GET megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
200 OK 3.2 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Unicode text, UTF-8 text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1751
Size 3.2 kB (3160 bytes)
MD5 4541b29b6040bc31b760f98e914fd1d7
SHA1 0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
SHA256 6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:07 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-c58"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
200 OK 39 kB URL GET HTTPS
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP / ASN
142.250.178.74
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-02
Last Seen 2025-08-08
Times Seen 708
Size 39 kB (39341 bytes)
MD5 0812d3cfd3d7800435f05536b513ecfd
SHA1 e70839be86f9de0d31aa6b5f0903da7c1fc7c286
SHA256 00e20cfbdec23113781e1620e51b3e336b15acd9a3c026a184390736b26dab70
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint B7:F0:7E:3A:46:13:9F:42:76:6A:5D:6E:85:25:78:85:99:EE:67:71
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Jul 2025 02:08:08 GMT
date: Mon, 07 Jul 2025 02:08:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/scripts.js
200 OK 115 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/scripts.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 1938
Size 115 kB (114862 bytes)
MD5 ce260d2170faf98639ab8e0e3758f1e2
SHA1 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
SHA256 ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1c0ae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/socicon.css
200 OK 9.8 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/socicon.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1737
Size 9.8 kB (9838 bytes)
MD5 910a42ce112991b31b30a735f1006a5f
SHA1 6c8b4769270f1c86bb1c7a6b54325465395ba614
SHA256 010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:07 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-266e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/typed.min.js
200 OK 3.9 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/typed.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (3949), with no line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 4945
Size 3.9 kB (3949 bytes)
MD5 2f6185a8a32a50b2b3e04849f44359d4
SHA1 0e5501588c5c0d1c9462f34b0d56c21abff5bfef
SHA256 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f6d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/img/background.jpg
200 OK 86 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/img/background.jpg
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3
First Seen 2025-04-01
Last Seen 2025-08-08
Times Seen 1371
Size 86 kB (86513 bytes)
MD5 1b0874b56457a14258e3bd22805266c6
SHA1 26ff3d095376d43cb78388e700707cdaf6ac75eb
SHA256 5c5e0d52eb281e1ceae07f53c931982e8e014b9a535df9c98246157167e29285
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/img/background.jpg HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: image/jpeg
content-length: 86513
last-modified: Tue, 11 Feb 2025 07:35:38 GMT
vary: Accept-Encoding
etag: "67aafdca-151f1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
200 OK 3.9 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1815
Size 3.9 kB (3889 bytes)
MD5 30265c8089a8f3e871d0873ef6a5b944
SHA1 2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
SHA256 f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f31"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 33894
Size 48 kB (48332 bytes)
MD5 5734e133a619a6ae6ee21a6c00a95eba
SHA1 57c0ac17302d07bd4f968240098afe5ed53d4ad2
SHA256 d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:48:00 GMT
expires: Fri, 03 Jul 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 296409
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/theme.css
200 OK 207 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/theme.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type assembler source, ASCII text, with CRLF line terminators
First Seen 2025-04-01
Last Seen 2025-08-08
Times Seen 1338
Size 207 kB (206626 bytes)
MD5 06cc8983a538a05dddf526b3b7e732aa
SHA1 2414173a1660589ebbba8bdc6e3d1237df6063db
SHA256 27e49bfa89404d352fa4627719f2a9a3ea5c2759c2bc74e7567ff98b5a996758
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 18:30:52 GMT
vary: Accept-Encoding
etag: W/"67ab975c-32722"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/datepicker.js
200 OK 21 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/datepicker.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 4301
Size 21 kB (20975 bytes)
MD5 8cfe207a6a21c7495cfb751c761217a6
SHA1 35d686a6c4ecc9946c35444ce93e110cb0e1611c
SHA256 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-51ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET undefined/UTREZW4wVicIUTAJJkMbI1h5QFwXEXYjCmJbI10aYAx3DF8nViNLDT1bMQEII1sqEUA/UTBAXBdTFzIeMFcpDh8TYBUwODsEADUFaGYhVFc7ZXUNGBZdIz0qYmUMNRYEfRQnHmF8BRJXBXAFJyw4VyU/FCZTDjZeJnsWXQcWcB0pJDYBCSkJNnogIx5pfCMCABVjIDAqElcOP14fZA8kWmVgdVQYGV0rAS8/ZSIrLAh5CBIjYXIzVBgZTjA1LBJtFSgWZXIPIFc+egIdAAZafSQ5BnEgKBYmeg4NXiFidRFbE3dxPTliWCYEAiluJiMFCGJ1EVsZYGkoDQkHdTUPBXYJAF8+XRYjXyJjFg02BgcvPCIXUCUmKCVEFg4KZGV3XC8GZ3A1IQNfAwcoNlcVIwJlYykVKgZsLDUPFH0ULCw2EXYjKBBtPDFcNgQTLR40UAEvPgFyIBdIO0crCx5seg0JKTt/Mg4cPU0LIg
0 B URL GET HTTP
undefined/UTREZW4wVicIUTAJJkMbI1h5QFwXEXYjCmJbI10aYAx3DF8nViNLDT1bMQEII1sqEUA/UTBAXBdTFzIeMFcpDh8TYBUwODsEADUFaGYhVFc7ZXUNGBZdIz0qYmUMNRYEfRQnHmF8BRJXBXAFJyw4VyU/FCZTDjZeJnsWXQcWcB0pJDYBCSkJNnogIx5pfCMCABVjIDAqElcOP14fZA8kWmVgdVQYGV0rAS8/ZSIrLAh5CBIjYXIzVBgZTjA1LBJtFSgWZXIPIFc+egIdAAZafSQ5BnEgKBYmeg4NXiFidRFbE3dxPTliWCYEAiluJiMFCGJ1EVsZYGkoDQkHdTUPBXYJAF8+XRYjXyJjFg02BgcvPCIXUCUmKCVEFg4KZGV3XC8GZ3A1IQNfAwcoNlcVIwJlYykVKgZsLDUPFH0ULCw2EXYjKBBtPDFcNgQTLR40UAEvPgFyIBdIO0crCx5seg0JKTt/Mg4cPU0LIg
IP / ASN
0.0.0.0
#0
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /UTREZW4wVicIUTAJJkMbI1h5QFwXEXYjCmJbI10aYAx3DF8nViNLDT1bMQEII1sqEUA/UTBAXBdTFzIeMFcpDh8TYBUwODsEADUFaGYhVFc7ZXUNGBZdIz0qYmUMNRYEfRQnHmF8BRJXBXAFJyw4VyU/FCZTDjZeJnsWXQcWcB0pJDYBCSkJNnogIx5pfCMCABVjIDAqElcOP14fZA8kWmVgdVQYGV0rAS8/ZSIrLAh5CBIjYXIzVBgZTjA1LBJtFSgWZXIPIFc+egIdAAZafSQ5BnEgKBYmeg4NXiFidRFbE3dxPTliWCYEAiluJiMFCGJ1EVsZYGkoDQkHdTUPBXYJAF8+XRYjXyJjFg02BgcvPCIXUCUmKCVEFg4KZGV3XC8GZ3A1IQNfAwcoNlcVIwJlYykVKgZsLDUPFH0ULCw2EXYjKBBtPDFcNgQTLR40UAEvPgFyIBdIO0crCx5seg0JKTt/Mg4cPU0LIg HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
200 OK 490 kB URL GET HTTPS
d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP / ASN
54.230.245.156
#16509 AMAZON-02
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 490 kB (489877 bytes)
MD5 e09c62b209704f0a9e986e1399b7e796
SHA1 50957d7913453fe0ef5c81d23d5985253a77c579
SHA256 2587ac1eba89e1b92330c2669061debb0428cdb703d663240698d1f323fbed61
Certificate Info
Issuer Amazon
Subject *.cloudfront.net
Fingerprint 8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
Validity Mon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 152096
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
date: Mon, 07 Jul 2025 02:08:09 GMT
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LkT_QrV0kub2VISpsCcIQcyLsZkhGsHHGl-6AcNhTHK9xjq01O7cRA==
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 27 B URL GET HTTPS
ukankingwithea.com/
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 27 B (27 bytes)
MD5 1f6604f2cf2b0ecf67b1ed7cc1e66ece
SHA1 2ba5700af8304e3ff6d96bcc908f4afc84da3850
SHA256 a9970e6e294f0fdbf984190590f76cd24708ea7a5ba98b8827f6a7c7f59b1c81
Certificate Info
Issuer Google Trust Services
Subject ukankingwithea.com
Fingerprint BC:D9:DE:23:19:C0:7C:2B:35:05:12:80:A3:22:F2:D2:D2:6F:1F:B3
Validity Fri, 27 Jun 2025 13:58:09 GMT - Thu, 25 Sep 2025 14:56:56 GMT
