3YGewdcdwRxDVJxAw | 188.114.96.1 | 204 No Content | 0 B |
URL POST HTTP/3ncukankingwith.info/N0g1akEYd1YZfGAkYBMYYAZDMCZ9HWMHNVAKcyAQVg90LhQGDRMeKFN1DVh0DnkETDFeLAhZcxE7QQs1QjsIWHEHfRMDL1EnCFhxB34FWnAEehBdAl88QRoyEnt0T3NxbQcsOVokGwkuQGVBAyxSOlcfJVMtR0QuRS8QWAdDIEAHI1kpXAZkBA5cT3JzEHAQM2ILWQInYhFqWmQFfkVPcnN5AltyBX4DWXgBZgdYcQ95AE9zASFYDTUSe3EDIlgmEF0CBnoMUngFcGpccgdxAFxzEn92W3kBeAFacQF4AVl2A3sBWHkCeRMcfAdmDERzGX4TH3wFcAdbcA5xAVx0BXgDXHgRPEULJgp5Exo1QyQIW3YGewdcdwRxDVJxAw IP188.114.96.1:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerGoogle Trust Services LLC Subjectncukankingwith.info Fingerprint54:EC:12:00:29:26:97:E9:83:F6:67:14:71:64:5B:7A:CC:8A:D0:08 ValiditySun, 31 Mar 2024 11:25:46 GMT - Sat, 29 Jun 2024 11:25:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /N0g1akEYd1YZfGAkYBMYYAZDMCZ9HWMHNVAKcyAQVg90LhQGDRMeKFN1DVh0DnkETDFeLAhZcxE7QQs1QjsIWHEHfRMDL1EnCFhxB34FWnAEehBdAl88QRoyEnt0T3NxbQcsOVokGwkuQGVBAyxSOlcfJVMtR0QuRS8QWAdDIEAHI1kpXAZkBA5cT3JzEHAQM2ILWQInYhFqWmQFfkVPcnN5AltyBX4DWXgBZgdYcQ95AE9zASFYDTUSe3EDIlgmEF0CBnoMUngFcGpccgdxAFxzEn92W3kBeAFacQF4AVl2A3sBWHkCeRMcfAdmDERzGX4TH3wFcAdbcA5xAVx0BXgDXHgRPEULJgp5Exo1QyQIW3YGewdcdwRxDVJxAw HTTP/1.1
Host: ncukankingwith.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Tue, 16 Apr 2024 11:19:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQ2TaggXMrS30%2BUinvTx%2FAA8AQAxHXcuxs3VP%2FI645ZPZ%2Beqhr9DBco2ekz3lSiRNXlQ4ACyzuQx%2Fnoqttup5tfwUWmZAz0UnIEzwJZAfZifygyckwEt7iDMWx6INW2IrmaZmsLd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8753c890891856a9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| megaup.net/themes/flow/js/jquery.tmpl.min.js | 91.209.70.182 | 200 OK | 971 B |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.tmpl.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1068), with no line terminators Hash089e1431cd0ddbbacc07175c48de0f15 65898769225f99ca698658bd7a4c3aa623dc82d4 dcd0212b5e453a6411aeef7b4302e0be890be6462d8197cac028f185c2f174fb
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/colors/flow.css | 91.209.70.182 | 200 OK | 2.7 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/css/colors/flow.css IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeASCII text, with very long lines (3023), with no line terminators Hash9adec578563e5d2ce244e42529bd6a0c 2d9d05a9914fff69e279803400fa089638ad30ea f9247eaf086df740e94ede1041b462994eb50899b273c70572a72f09048d1ce6
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/canvas-to-blob.min.js | 91.209.70.182 | 200 OK | 1.0 kB |
URL GET HTTP/2megaup.net/themes/flow/js/canvas-to-blob.min.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1052), with no line terminators Hasha6496a71738d7a150a3e065ee0e12fe3 5312d1558e59026ae5f14cb04f8bc87248f23826 7700f942a6370cef00334962637f3de505a110832c554efdaab8aa645b10359d
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload.js | 91.209.70.182 | 200 OK | 56 kB |
URL GET HTTP/2megaup.net/themes/flow/js/jquery.fileupload.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashb85ba9fdc07788f5208002e4588c1e2a f4a5b283e901f573f1237b6a096da4c295e8a65b f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/custom/custom.js | 91.209.70.182 | 200 OK | 5.2 kB |
URL GET HTTP/2megaup.net/themes/flow/frontend_assets/js/custom/custom.js IP91.209.70.182:443
Requested byhttps://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar CertificateIssuerSectigo Limited Subject*.megaup.net Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5537), with no line terminators Hashf11b915d430ce9e1d2470ce7a88c8df7 9f1fbcd5391969567e9b0c14467d637446cb69ed 13d1a0a149018d6e707511272a19e324ca469919e8546570cfef14f24c2219e6
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2vDfe/It_Takes_Two_[010092A0172E4000][v0][US].nsp.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=fhgn0r8fi8j9eiij30rnki5dm2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 11:19:55 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|