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:08:10 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Lt%2Byw%2Br%2BcGuagfIHs9HnQGz43LZ7XAOwr35JRyo1TGl3dlWEezb1cjaI%2FTaumUrGlUnm9yTY9DLUpwaqJJI1pdTgoHwjqG9n0btYN0tR%2B%2Fc%3D"}]}
content-encoding: br
set-cookie: csu=1156078636817312@1@1751854090; SameSite=None; Secure; Max-Age=31104000
cf-ray: 95b3cade9e5156c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST vardsusyseinpo.com/TTVScmViCjEBWABwaxw2C2QUFDMbDTAjP3VgChoIDm0IJgYKdHQGDCkIakBQdARjVBUkUW9BV2tGJhMROEZvQFV9AnQbCytab0BDOwhiXFxjB3xEQzgIY1QRPVQ1T1RrRSYGCXAEZUdUdQBmQlx9BGRE
204 No Content 0 B URL POST HTTPS
vardsusyseinpo.com/TTVScmViCjEBWABwaxw2C2QUFDMbDTAjP3VgChoIDm0IJgYKdHQGDCkIakBQdARjVBUkUW9BV2tGJhMROEZvQFV9AnQbCytab0BDOwhiXFxjB3xEQzgIY1QRPVQ1T1RrRSYGCXAEZUdUdQBmQlx9BGRE
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
POST /TTVScmViCjEBWABwaxw2C2QUFDMbDTAjP3VgChoIDm0IJgYKdHQGDCkIakBQdARjVBUkUW9BV2tGJhMROEZvQFV9AnQbCytab0BDOwhiXFxjB3xEQzgIY1QRPVQ1T1RrRSYGCXAEZUdUdQBmQlx9BGRE HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Mon, 07 Jul 2025 02:08:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2HoYBHGINh8oeAS1H3PsjePZxHy%2FKjsTmtU64BhrDa8pjpzLJ2uwaZzbD96462J%2F%2BZ9OlFC9V1gCZhR2GZtisz1waEJdEKYjA%2F6Qj%2F%2B9KuYLcWSvBv%2BgkmK4Hxb%2Bq26dSp24OM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 95b3cae1281e5685-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8531&min_rtt=564&rtt_var=7391&sent=75&recv=92&lost=0&retrans=1&sent_bytes=9194&recv_bytes=5881&delivery_rate=462220&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18883&unsent_bytes=0&cid=0eb2dc17364fb65c&ts=1142&inflight_dur=101&x=40"
GET megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
200 OK 70 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2219
Size 70 kB (69754 bytes)
MD5 6fda19caa29287e6f584f0557fdeb6d4
SHA1 40f58160090cd1f022704ee1352b343adb9e73b9
SHA256 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1107a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 33894
Size 48 kB (48332 bytes)
MD5 5734e133a619a6ae6ee21a6c00a95eba
SHA1 57c0ac17302d07bd4f968240098afe5ed53d4ad2
SHA256 d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:48:00 GMT
expires: Fri, 03 Jul 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 296409
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
200 OK 80 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
First Seen 2023-04-05
Last Seen 2025-08-08
Times Seen 6542
Size 80 kB (80148 bytes)
MD5 c500da19d776384ba69573ae6fe274e7
SHA1 6290834672aba86d5b6c1c73b30b57c9c53996f7
SHA256 cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:09 GMT
content-type: font/woff2
content-length: 80148
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-13914"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
200 OK 4.3 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
First Seen 2023-04-20
Last Seen 2025-08-08
Times Seen 4913
Size 4.3 kB (4292 bytes)
MD5 ae072782b361d2afdbf43db08d3cfb73
SHA1 f3db2e65b53d97491672f8631e21d6d05905cc88
SHA256 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: font/woff2
content-length: 4292
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-10c4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e5710za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104879961~104885889~104885891
200 OK 343 kB URL GET HTTPS
www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e5710za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104879961~104885889~104885891
IP / ASN
142.250.178.72
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (6004)
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 343 kB (342793 bytes)
MD5 552904451dd549678ca92409a1317792
SHA1 a2bfb90137d78506836363ea72195510f6daa81c
SHA256 40854de8a75afe5315d82ac781c1654566da209c69b4a024099c9101cbe54d3b
Certificate Info
Issuer Google Trust Services
Subject *.google-analytics.com
Fingerprint 06:CD:2A:9C:6E:F9:40:51:AA:E0:81:4A:BB:69:6C:BA:FA:AD:AB:4D
Validity Tue, 17 Jun 2025 20:01:48 GMT - Tue, 09 Sep 2025 20:01:47 GMT
GET /gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e5710za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104879961~104885889~104885891 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 07 Jul 2025 02:08:09 GMT
expires: Mon, 07 Jul 2025 02:08:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 119750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
200 OK 536 B URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type PNG image data, 57 x 57, 8-bit colormap, non-interlaced
First Seen 2025-04-01
Last Seen 2025-08-08
Times Seen 1371
Size 536 B (536 bytes)
MD5 0019444f6b6df5b4b5ed32b6b469caab
SHA1 4232370d10ab54ef9bda57aa9dcb813036047b35
SHA256 0509f6df067face535f028cd86200748952227161f8f244aa7864e7848553562
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:09 GMT
content-type: image/png
content-length: 536
last-modified: Thu, 13 Feb 2025 17:40:08 GMT
vary: Accept-Encoding
etag: "67ae2e78-218"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiN9tFUEi4f5B2LhJfh7-aNKuakwzC9rt5nqBjbPo9QuKKz8-FjIHfnqRd7trNMVhU5XyTVT
302 Found 0 B URL GET HTTPS
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiN9tFUEi4f5B2LhJfh7-aNKuakwzC9rt5nqBjbPo9QuKKz8-FjIHfnqRd7trNMVhU5XyTVT
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject accounts.google.com
Fingerprint FF:F3:CC:D7:E9:C3:7E:10:C4:8A:5F:69:07:3E:95:0E:99:EE:91:34
Validity Tue, 17 Jun 2025 20:03:47 GMT - Tue, 09 Sep 2025 20:03:46 GMT
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiN9tFUEi4f5B2LhJfh7-aNKuakwzC9rt5nqBjbPo9QuKKz8-FjIHfnqRd7trNMVhU5XyTVT HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ENPa4CWmY1VVCP5zWjkp7Qe8BIMoSA:kQXx1ZX9puBQC_l7;Path=/;Expires=Wed, 07-Jul-2027 02:08:10 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiMv-EEsxsMrKvKuT8wQ7rrb4c-9jSh658wtPr3X-kAZuV8xJMA8rPSz36iA1xNs_O-tQE7u9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-585534587%3A1751854090519766
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-qZcMIEWH-KEmwM_4zL6lsg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
200 OK 80 kB URL User Request GET HTTPS
megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
IP / ASN
5.34.214.148
#42532 SIA VEESP
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (51885)
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 80 kB (79557 bytes)
MD5 77886302aa20e44d1c293e67caef9767
SHA1 6ad39789890dc4321e29c3da4dd5fc70d4811ae3
SHA256 949df31eece52a8954dca48b6e4d2b391d87ec47606593c1790c7f1f908d330b
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=bkfelbmac41njn5352ftsq8hat; expires=Tue, 08 Jul 2025 02:08:07 GMT; Max-Age=86400; path=/; domain=megaup.net; secure; HttpOnly; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
access-control-allow-origin: https://megaup.net
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/flickity.css
200 OK 2.5 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/flickity.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1769
Size 2.5 kB (2521 bytes)
MD5 244d315064064270eabbbb7ac9f6c700
SHA1 21ad53d3efbb40154293190173ee0c497ed7651c
SHA256 ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-9d9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET vardsusyseinpo.com/NmxHaFQZUyQbaVQCCQcZXQglOQJZKyEEPHc0ICJlYFw3CxdYIWEcPVJRf1phD112TiRfCHpbZhAfMwkgQx96WXJfAiEHaRAaelh6D0J1RmIQGXpZckIcJg9pB0o3HCBaUXZfYQdUclxkDlR+UGc
204 No Content 0 B URL GET HTTPS
vardsusyseinpo.com/NmxHaFQZUyQbaVQCCQcZXQglOQJZKyEEPHc0ICJlYFw3CxdYIWEcPVJRf1phD112TiRfCHpbZhAfMwkgQx96WXJfAiEHaRAaelh6D0J1RmIQGXpZckIcJg9pB0o3HCBaUXZfYQdUclxkDlR+UGc
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
GET /NmxHaFQZUyQbaVQCCQcZXQglOQJZKyEEPHc0ICJlYFw3CxdYIWEcPVJRf1phD112TiRfCHpbZhAfMwkgQx96WXJfAiEHaRAaelh6D0J1RmIQGXpZckIcJg9pB0o3HCBaUXZfYQdUclxkDlR+UGc HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 07 Jul 2025 02:08:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=surMbHf62REcXpIApqsCyjS8R02QHanNUEd6rEdCKv2gscZePlB814R5%2BLxsDUGXei9D3jcCZKIpO809zHObQf9USBcmzYdG0SnjSCmh1O8%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95b3cad8d913569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET undefined/eTZJb1kYVCoCZhgLK0ksC1p0Sms/E3spPUpZLlctSA56BmgPVC5BOhVZPAs/C1knG3cXUz1Kaz9cEzsDFFMkVx4uZy4MDDtwLy4yHW4cCBsvZXgLHSteGAkaL14rLiFJeQwqAzBwCAALPHc+JRg4Qg44IBIPCl8AEGUICBgfTx8MHgEPGjhpCXwKOTowfh8lHSxBLjUMFWcYLSFNeB4uEzhyIVcSIWA6NhgoRgsnGx51CF8QP24LABw6QTo5HyhOKCwxDX0fXBstYA9WGDtwEzweOE4QLjEsbw8HFyxlLioLPAcbJAEVYxA5NUBVAxcXLGUhCBQucGQtFipaE18ISV4vJwg7ZRFeLhdzeD0SMWQEOw8tQiw5PjN/GgQDOHQPNj06URMLGi8PLSYuK2EaXmAvdHg1FSpaKigYO3stLh84fAgEKSFVDwsTLgY6KAg4Dxo5GF9cOgA3CQsaPTcJcnsIPDB1
0 B URL GET HTTP
undefined/eTZJb1kYVCoCZhgLK0ksC1p0Sms/E3spPUpZLlctSA56BmgPVC5BOhVZPAs/C1knG3cXUz1Kaz9cEzsDFFMkVx4uZy4MDDtwLy4yHW4cCBsvZXgLHSteGAkaL14rLiFJeQwqAzBwCAALPHc+JRg4Qg44IBIPCl8AEGUICBgfTx8MHgEPGjhpCXwKOTowfh8lHSxBLjUMFWcYLSFNeB4uEzhyIVcSIWA6NhgoRgsnGx51CF8QP24LABw6QTo5HyhOKCwxDX0fXBstYA9WGDtwEzweOE4QLjEsbw8HFyxlLioLPAcbJAEVYxA5NUBVAxcXLGUhCBQucGQtFipaE18ISV4vJwg7ZRFeLhdzeD0SMWQEOw8tQiw5PjN/GgQDOHQPNj06URMLGi8PLSYuK2EaXmAvdHg1FSpaKigYO3stLh84fAgEKSFVDwsTLgY6KAg4Dxo5GF9cOgA3CQsaPTcJcnsIPDB1
IP / ASN
0.0.0.0
#0
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /eTZJb1kYVCoCZhgLK0ksC1p0Sms/E3spPUpZLlctSA56BmgPVC5BOhVZPAs/C1knG3cXUz1Kaz9cEzsDFFMkVx4uZy4MDDtwLy4yHW4cCBsvZXgLHSteGAkaL14rLiFJeQwqAzBwCAALPHc+JRg4Qg44IBIPCl8AEGUICBgfTx8MHgEPGjhpCXwKOTowfh8lHSxBLjUMFWcYLSFNeB4uEzhyIVcSIWA6NhgoRgsnGx51CF8QP24LABw6QTo5HyhOKCwxDX0fXBstYA9WGDtwEzweOE4QLjEsbw8HFyxlLioLPAcbJAEVYxA5NUBVAxcXLGUhCBQucGQtFipaE18ISV4vJwg7ZRFeLhdzeD0SMWQEOw8tQiw5PjN/GgQDOHQPNj06URMLGi8PLSYuK2EaXmAvdHg1FSpaKigYO3stLh84fAgEKSFVDwsTLgY6KAg4Dxo5GF9cOgA3CQsaPTcJcnsIPDB1 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiMv-EEsxsMrKvKuT8wQ7rrb4c-9jSh658wtPr3X-kAZuV8xJMA8rPSz36iA1xNs_O-tQE7u9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-585534587%3A1751854090519766
403 Forbidden 0 B URL GET HTTPS
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiMv-EEsxsMrKvKuT8wQ7rrb4c-9jSh658wtPr3X-kAZuV8xJMA8rPSz36iA1xNs_O-tQE7u9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-585534587%3A1751854090519766
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject *.google.com
Fingerprint 0E:29:D7:DB:FC:32:8C:DD:65:47:B5:CC:0F:62:04:EE:7C:AE:80:42
Validity Tue, 17 Jun 2025 20:01:48 GMT - Tue, 09 Sep 2025 20:01:47 GMT
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiMv-EEsxsMrKvKuT8wQ7rrb4c-9jSh658wtPr3X-kAZuV8xJMA8rPSz36iA1xNs_O-tQE7u9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-585534587%3A1751854090519766 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-3A3hXEexjJ73SKpWtPPvtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.d0E18SHIxFg.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST vardsusyseinpo.com/c0pvZXBcdQwWTSomIREnHQg3PCZKPzwzIhQdXRUzJHgfPykYG0kRGRd3V1dFSnteQwAaLlJWQlU5GwQEBjlSV0BDf0kMHhUlUldAQ3xfVUJAfkpSMxs+GxUDVnkuQEI1b10jEx8jDA5eFyMdABMHOA4LGxAmQQYfHm9dIwQbPwIHHhIjA0BDNSNKVjRZOEUERkMMOSxCOhVfQEJFIwICBFZ5KwwTHCRKUjNBflhXR0N4WFFJVn0sU0lEeF1VR0V7XVdDR3lZXUJBbBlYQF1zQVdeRWwaWEZKfl9XR0J/XFNCQnpWVVYHOg4CTUJsHxEEH3deUkVCclpRQEp5XlVJ
204 No Content 0 B URL POST HTTPS
vardsusyseinpo.com/c0pvZXBcdQwWTSomIREnHQg3PCZKPzwzIhQdXRUzJHgfPykYG0kRGRd3V1dFSnteQwAaLlJWQlU5GwQEBjlSV0BDf0kMHhUlUldAQ3xfVUJAfkpSMxs+GxUDVnkuQEI1b10jEx8jDA5eFyMdABMHOA4LGxAmQQYfHm9dIwQbPwIHHhIjA0BDNSNKVjRZOEUERkMMOSxCOhVfQEJFIwICBFZ5KwwTHCRKUjNBflhXR0N4WFFJVn0sU0lEeF1VR0V7XVdDR3lZXUJBbBlYQF1zQVdeRWwaWEZKfl9XR0J/XFNCQnpWVVYHOg4CTUJsHxEEH3deUkVCclpRQEp5XlVJ
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
POST /c0pvZXBcdQwWTSomIREnHQg3PCZKPzwzIhQdXRUzJHgfPykYG0kRGRd3V1dFSnteQwAaLlJWQlU5GwQEBjlSV0BDf0kMHhUlUldAQ3xfVUJAfkpSMxs+GxUDVnkuQEI1b10jEx8jDA5eFyMdABMHOA4LGxAmQQYfHm9dIwQbPwIHHhIjA0BDNSNKVjRZOEUERkMMOSxCOhVfQEJFIwICBFZ5KwwTHCRKUjNBflhXR0N4WFFJVn0sU0lEeF1VR0V7XVdDR3lZXUJBbBlYQF1zQVdeRWwaWEZKfl9XR0J/XFNCQnpWVVYHOg4CTUJsHxEEH3deUkVCclpRQEp5XlVJ HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Mon, 07 Jul 2025 02:08:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFuZVpgDn00jiOGrla%2FwVmp3o7mmh5P6CQ1pAINywWquSjj1nRcfXSeTYe%2BL2PEShhoUImOAdKbTKRypMaTsTO1qZzWqcwOgi9yp4J7RgOE%2ByjzYzOu9PoYWRhikKrUeQEjaENA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 95b3caf218425685-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7667&min_rtt=564&rtt_var=7271&sent=77&recv=94&lost=0&retrans=1&sent_bytes=9832&recv_bytes=6461&delivery_rate=462220&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19495&unsent_bytes=0&cid=0eb2dc17364fb65c&ts=3856&inflight_dur=122&x=40"
GET megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
200 OK 739 B URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2025-04-06
Last Seen 2025-08-08
Times Seen 1283
Size 739 B (739 bytes)
MD5 a19cdfde4cca33ccafc0b8bfd518bebb
SHA1 df1830e07033d0ae31288f62892121778fc7c765
SHA256 a347474d3c97d5440c2f06c86c314eb1e9c2a20e2b84e8367d57743fe77a8115
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/mu-waiting-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Mon, 17 Feb 2025 00:39:28 GMT
vary: Accept-Encoding
etag: W/"67b28540-2e3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/granim.min.js
200 OK 11 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/granim.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2210
Size 11 kB (10635 bytes)
MD5 714368d20c70f8c91b0a596e128dac07
SHA1 563954ec3a896fc129d014f01836245829f6d01d
SHA256 e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-298b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 33894
Size 48 kB (48332 bytes)
MD5 5734e133a619a6ae6ee21a6c00a95eba
SHA1 57c0ac17302d07bd4f968240098afe5ed53d4ad2
SHA256 d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:48:00 GMT
expires: Fri, 03 Jul 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 296409
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
302 Found 0 B URL GET HTTPS
click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
IP / ASN
174.137.133.17
#27257 WEBAIR-INTERNET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer GlobalSign nv-sa
Subject *.directrankcl.com
Fingerprint 2D:75:E6:86:EB:2B:F7:20:E1:DD:FC:7F:76:1A:3A:3B:F9:8B:7B:65
Validity Mon, 04 Nov 2024 09:24:21 GMT - Sat, 06 Dec 2025 09:24:20 GMT
GET /thumbnail?i=*r*a60FVI2I_0&imgt=icon HTTP/1.1
Host: click.directrankcl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 07 Jul 2025 02:08:13 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://c.adskeeper.com/c?pv=2&v=0|0|0|XyCzazNKB_35A1bFfCdSygnKv88O-h6h36ZzFzaALkS3XH-cxLmNstzuKq0_5bdJrfk7oeaZwwoo0_7J_qv1ghaz2FM9lONbKCJpQjaCMkM*&cid=1713216&f=1&h2=McWJCZZsM7jqXO6rYqITMbipFcETDU0zfEhlFN3HIydce-AIzrQ4PlpLUMrPj7z6&rid=3b2bff17-5ad7-11f0-9ef3-c4cbe1e6c2f6&psid=827114
GET rnmop.com/ie?v=4&c=6YsQOKbP8CWC-D373u8HB9qoDqjVhbggVQSGddcJ4cBybiZv1wC_H05qSHkoXFboKFptayRFp_MivHvnGcXvItJDPPHb06zJo4s7ytl-1D53dVJhh62wVknj8O5_FcZp1jwN3CIXiBAxmUvN3s7OVKw80zWm67rFuB9MtrFrYArYkpN3W5magw-2Af_5Ti4ZehJPPFCZkQdMDIQiKc0WEif_ZfyfMsMEi0yZ4oKuckQVCjpK5TlRXEaUouexzL6Lha0FFdwCrOw2tdR78QG1t5bZUrdwKZMI8cgnROw70e-nqjdk54mCaVbMlV-bVeP5-0FiYRRDdZbBDU65oIsxWzRRdjdNm58DelIr37MVOlBBR3uBaGVyQrmxHg4o7QxX7T-0CJBbzomlVEUGdHDa9mbteRskDACXwt6N4RNTA_FvNsODpmG1j-kfytZu_iSDYzSOHw==&v1=79&v2=71517
301 Moved Permanently 59 kB URL GET HTTPS
rnmop.com/ie?v=4&c=6YsQOKbP8CWC-D373u8HB9qoDqjVhbggVQSGddcJ4cBybiZv1wC_H05qSHkoXFboKFptayRFp_MivHvnGcXvItJDPPHb06zJo4s7ytl-1D53dVJhh62wVknj8O5_FcZp1jwN3CIXiBAxmUvN3s7OVKw80zWm67rFuB9MtrFrYArYkpN3W5magw-2Af_5Ti4ZehJPPFCZkQdMDIQiKc0WEif_ZfyfMsMEi0yZ4oKuckQVCjpK5TlRXEaUouexzL6Lha0FFdwCrOw2tdR78QG1t5bZUrdwKZMI8cgnROw70e-nqjdk54mCaVbMlV-bVeP5-0FiYRRDdZbBDU65oIsxWzRRdjdNm58DelIr37MVOlBBR3uBaGVyQrmxHg4o7QxX7T-0CJBbzomlVEUGdHDa9mbteRskDACXwt6N4RNTA_FvNsODpmG1j-kfytZu_iSDYzSOHw==&v1=79&v2=71517
IP / ASN
176.9.142.140
#24940 Hetzner Online GmbH
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 59 kB (59035 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nimrute.com
Fingerprint 4F:35:F7:70:59:46:A5:4E:FD:89:1D:0C:2B:49:46:A6:B9:19:E2:4A
Validity Thu, 03 Jul 2025 21:53:02 GMT - Wed, 01 Oct 2025 21:53:01 GMT
GET /ie?v=4&c=6YsQOKbP8CWC-D373u8HB9qoDqjVhbggVQSGddcJ4cBybiZv1wC_H05qSHkoXFboKFptayRFp_MivHvnGcXvItJDPPHb06zJo4s7ytl-1D53dVJhh62wVknj8O5_FcZp1jwN3CIXiBAxmUvN3s7OVKw80zWm67rFuB9MtrFrYArYkpN3W5magw-2Af_5Ti4ZehJPPFCZkQdMDIQiKc0WEif_ZfyfMsMEi0yZ4oKuckQVCjpK5TlRXEaUouexzL6Lha0FFdwCrOw2tdR78QG1t5bZUrdwKZMI8cgnROw70e-nqjdk54mCaVbMlV-bVeP5-0FiYRRDdZbBDU65oIsxWzRRdjdNm58DelIr37MVOlBBR3uBaGVyQrmxHg4o7QxX7T-0CJBbzomlVEUGdHDa9mbteRskDACXwt6N4RNTA_FvNsODpmG1j-kfytZu_iSDYzSOHw==&v1=79&v2=71517 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: fasthttp
date: Mon, 07 Jul 2025 02:08:17 GMT
content-length: 0
location: https://img.vmmcdn.com/get/62987579/238427_icon.png
x-app-id: 43
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
200 OK 87 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 3008
Size 87 kB (86713 bytes)
MD5 5b5a269bd363e0886c17d855c2aab241
SHA1 042dd055cd289215835a58507c9531f808e1648a
SHA256 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-152b9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
302 Found 0 B URL GET HTTPS
click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
IP / ASN
174.137.133.17
#27257 WEBAIR-INTERNET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer GlobalSign nv-sa
Subject *.directrankcl.com
Fingerprint 2D:75:E6:86:EB:2B:F7:20:E1:DD:FC:7F:76:1A:3A:3B:F9:8B:7B:65
Validity Mon, 04 Nov 2024 09:24:21 GMT - Sat, 06 Dec 2025 09:24:20 GMT
GET /thumbnail?i=*r*a60FVI2I_0&imgt=icon HTTP/1.1
Host: click.directrankcl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 07 Jul 2025 02:08:14 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Location: https://c.adskeeper.com/c?pv=2&v=0|0|0|XyCzazNKB_35A1bFfCdSygnKv88O-h6h36ZzFzaALkS3XH-cxLmNstzuKq0_5bdJrfk7oeaZwwoo0_7J_qv1ghaz2FM9lONbKCJpQjaCMkM*&cid=1713216&f=1&h2=McWJCZZsM7jqXO6rYqITMbipFcETDU0zfEhlFN3HIydce-AIzrQ4PlpLUMrPj7z6&rid=3b2bff17-5ad7-11f0-9ef3-c4cbe1e6c2f6&psid=827114
GET megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
200 OK 7.1 kB URL GET HTTPS
megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-07
Last Seen 2025-08-08
Times Seen 4039
Size 7.1 kB (7137 bytes)
MD5 5d15526be10b904a6b48d1af04a10cc3
SHA1 c09b6874359ac6d71db95593618a9acb55baa984
SHA256 894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: image/png
content-length: 7137
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
200 OK 6.0 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2208
Size 6.0 kB (6028 bytes)
MD5 c9e3a210d83398f301b3a7049c259676
SHA1 8e227bb40fe120841829a7fef0ffeb091d179a91
SHA256 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-178c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 286 kB URL GET HTTPS
www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP / ASN
142.250.178.72
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (5913)
First Seen 2025-07-06
Last Seen 2025-07-07
Times Seen 2
Size 286 kB (285753 bytes)
MD5 df88d714b8354f363b6b81bc4f16f575
SHA1 0395d10417965d04c8c2b2d75b956cbba76be473
SHA256 962c818f2079fdedd21c9494998f10900ec5286f9e63e91c9c8c9e72bb947b63
Certificate Info
Issuer Google Trust Services
Subject *.google-analytics.com
Fingerprint 06:CD:2A:9C:6E:F9:40:51:AA:E0:81:4A:BB:69:6C:BA:FA:AD:AB:4D
Validity Tue, 17 Jun 2025 20:01:48 GMT - Tue, 09 Sep 2025 20:01:47 GMT
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 07 Jul 2025 02:08:08 GMT
expires: Mon, 07 Jul 2025 02:08:08 GMT
cache-control: private, max-age=900
last-modified: Mon, 07 Jul 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 100556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET img.vmmcdn.com/get/62987579/238427_icon.png
200 OK 59 kB URL GET HTTPS
img.vmmcdn.com/get/62987579/238427_icon.png
IP / ASN
46.4.121.113
#24940 Hetzner Online GmbH
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2024-01-07
Last Seen 2025-07-27
Times Seen 1256
Size 59 kB (59035 bytes)
MD5 669eb036e71ef2df4b1a7d3fa9e5ebb7
SHA1 6a8686b1ce7276b8c6732245e340dbe38b30eb04
SHA256 89edf6961767b760b3ff755a803457eee41b5f2df863cdeca95165bf4a126732
Certificate Info
Issuer Let's Encrypt
Subject img.vmmcdn.com
Fingerprint 50:0A:70:84:3B:79:B2:54:89:65:50:AD:82:21:EF:21:3E:AB:58:98
Validity Mon, 16 Jun 2025 16:28:40 GMT - Sun, 14 Sep 2025 16:28:39 GMT
GET /get/62987579/238427_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Mon, 07 Jul 2025 02:08:17 GMT
content-type: image/png
content-length: 59035
last-modified: Sun, 18 Dec 2022 10:47:59 GMT
cache-control: public, max-age=604800
etag: "639eefdf-e69b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
200 OK 27 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 26596, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 5735
Size 27 kB (26596 bytes)
MD5 dae1850484b86d299c31bc08aaa563cf
SHA1 dca808d6d16965c40bfba4e4b3c8a819f843890d
SHA256 8f80f993e523f2e6c2d097552740fd26331658da23ffad31d26edcdd3aeec370
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 17:14:18 GMT
expires: Fri, 03 Jul 2026 17:14:18 GMT
cache-control: public, max-age=31536000
age: 291231
last-modified: Wed, 28 May 2025 17:52:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET vardsusyseinpo.com/bVVwT1JCahM8bw9mPiEwXQ8RHgQ7NxZ+PiwAJnZiOz4AGwReHFY7OwloSH1nVGRBaSIEMU18YEsmBC4mGCZNfWJdYlYmPAs6TX10G2hAYWtDZ155dBhoQWkmHTQXcmNLJQQ7PlBkR3pjVWBEf2pVbEh6
204 No Content 0 B URL GET HTTPS
vardsusyseinpo.com/bVVwT1JCahM8bw9mPiEwXQ8RHgQ7NxZ+PiwAJnZiOz4AGwReHFY7OwloSH1nVGRBaSIEMU18YEsmBC4mGCZNfWJdYlYmPAs6TX10G2hAYWtDZ155dBhoQWkmHTQXcmNLJQQ7PlBkR3pjVWBEf2pVbEh6
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
GET /bVVwT1JCahM8bw9mPiEwXQ8RHgQ7NxZ+PiwAJnZiOz4AGwReHFY7OwloSH1nVGRBaSIEMU18YEsmBC4mGCZNfWJdYlYmPAs6TX10G2hAYWtDZ155dBhoQWkmHTQXcmNLJQQ7PlBkR3pjVWBEf2pVbEh6 HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 07 Jul 2025 02:08:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EqYSf5offD%2FFwWO87M6h4qHKvLMgTGDy8nLD1DLkP8%2ByjD6kxKtYENYOgqVmjjZrCIYNe7EFHoXKUpToLRmV8om7sYIKRnoZSSWRRMQAl7g%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95b3cad8e917569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTPS
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject accounts.google.com
Fingerprint FF:F3:CC:D7:E9:C3:7E:10:C4:8A:5F:69:07:3E:95:0E:99:EE:91:34
Validity Tue, 17 Jun 2025 20:03:47 GMT - Tue, 09 Sep 2025 20:03:46 GMT
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ppZ0WmiV8ScpN3tVu6mBMrFdkfdETg:FpaFGxY_kLLoJR2g; Expires=Wed, 07-Jul-2027 02:08:10 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiNX2eqvkAIF5-YSwFhzDzR975WXllQrgOgm1cAkJS5DXetTEELRuwrL_ctETTzanPii_LVj
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce--kKp7ESu8u9c2k8nRUxVvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET nriceukwater.org/multi?cs=V3hpb3pnSVxZQm5KUV5Mb09fW04&abt=0&red=1&sm=76&k=omori%20multi5&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zUq1=1751854090171&crc=1
200 OK 3.9 kB URL GET HTTPS
nriceukwater.org/multi?cs=V3hpb3pnSVxZQm5KUV5Mb09fW04&abt=0&red=1&sm=76&k=omori%20multi5&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zUq1=1751854090171&crc=1
IP / ASN
54.240.174.40
#16509 AMAZON-02
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with very long lines (3907), with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 3.9 kB (3907 bytes)
MD5 daa09b1f9ad5e8e0aed27a952734642d
SHA1 e6b3becf575dc68ad4af160a8efcff013a339e2e
SHA256 f471c17893405a5ccddda4580387e0b989e09e57036995e40d7f209ebb634ce5
Certificate Info
Issuer Amazon
Subject nriceukwater.org
Fingerprint D4:B9:C2:B0:80:25:B4:9F:4A:5A:3F:59:7D:8C:EB:E5:24:9E:1B:D3
Validity Wed, 18 Jun 2025 00:00:00 GMT - Fri, 17 Jul 2026 23:59:59 GMT
GET /multi?cs=V3hpb3pnSVxZQm5KUV5Mb09fW04&abt=0&red=1&sm=76&k=omori%20multi5&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zUq1=1751854090171&crc=1 HTTP/1.1
Host: nriceukwater.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 1912
date: Mon, 07 Jul 2025 02:08:10 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=N8Cz2rj7NLEbfYsk7elZn4rZfS6IpxJIioPSqLnPv/c3BSd4+ZnQtRdyk6x/gJdn3YDJSkk6rOK/ssfqURvmT0u9nY9h+qMgrkBzM/hZkNidAw0EGcD+d9KGryqi; Expires=Mon, 14 Jul 2025 02:08:10 GMT; Path=/
AWSALBCORS=N8Cz2rj7NLEbfYsk7elZn4rZfS6IpxJIioPSqLnPv/c3BSd4+ZnQtRdyk6x/gJdn3YDJSkk6rOK/ssfqURvmT0u9nY9h+qMgrkBzM/hZkNidAw0EGcD+d9KGryqi; Expires=Mon, 14 Jul 2025 02:08:10 GMT; Path=/; SameSite=None
csu=8e68e138-4e2a-4d91-b288-926000aced16
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6KagiwvuxD38qnbJCq67C-bjIx2hgP_SKluN4SM10BtfOn4BJbzUBg==
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiM7nbgRcMSXW8ahJLO6ZHTMcTkoZGAOLes8ocXz34pXxXi2HCYr3ZwPVjnn8MWj9V_N0oI-Ow&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S792110031%3A1751854090478244
403 Forbidden 0 B URL GET HTTPS
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiM7nbgRcMSXW8ahJLO6ZHTMcTkoZGAOLes8ocXz34pXxXi2HCYr3ZwPVjnn8MWj9V_N0oI-Ow&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S792110031%3A1751854090478244
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject *.google.com
Fingerprint 0E:29:D7:DB:FC:32:8C:DD:65:47:B5:CC:0F:62:04:EE:7C:AE:80:42
Validity Tue, 17 Jun 2025 20:01:48 GMT - Tue, 09 Sep 2025 20:01:47 GMT
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiM7nbgRcMSXW8ahJLO6ZHTMcTkoZGAOLes8ocXz34pXxXi2HCYr3ZwPVjnn8MWj9V_N0oI-Ow&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S792110031%3A1751854090478244 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-MYpOqyUtKCvVUSDJrs6BLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.d0E18SHIxFg.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 33894
Size 48 kB (48332 bytes)
MD5 5734e133a619a6ae6ee21a6c00a95eba
SHA1 57c0ac17302d07bd4f968240098afe5ed53d4ad2
SHA256 d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:48:00 GMT
expires: Fri, 03 Jul 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 296409
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET theharityhild.buzz/eFo4UnMDeEslLA0oVHBJWjJMJgMLYBd9Hh09WScDVjRdJlwLLRY4AFp2GiEeHngCY19aKVUkUUJ4DHxAWnYaJhIfBVE2UUJ4AGFBTmkLcF9aKU0wLBE%2BCnBJWjwAYUAbagwwXk4%2FCDBeTD5aYl5BbgBlXh5sXTcWGz9bMRAbPxov
200 OK 0 B URL GET HTTPS
theharityhild.buzz/eFo4UnMDeEslLA0oVHBJWjJMJgMLYBd9Hh09WScDVjRdJlwLLRY4AFp2GiEeHngCY19aKVUkUUJ4DHxAWnYaJhIfBVE2UUJ4AGFBTmkLcF9aKU0wLBE%2BCnBJWjwAYUAbagwwXk4%2FCDBeTD5aYl5BbgBlXh5sXTcWGz9bMRAbPxov
IP / ASN
34.41.139.193
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer ZeroSSL
Subject *.theharityhild.buzz
Fingerprint D7:A3:95:2E:55:27:58:09:40:C1:B4:BA:1F:ED:FA:B4:82:6C:83:AE
Validity Wed, 25 Jun 2025 00:00:00 GMT - Tue, 23 Sep 2025 23:59:59 GMT
GET /eFo4UnMDeEslLA0oVHBJWjJMJgMLYBd9Hh09WScDVjRdJlwLLRY4AFp2GiEeHngCY19aKVUkUUJ4DHxAWnYaJhIfBVE2UUJ4AGFBTmkLcF9aKU0wLBE%2BCnBJWjwAYUAbagwwXk4%2FCDBeTD5aYl5BbgBlXh5sXTcWGz9bMRAbPxov HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 07 Jul 2025 02:08:09 GMT
Connection: close
GET megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
200 OK 590 B URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
First Seen 2025-04-01
Last Seen 2025-08-08
Times Seen 1371
Size 590 B (590 bytes)
MD5 ed3d11830b3e136b384f2a0b8082f235
SHA1 3b75f2a64d528165f108d62e8c30d464b76945d7
SHA256 1aef6752088fe69a166d3a84375431e1041dde8fa3f9ccbde26accb220feb4a5
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:09 GMT
content-type: image/png
content-length: 590
last-modified: Thu, 13 Feb 2025 17:42:00 GMT
vary: Accept-Encoding
etag: "67ae2ee8-24e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 26 B URL GET HTTPS
ukankingwithea.com/
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 26 B (26 bytes)
MD5 239856b5d4dbc00b50c9e4e7ff5c517b
SHA1 bd7633bba30ba6c97daae565fc56011754660e3c
SHA256 55ff33fbce81bc6d3482b72b72c7fbb8e6030cf712e8d3e4895a8759cc5972f8
Certificate Info
Issuer Google Trust Services
Subject ukankingwithea.com
Fingerprint BC:D9:DE:23:19:C0:7C:2B:35:05:12:80:A3:22:F2:D2:D2:6F:1F:B3
Validity Fri, 27 Jun 2025 13:58:09 GMT - Thu, 25 Sep 2025 14:56:56 GMT
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:08:10 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JKAsNoBOYWMtmZKT%2BxqGbHbpJtxJP12PjL%2B%2FlCZvZV0FYqFjz0PnsJCgWOCPNDUPe6LDIXM6tlG6XQilrJ0bDfrC%2BiuPzNY%2FIkRAdk8wyB4%3D"}]}
content-encoding: br
set-cookie: csu=694027153621090@1@1751854090; SameSite=None; Secure; Max-Age=31104000
cf-ray: 95b3cade9e5456c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST vardsusyseinpo.com/NmRvMFYZWwxDa1csLX4PBwALYTgPPA1cY3IBXn46YzEDBQEEKUlEP1JZVwJjD1VeFiZfAFIDZBAXG1EiQxdSAmYGUklZOFALUgBzASdZAGYEV1sVYXUMG0QmRUFccXMEIkoCEFUIBlM9GAAGQjNVEB1ROF0HAx41WQlKAhBCDBpdNFgFBlxzBSIGFWVyTh0aNwBUKWYfBC0wAHMEUgZdMUJBXHQ/VQsBFWF1VlsHZAFUXQdiD0FYc2APU10CZgFSXgJkBVBcBm4EVklGawZKVh5kGFJJRWsAXVsAZAFVWgNgBFVfCWYQEB9RMQtVSUAiQghSAWEDVVcFYgZdWwNkDg
204 No Content 0 B URL POST HTTPS
vardsusyseinpo.com/NmRvMFYZWwxDa1csLX4PBwALYTgPPA1cY3IBXn46YzEDBQEEKUlEP1JZVwJjD1VeFiZfAFIDZBAXG1EiQxdSAmYGUklZOFALUgBzASdZAGYEV1sVYXUMG0QmRUFccXMEIkoCEFUIBlM9GAAGQjNVEB1ROF0HAx41WQlKAhBCDBpdNFgFBlxzBSIGFWVyTh0aNwBUKWYfBC0wAHMEUgZdMUJBXHQ/VQsBFWF1VlsHZAFUXQdiD0FYc2APU10CZgFSXgJkBVBcBm4EVklGawZKVh5kGFJJRWsAXVsAZAFVWgNgBFVfCWYQEB9RMQtVSUAiQghSAWEDVVcFYgZdWwNkDg
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
POST /NmRvMFYZWwxDa1csLX4PBwALYTgPPA1cY3IBXn46YzEDBQEEKUlEP1JZVwJjD1VeFiZfAFIDZBAXG1EiQxdSAmYGUklZOFALUgBzASdZAGYEV1sVYXUMG0QmRUFccXMEIkoCEFUIBlM9GAAGQjNVEB1ROF0HAx41WQlKAhBCDBpdNFgFBlxzBSIGFWVyTh0aNwBUKWYfBC0wAHMEUgZdMUJBXHQ/VQsBFWF1VlsHZAFUXQdiD0FYc2APU10CZgFSXgJkBVBcBm4EVklGawZKVh5kGFJJRWsAXVsAZAFVWgNgBFVfCWYQEB9RMQtVSUAiQghSAWEDVVcFYgZdWwNkDg HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Mon, 07 Jul 2025 02:08:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Py1g2B3zMmY6GAlnt6MCjYH9MPzJuT1bF0WRrDWC90IOv9Oet104vFO9NhkkHlfgNu4H1HlTzWqwvCJEvEzQgzwPICsfLzkMn3kP4svC5kE%2B9oyAY%2BU%2FOnOyPqPt84VHoeDpaFQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 95b3caf9a87f5685-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7346&min_rtt=564&rtt_var=6096&sent=79&recv=96&lost=0&retrans=1&sent_bytes=10465&recv_bytes=7043&delivery_rate=462220&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20102&unsent_bytes=0&cid=0eb2dc17364fb65c&ts=5081&inflight_dur=147&x=40"
POST vardsusyseinpo.com/T3dXVkxgSDQlcRshDT8oNTVjDAoNMxQOOCMhEjUPKzBuARg4JnEiJStKb2R5dkZmcDwmE2plfmkEIzc4OgRqZHx/QnE/IikYamR8f0FnZnl5RHJhDycDIyY/akQWc34JUmUQPiEaOCZiLBg6c34JHjJzfwkBcmUIe1JlYC9qRBNgFTwmGB0uH08UAQ9iM2RhfzpPHxR1PhgTJyYZHzUxKxkmBBEoKxQdYi8NDjU/FjlGIBUTB0diJx8HHDgOCi0YHBA8OxYuBAo/KBo/OgcBOREvFwEeIgYLJwceLn9BLRwjewRgLzgjWmYSeXwTARwkJ0FlIRokGT1uA3ooETUWP0Y9IQJ8NB4OJQ02LzsZOTlkJXsAIRwhdH8NADt6eAURIw52OiMkCj0uFiQVJAcZZRt6GjYxO2JFFjATeiM+YhYqHx0GHAk0DT0dKzoTHx0mPDRmGwoeMQkWKQ4xGz8CMj5mNRVDOB05LBwGAA8lBxxjGCMlDxMtGhgiMzQ1O2EaJC5HERAoODQlGTt9AzMEe3cmEGc4ehUNAz4rABwMAQZPNDEiHTggYXwqWjknJiscYmIhDBYBNAEjIXo0GionYnt8CR4OBB4LEw00DgsiYWMjBgQvATYdJTM8KAEaYm4IKhseJH94OgEZIA01BWU5DRYQADUeBTouBChDOGEdNy9gAmF/NB0ULjUYOjoaCiIQMgQLFm47LjsSBSUnCzYUDjs7QRliHgEjFgkKOTkkGQg/GhBnJmIcMS84FQIIPx8LLi0FAwcAcmUIakQTc355AWZzfwtAbnN+eQFlc38LQGZjfXhSYBUiOhs7c3sMQW5hfn1HYGB9fUVkYn95T2VkajlKZ3h1YUV5YGo6SmFveH9FYGd5fEFlZ3x2R3EiPC4QamdqPwMjOnF+QGJndHpDZ297f05l
204 No Content 0 B URL POST HTTPS
vardsusyseinpo.com/T3dXVkxgSDQlcRshDT8oNTVjDAoNMxQOOCMhEjUPKzBuARg4JnEiJStKb2R5dkZmcDwmE2plfmkEIzc4OgRqZHx/QnE/IikYamR8f0FnZnl5RHJhDycDIyY/akQWc34JUmUQPiEaOCZiLBg6c34JHjJzfwkBcmUIe1JlYC9qRBNgFTwmGB0uH08UAQ9iM2RhfzpPHxR1PhgTJyYZHzUxKxkmBBEoKxQdYi8NDjU/FjlGIBUTB0diJx8HHDgOCi0YHBA8OxYuBAo/KBo/OgcBOREvFwEeIgYLJwceLn9BLRwjewRgLzgjWmYSeXwTARwkJ0FlIRokGT1uA3ooETUWP0Y9IQJ8NB4OJQ02LzsZOTlkJXsAIRwhdH8NADt6eAURIw52OiMkCj0uFiQVJAcZZRt6GjYxO2JFFjATeiM+YhYqHx0GHAk0DT0dKzoTHx0mPDRmGwoeMQkWKQ4xGz8CMj5mNRVDOB05LBwGAA8lBxxjGCMlDxMtGhgiMzQ1O2EaJC5HERAoODQlGTt9AzMEe3cmEGc4ehUNAz4rABwMAQZPNDEiHTggYXwqWjknJiscYmIhDBYBNAEjIXo0GionYnt8CR4OBB4LEw00DgsiYWMjBgQvATYdJTM8KAEaYm4IKhseJH94OgEZIA01BWU5DRYQADUeBTouBChDOGEdNy9gAmF/NB0ULjUYOjoaCiIQMgQLFm47LjsSBSUnCzYUDjs7QRliHgEjFgkKOTkkGQg/GhBnJmIcMS84FQIIPx8LLi0FAwcAcmUIakQTc355AWZzfwtAbnN+eQFlc38LQGZjfXhSYBUiOhs7c3sMQW5hfn1HYGB9fUVkYn95T2VkajlKZ3h1YUV5YGo6SmFveH9FYGd5fEFlZ3x2R3EiPC4QamdqPwMjOnF+QGJndHpDZ297f05l
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
POST /T3dXVkxgSDQlcRshDT8oNTVjDAoNMxQOOCMhEjUPKzBuARg4JnEiJStKb2R5dkZmcDwmE2plfmkEIzc4OgRqZHx/QnE/IikYamR8f0FnZnl5RHJhDycDIyY/akQWc34JUmUQPiEaOCZiLBg6c34JHjJzfwkBcmUIe1JlYC9qRBNgFTwmGB0uH08UAQ9iM2RhfzpPHxR1PhgTJyYZHzUxKxkmBBEoKxQdYi8NDjU/FjlGIBUTB0diJx8HHDgOCi0YHBA8OxYuBAo/KBo/OgcBOREvFwEeIgYLJwceLn9BLRwjewRgLzgjWmYSeXwTARwkJ0FlIRokGT1uA3ooETUWP0Y9IQJ8NB4OJQ02LzsZOTlkJXsAIRwhdH8NADt6eAURIw52OiMkCj0uFiQVJAcZZRt6GjYxO2JFFjATeiM+YhYqHx0GHAk0DT0dKzoTHx0mPDRmGwoeMQkWKQ4xGz8CMj5mNRVDOB05LBwGAA8lBxxjGCMlDxMtGhgiMzQ1O2EaJC5HERAoODQlGTt9AzMEe3cmEGc4ehUNAz4rABwMAQZPNDEiHTggYXwqWjknJiscYmIhDBYBNAEjIXo0GionYnt8CR4OBB4LEw00DgsiYWMjBgQvATYdJTM8KAEaYm4IKhseJH94OgEZIA01BWU5DRYQADUeBTouBChDOGEdNy9gAmF/NB0ULjUYOjoaCiIQMgQLFm47LjsSBSUnCzYUDjs7QRliHgEjFgkKOTkkGQg/GhBnJmIcMS84FQIIPx8LLi0FAwcAcmUIakQTc355AWZzfwtAbnN+eQFlc38LQGZjfXhSYBUiOhs7c3sMQW5hfn1HYGB9fUVkYn95T2VkajlKZ3h1YUV5YGo6SmFveH9FYGd5fEFlZ3x2R3EiPC4QamdqPwMjOnF+QGJndHpDZ297f05l HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Mon, 07 Jul 2025 02:08:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZCIX%2BO3xyTTsWEkY5a4zeYpTGLpz8t0OlvRe7pyHS5y%2B1stt2mQVZw%2FDJbi51d0sOVTVRsc2gs3WZPZ5lhAC7qwlvXQn5HOCcwUIQZskD5KG7D0iMtq4BVf1H9TwvBzHM3CQVM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 95b3cb0ae8fb5685-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6651&min_rtt=564&rtt_var=5961&sent=81&recv=98&lost=0&retrans=1&sent_bytes=11098&recv_bytes=8091&delivery_rate=462220&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20709&unsent_bytes=0&cid=0eb2dc17364fb65c&ts=7821&inflight_dur=169&x=40"
GET megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
200 OK 6.0 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1783
Size 6.0 kB (6019 bytes)
MD5 25cfe48e07622a00154b677afcbaeb47
SHA1 23e3ae1bd04ad1d00d25d30e39815104ceeae52f
SHA256 709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1783"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
200 OK 103 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 1924
Size 103 kB (102727 bytes)
MD5 c9b1c618a7b12bd7ecf6034164b29164
SHA1 f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
SHA256 fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-19147"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
200 OK 54 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2212
Size 54 kB (53873 bytes)
MD5 8c1e666176ac7bdce67d58b45823ffac
SHA1 75947e4316427ce0c5e33300aeb4dc4d7d54dd09
SHA256 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-d271"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET vardsusyseinpo.com/TVg4M2FiZ1tAXBcfVAcFIA5bawp4GmB1GRcLU1cwGB5IfTV8HR5HCCllDwVQfGAOFREkPAUCRz4sWUcUPmUJFQgjPlcORztlCR1SeXYLBU94fk0OUGssSFIGcGkeQxU5NAUCVnhpAAZVfWAACld5
204 No Content 0 B URL GET HTTPS
vardsusyseinpo.com/TVg4M2FiZ1tAXBcfVAcFIA5bawp4GmB1GRcLU1cwGB5IfTV8HR5HCCllDwVQfGAOFREkPAUCRz4sWUcUPmUJFQgjPlcORztlCR1SeXYLBU94fk0OUGssSFIGcGkeQxU5NAUCVnhpAAZVfWAACld5
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
GET /TVg4M2FiZ1tAXBcfVAcFIA5bawp4GmB1GRcLU1cwGB5IfTV8HR5HCCllDwVQfGAOFREkPAUCRz4sWUcUPmUJFQgjPlcORztlCR1SeXYLBU94fk0OUGssSFIGcGkeQxU5NAUCVnhpAAZVfWAACld5 HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 07 Jul 2025 02:08:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QsjCVsxghaREMlLjO7%2FjyVsXIq3M0APpSZod2zuhD6tz3woPAe%2BNPrXEdtPfuVlWMfWsLB2jf0%2FiBM5nvM1WCsomGUWn4oSgFwkQJCQeF2s%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95b3cad8a8e7569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 27 B URL GET HTTPS
ukankingwithea.com/
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 27 B (27 bytes)
MD5 9a383bf1e0620ed4698df4eac8e53007
SHA1 34fa9265b49c818ae7a1bf7f5a9c324978694c2b
SHA256 b44fbf97a0ee738011586b6feaf2d35df7f42762bf1363a66d5462e0dcb44f4a
Certificate Info
Issuer Google Trust Services
Subject ukankingwithea.com
Fingerprint BC:D9:DE:23:19:C0:7C:2B:35:05:12:80:A3:22:F2:D2:D2:6F:1F:B3
Validity Fri, 27 Jun 2025 13:58:09 GMT - Thu, 25 Sep 2025 14:56:56 GMT
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:08:10 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sExmuQBjwZVyFx5GM7DwxiNOhnRZDkEzVeFESi5J8Jr6Dvs8SsUyPsTQ2qrNraNTNgrGWWvjGbOV6QAbo5EMnY3WbZDISBJhRvQlu9jK9Lc%3D"}]}
content-encoding: br
set-cookie: csu=2131741490915682@1@1751854090; SameSite=None; Secure; Max-Age=31104000
cf-ray: 95b3cade9e4956c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
200 OK 490 kB URL GET HTTPS
d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP / ASN
54.230.245.156
#16509 AMAZON-02
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 490 kB (489877 bytes)
MD5 cbe6676009d3a6acc7763fe11bd8113b
SHA1 b4c4ab5d965f8c62103021f8ba430c3b52c70d31
SHA256 a7e74ee522285eb241bb67695b8127c31e20fd30524cbb662049f6bec6464bc1
Certificate Info
Issuer Amazon
Subject *.cloudfront.net
Fingerprint 8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
Validity Mon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 152096
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
date: Mon, 07 Jul 2025 02:08:07 GMT
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X_Yslvh8RfqesuvPt8l2wr8MhbHIbxCnQOxbHVSbtJe1O9UqVEVhEQ==
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 33894
Size 48 kB (48332 bytes)
MD5 5734e133a619a6ae6ee21a6c00a95eba
SHA1 57c0ac17302d07bd4f968240098afe5ed53d4ad2
SHA256 d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:48:00 GMT
expires: Fri, 03 Jul 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 296408
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET vardsusyseinpo.com/M2t6YUscVBkSdn0jOxYGZAQ/MBpmIy8GenAoOyMody4ZJgllX1wVIldWQlZ9AFpCRztaD0dTchUYDgA/RhhHUG1aBRwOdhUdR1BlA0VMUWUHTQ9cehUfCgAsDlpcET9HB0dQfAZaQlR/A1NCWHIL
204 No Content 0 B URL GET HTTPS
vardsusyseinpo.com/M2t6YUscVBkSdn0jOxYGZAQ/MBpmIy8GenAoOyMody4ZJgllX1wVIldWQlZ9AFpCRztaD0dTchUYDgA/RhhHUG1aBRwOdhUdR1BlA0VMUWUHTQ9cehUfCgAsDlpcET9HB0dQfAZaQlR/A1NCWHIL
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
GET /M2t6YUscVBkSdn0jOxYGZAQ/MBpmIy8GenAoOyMody4ZJgllX1wVIldWQlZ9AFpCRztaD0dTchUYDgA/RhhHUG1aBRwOdhUdR1BlA0VMUWUHTQ9cehUfCgAsDlpcET9HB0dQfAZaQlR/A1NCWHIL HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 07 Jul 2025 02:08:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LZq7SgJ65jzBxYXJornAV44AzpZF93y9utmHR3o%2FOCoy4xERkbHUF%2F%2BgzNCaj5gjqEC6WeNYrfKpQ1EO1rtcrK4k0thF0c0bRr8vV%2FZDjuA%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95b3cad9fa1d569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET vardsusyseinpo.com/NjFxZ1QZDhIUaWR3HSAwYwhDBjpwfBQJFlFVQS1sVXYzVAZuRlcTPVIMSFNtDgdFQSRfVUxWbBBCBQYgQ0JMVnJfXxcIaRBHTFZ6Bh9DSWEQRExWckJBEABpBxcBEyBaDEBQYQcJRFNkDghBVmc
204 No Content 0 B URL GET HTTPS
vardsusyseinpo.com/NjFxZ1QZDhIUaWR3HSAwYwhDBjpwfBQJFlFVQS1sVXYzVAZuRlcTPVIMSFNtDgdFQSRfVUxWbBBCBQYgQ0JMVnJfXxcIaRBHTFZ6Bh9DSWEQRExWckJBEABpBxcBEyBaDEBQYQcJRFNkDghBVmc
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject vardsusyseinpo.com
Fingerprint A3:29:BE:C2:9E:A9:BE:2F:9E:E9:26:2F:D9:27:61:C1:64:3F:91:25
Validity Wed, 11 Jun 2025 06:24:47 GMT - Tue, 09 Sep 2025 07:22:12 GMT
GET /NjFxZ1QZDhIUaWR3HSAwYwhDBjpwfBQJFlFVQS1sVXYzVAZuRlcTPVIMSFNtDgdFQSRfVUxWbBBCBQYgQ0JMVnJfXxcIaRBHTFZ6Bh9DSWEQRExWckJBEABpBxcBEyBaDEBQYQcJRFNkDghBVmc HTTP/1.1
Host: vardsusyseinpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 07 Jul 2025 02:08:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CxiRdo1cSE%2BTLVr7N%2FgV6tfTdgHhhqeckVUD%2Ffz9su2vzDMZ7lNUyVzGNrsTj8jjuXQwGUshcJKK1jH8LAPWXXeIepZfaAIVQDvybCLyGio%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 95b3cadafb03569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTPS
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject accounts.google.com
Fingerprint FF:F3:CC:D7:E9:C3:7E:10:C4:8A:5F:69:07:3E:95:0E:99:EE:91:34
Validity Tue, 17 Jun 2025 20:03:47 GMT - Tue, 09 Sep 2025 20:03:46 GMT
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:0llVGrc6j6k0xbNbDZD1yE1RnHJVmg:4EwGTL6ydhLr-94X; Expires=Wed, 07-Jul-2027 02:08:10 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiN9tFUEi4f5B2LhJfh7-aNKuakwzC9rt5nqBjbPo9QuKKz8-FjIHfnqRd7trNMVhU5XyTVT
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-X9uDz-YjSXszOTrv9LVhpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css
200 OK 77 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with very long lines (65319), with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 2172
Size 77 kB (76922 bytes)
MD5 9b67b9ffbfcbe226a8c413fa740fd91c
SHA1 7837bd0c312897e46311aaf472947f3e23d75df2
SHA256 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:07 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-12c7a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
200 OK 59 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with very long lines (58929), with CRLF line terminators
First Seen 2023-04-11
Last Seen 2025-08-08
Times Seen 2176
Size 59 kB (59119 bytes)
MD5 879812fc22af75aa3ae7b5666ca4f4b8
SHA1 df27469a952b7ee36cc03db471c6198f577186a8
SHA256 c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-e6ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/images/logo/logo.png
200 OK 5.9 kB URL GET HTTPS
megaup.net/themes/spirit/assets/images/logo/logo.png
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
First Seen 2025-04-01
Last Seen 2025-08-08
Times Seen 1337
Size 5.9 kB (5900 bytes)
MD5 fa360a47a62ae74a0a3d8c0f3e6f7f12
SHA1 168c72a918b04b735f8e0f8a72223a16f0eda358
SHA256 1d3a3c84dd36871d1009693761f441537117d5ee62c8e775d7d52c77d4c46de4
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: image/png
content-length: 5900
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-170c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET HTTPS
fonts.googleapis.com/icon?family=Material+Icons
IP / ASN
142.250.178.74
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text
First Seen 2025-01-17
Last Seen 2025-08-08
Times Seen 10588
Size 565 B (565 bytes)
MD5 736c83e15fc300de505f6ce9762a9396
SHA1 31c0f11ada78e92970ff42d990116d77c169c6d7
SHA256 c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint B7:F0:7E:3A:46:13:9F:42:76:6A:5D:6E:85:25:78:85:99:EE:67:71
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Jul 2025 02:08:08 GMT
date: Mon, 07 Jul 2025 02:08:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
200 OK 14 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2231
Size 14 kB (13862 bytes)
MD5 0eef6fe46d14f860d5666d2c7b13a564
SHA1 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
SHA256 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-3626"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
200 OK 5.4 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-08
Times Seen 2651
Size 5.4 kB (5360 bytes)
MD5 76a923d3d69255c45cd24bf9b100244f
SHA1 eb3c96f9901692f1a03500ea632963a16afdb985
SHA256 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-14f0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET careewituhin.org/R1kwVjEmO1M7DiZkUnBENTUNcwMBfAIQVXQ2V25FdmEDPwAxO1d4Uis2RTJXNTZeIh8pPERzAwEjamYAKw9bB3QOPkMhVD8UWxdmMyNlDkkSO14ccxcLUyx4KzZXF3UCNXU8AAsWcxNlJi4IOnowMgkBcn5rejxGDRBhH3gIHH0/YSAXRwBpBjZyP3wEOAIfcg4uaiRVEhxDF2UVbGVkQhUTWSV8JBhTYno/GAMUSzQwdS8EAxBJAFAOGF8lfRYqWBR5CWt5DlkLA10QZyEMAD59FjJAFVgCamE4CBEWdBRyIWhmOFUCNQkHdhIeYTgIERBjZnsiaB0QSyMgZjlndQAIA2krGGoHawQ/AQNaCjJ6cwMFE3cyAhJrfgBXdR9mMGAOI3ohRi4IdwdyEQEBA2spC2cwZxUjVDpSNR1zB1kGCnkyUnQAWDB3HTBROlU1HHciAGEzQzlfN2RJZHA2NUcQXjI
200 OK 3.1 kB URL GET HTTPS
careewituhin.org/R1kwVjEmO1M7DiZkUnBENTUNcwMBfAIQVXQ2V25FdmEDPwAxO1d4Uis2RTJXNTZeIh8pPERzAwEjamYAKw9bB3QOPkMhVD8UWxdmMyNlDkkSO14ccxcLUyx4KzZXF3UCNXU8AAsWcxNlJi4IOnowMgkBcn5rejxGDRBhH3gIHH0/YSAXRwBpBjZyP3wEOAIfcg4uaiRVEhxDF2UVbGVkQhUTWSV8JBhTYno/GAMUSzQwdS8EAxBJAFAOGF8lfRYqWBR5CWt5DlkLA10QZyEMAD59FjJAFVgCamE4CBEWdBRyIWhmOFUCNQkHdhIeYTgIERBjZnsiaB0QSyMgZjlndQAIA2krGGoHawQ/AQNaCjJ6cwMFE3cyAhJrfgBXdR9mMGAOI3ohRi4IdwdyEQEBA2spC2cwZxUjVDpSNR1zB1kGCnkyUnQAWDB3HTBROlU1HHciAGEzQzlfN2RJZHA2NUcQXjI
IP / ASN
54.240.174.30
#16509 AMAZON-02
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type HTML document, ASCII text, with very long lines (3056), with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 3.1 kB (3056 bytes)
MD5 cb49fa3cb7841b3d779036d28a0bceb7
SHA1 85b78aa0aed3369bcc9120b301a02f92c0c49e91
SHA256 641f769505fc0e2dad11e7041fd69f408cfbc8f8d737283616032c8df2ed1e8c
Certificate Info
Issuer Amazon
Subject careewituhin.org
Fingerprint 15:32:CD:34:0C:A5:36:F9:AD:36:69:DC:6F:04:27:94:2C:98:88:D2
Validity Wed, 18 Jun 2025 00:00:00 GMT - Fri, 17 Jul 2026 23:59:59 GMT
GET /R1kwVjEmO1M7DiZkUnBENTUNcwMBfAIQVXQ2V25FdmEDPwAxO1d4Uis2RTJXNTZeIh8pPERzAwEjamYAKw9bB3QOPkMhVD8UWxdmMyNlDkkSO14ccxcLUyx4KzZXF3UCNXU8AAsWcxNlJi4IOnowMgkBcn5rejxGDRBhH3gIHH0/YSAXRwBpBjZyP3wEOAIfcg4uaiRVEhxDF2UVbGVkQhUTWSV8JBhTYno/GAMUSzQwdS8EAxBJAFAOGF8lfRYqWBR5CWt5DlkLA10QZyEMAD59FjJAFVgCamE4CBEWdBRyIWhmOFUCNQkHdhIeYTgIERBjZnsiaB0QSyMgZjlndQAIA2krGGoHawQ/AQNaCjJ6cwMFE3cyAhJrfgBXdR9mMGAOI3ohRi4IdwdyEQEBA2spC2cwZxUjVDpSNR1zB1kGCnkyUnQAWDB3HTBROlU1HHciAGEzQzlfN2RJZHA2NUcQXjI HTTP/1.1
Host: careewituhin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1203
date: Mon, 07 Jul 2025 02:08:09 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=kWgMwZ4xlh88TvXIe01nPq+Z/c6DW5mkE8DVaHkBcTDNIAQ/F/2KOwzohOhlR75AEfAK3+Flr12RL8GC9+Z3uVmrwrrkZadsOjQhI3tpfGwbQjzBK9JoE0CJJIHA; Expires=Mon, 14 Jul 2025 02:08:09 GMT; Path=/
AWSALBCORS=kWgMwZ4xlh88TvXIe01nPq+Z/c6DW5mkE8DVaHkBcTDNIAQ/F/2KOwzohOhlR75AEfAK3+Flr12RL8GC9+Z3uVmrwrrkZadsOjQhI3tpfGwbQjzBK9JoE0CJJIHA; Expires=Mon, 14 Jul 2025 02:08:09 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bO8M6g7AsA_CbYmOsUTfBhBAg7z6wjJkEzVfUU4ByWN3tBLkOlanbA==
X-Firefox-Spdy: h2
GET ukankingwithea.com/asd100.bin
404 Not Found 159 B URL GET HTTPS
ukankingwithea.com/asd100.bin
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type HTML document, ASCII text, with CRLF line terminators
First Seen 2023-04-13
Last Seen 2025-08-08
Times Seen 1188
Size 159 B (159 bytes)
MD5 fb9666f93e418b95fea8fdbc20e80af9
SHA1 d4eefca1b299cc266a80e83c9e39c4261cb87583
SHA256 c6252ea6e785c1dc0d44dab86653a7209eb507e45b70d138ce515576743b64f7
Certificate Info
Issuer Google Trust Services
Subject ukankingwithea.com
Fingerprint BC:D9:DE:23:19:C0:7C:2B:35:05:12:80:A3:22:F2:D2:D2:6F:1F:B3
Validity Fri, 27 Jun 2025 13:58:09 GMT - Thu, 25 Sep 2025 14:56:56 GMT
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 07 Jul 2025 02:08:10 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DQwx6l%2F81E4vESC1kLX4%2Fkojo7r%2FAVbpJKs6ff7IHnodrs0UleqQPL9RFs0vzbHUfgX7cuqPLwC3GDKpHs4GdREnQk6RnePRwvD3h31uKAA%3D"}]}
content-encoding: br
cf-ray: 95b3cadeae5d56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ukankingwithea.com/asd100.bin
404 Not Found 159 B URL GET HTTPS
ukankingwithea.com/asd100.bin
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type HTML document, ASCII text, with CRLF line terminators
First Seen 2023-04-13
Last Seen 2025-08-08
Times Seen 1188
Size 159 B (159 bytes)
MD5 fb9666f93e418b95fea8fdbc20e80af9
SHA1 d4eefca1b299cc266a80e83c9e39c4261cb87583
SHA256 c6252ea6e785c1dc0d44dab86653a7209eb507e45b70d138ce515576743b64f7
Certificate Info
Issuer Google Trust Services
Subject ukankingwithea.com
Fingerprint BC:D9:DE:23:19:C0:7C:2B:35:05:12:80:A3:22:F2:D2:D2:6F:1F:B3
Validity Fri, 27 Jun 2025 13:58:09 GMT - Thu, 25 Sep 2025 14:56:56 GMT
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 07 Jul 2025 02:08:10 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1ir2ArJvKnd0yN%2FkOxIfYIuPyHsGf4DVqTxWMql%2F1spgVV%2BL5DUtqTjIWqGwLQMJdQ6b6u2dLGNkpuo5kc3iu%2FM01IjGwd3IACjBKEbz5M0%3D"}]}
content-encoding: br
cf-ray: 95b3cadeae5756c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET nriceukwater.org/floater?cs=NEM0a1cBcQZfbgJwAltlDXoAU2M&abt=0&red=1&sm=83&k=omori%20multi5&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_9tcA=1751854090168&crc=1
200 OK 8.0 kB URL GET HTTPS
nriceukwater.org/floater?cs=NEM0a1cBcQZfbgJwAltlDXoAU2M&abt=0&red=1&sm=83&k=omori%20multi5&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_9tcA=1751854090168&crc=1
IP / ASN
54.240.174.40
#16509 AMAZON-02
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type ASCII text, with very long lines (7979), with no line terminators
First Seen 2025-07-07
Last Seen 2025-07-07
Times Seen 1
Size 8.0 kB (7979 bytes)
MD5 ee5d621ef55ea5858dc2d4bd95d2c2c3
SHA1 56f288642a4e535ceefc73770fa96e133854fc85
SHA256 b44f275bfb20824b60e8d7d66a97e9835ec28901d1dde6caa95f641985a4628c
Certificate Info
Issuer Amazon
Subject nriceukwater.org
Fingerprint D4:B9:C2:B0:80:25:B4:9F:4A:5A:3F:59:7D:8C:EB:E5:24:9E:1B:D3
Validity Wed, 18 Jun 2025 00:00:00 GMT - Fri, 17 Jul 2026 23:59:59 GMT
GET /floater?cs=NEM0a1cBcQZfbgJwAltlDXoAU2M&abt=0&red=1&sm=83&k=omori%20multi5&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F2e4afe31ef24363229a2199dbc71f49f%2Fkps.omori.multi5.7z&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_9tcA=1751854090168&crc=1 HTTP/1.1
Host: nriceukwater.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 4522
date: Mon, 07 Jul 2025 02:08:11 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=EsRUJMDzQrdS6Ga8iqWTJPb0y/FSxIvFk/eq2pFzinxU7Buv4JROTN6WDj+U2no0DS5NkKzmS8JiscNjiDL2bwM5G5CDqkPFWx9ET9b08MGChZkRJP7mUomTwauu; Expires=Mon, 14 Jul 2025 02:08:10 GMT; Path=/
AWSALBCORS=EsRUJMDzQrdS6Ga8iqWTJPb0y/FSxIvFk/eq2pFzinxU7Buv4JROTN6WDj+U2no0DS5NkKzmS8JiscNjiDL2bwM5G5CDqkPFWx9ET9b08MGChZkRJP7mUomTwauu; Expires=Mon, 14 Jul 2025 02:08:10 GMT; Path=/; SameSite=None
csu=97ac5366-357c-4597-a4dd-3c6c294d8a26
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d_-o_NSqcV8-23Z2U0j2U9wOEUXJ78-a55dTGOLo85YurMO587e4Ig==
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/custom.css
200 OK 8.9 kB URL GET HTTPS
megaup.net/themes/spirit/assets/frontend/css/custom.css
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type assembler source, ASCII text, with CRLF line terminators
First Seen 2025-04-06
Last Seen 2025-08-08
Times Seen 1283
Size 8.9 kB (8936 bytes)
MD5 68443327ebd1d8f35857bbb29d3ce6df
SHA1 d34e37d8cebc246854f05dde78abc32b5ad5d9fe
SHA256 98cf7514d65d87963ee938b6f83493b4429f8005a5f6814ba226a7b89c80aa45
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 19:56:14 GMT
vary: Accept-Encoding
etag: W/"67abab5e-22e8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/sw.js
200 OK 103 kB URL GET HTTPS
megaup.net/sw.js
IP / ASN
5.34.214.148
#42532 SIA VEESP
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2023-03-09
Last Seen 2025-08-08
Times Seen 3810
Size 103 kB (103036 bytes)
MD5 9ee51131e416458b88d6da4e6e6959ca
SHA1 a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4
SHA256 db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
Certificate Info
Issuer Sectigo Limited
Subject *.megaup.net
Fingerprint 9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
Validity Tue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
DNT: 1
Connection: keep-alive
Cookie: filehosting=bkfelbmac41njn5352ftsq8hat
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 07 Jul 2025 02:08:08 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 22:15:30 GMT
vary: Accept-Encoding
etag: W/"63a23402-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
200 OK 19 kB URL GET HTTPS
fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP / ASN
142.250.178.67
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 19276, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-08
Times Seen 1312
Size 19 kB (19276 bytes)
MD5 266d9ceb5c3c51971e2a9e13b7ec5883
SHA1 091a3b35321cb3e7b11034a091964e795c4b74ac
SHA256 f93e2585efd0318f328e3431482382c66dfe89ac387060e88116cdd18a18b933
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
Validity Tue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT
GET /s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 17:14:33 GMT
expires: Fri, 03 Jul 2026 17:14:33 GMT
cache-control: public, max-age=31536000
age: 291215
last-modified: Wed, 28 May 2025 17:52:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET undefined/cmRXak4TBjQHcRNZNUw7AAhqT3w0QWUsKkELMFI6Q1xkA38EBjBELR4LIg4oAAs5HmAcASNPfDQJGD09BQYPGi8wImMmHCdUFDwIMCATPAc7M2deKDVUHiMGMzUQPB8dBgMoPRclL1MAJjI4DwgkBzUuGhkeMigEV1YVOh84DB8GKUIgPFsAICY0Dww0FwArHAY8Eyt/PixmCQc2Mi8JGTNdBD8LRgIfBggjImYzHCU1Ej0ZN1AUIX5KPAASGBQ3Py8tJTUaDxgaHBM5CxUuFT8cOzcWBi8zIRkhBjQMLjkLFS4fLCU2MBZbATMdbgwNQxAePX5GBwAiYzgtBCslKDY8AgQXIjguGSQ1HTsmJAIEBno9MSAzGDoiO1gWQgsePTkwBwQNJj0lO1otJyY7PA0KMhU+KTsWBB0+FCw7Wy0mIg4oaBgXOAQ+TzAeKzc8NC8yOxo9Ix4
0 B URL GET HTTP
undefined/cmRXak4TBjQHcRNZNUw7AAhqT3w0QWUsKkELMFI6Q1xkA38EBjBELR4LIg4oAAs5HmAcASNPfDQJGD09BQYPGi8wImMmHCdUFDwIMCATPAc7M2deKDVUHiMGMzUQPB8dBgMoPRclL1MAJjI4DwgkBzUuGhkeMigEV1YVOh84DB8GKUIgPFsAICY0Dww0FwArHAY8Eyt/PixmCQc2Mi8JGTNdBD8LRgIfBggjImYzHCU1Ej0ZN1AUIX5KPAASGBQ3Py8tJTUaDxgaHBM5CxUuFT8cOzcWBi8zIRkhBjQMLjkLFS4fLCU2MBZbATMdbgwNQxAePX5GBwAiYzgtBCslKDY8AgQXIjguGSQ1HTsmJAIEBno9MSAzGDoiO1gWQgsePTkwBwQNJj0lO1otJyY7PA0KMhU+KTsWBB0+FCw7Wy0mIg4oaBgXOAQ+TzAeKzc8NC8yOxo9Ix4
IP / ASN
0.0.0.0
#0
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cmRXak4TBjQHcRNZNUw7AAhqT3w0QWUsKkELMFI6Q1xkA38EBjBELR4LIg4oAAs5HmAcASNPfDQJGD09BQYPGi8wImMmHCdUFDwIMCATPAc7M2deKDVUHiMGMzUQPB8dBgMoPRclL1MAJjI4DwgkBzUuGhkeMigEV1YVOh84DB8GKUIgPFsAICY0Dww0FwArHAY8Eyt/PixmCQc2Mi8JGTNdBD8LRgIfBggjImYzHCU1Ej0ZN1AUIX5KPAASGBQ3Py8tJTUaDxgaHBM5CxUuFT8cOzcWBi8zIRkhBjQMLjkLFS4fLCU2MBZbATMdbgwNQxAePX5GBwAiYzgtBCslKDY8AgQXIjguGSQ1HTsmJAIEBno9MSAzGDoiO1gWQgsePTkwBwQNJj0lO1otJyY7PA0KMhU+KTsWBB0+FCw7Wy0mIg4oaBgXOAQ+TzAeKzc8NC8yOxo9Ix4 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiNX2eqvkAIF5-YSwFhzDzR975WXllQrgOgm1cAkJS5DXetTEELRuwrL_ctETTzanPii_LVj
302 Found 0 B URL GET HTTPS
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiNX2eqvkAIF5-YSwFhzDzR975WXllQrgOgm1cAkJS5DXetTEELRuwrL_ctETTzanPii_LVj
IP / ASN
142.251.9.84
#15169 GOOGLE
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject accounts.google.com
Fingerprint FF:F3:CC:D7:E9:C3:7E:10:C4:8A:5F:69:07:3E:95:0E:99:EE:91:34
Validity Tue, 17 Jun 2025 20:03:47 GMT - Tue, 09 Sep 2025 20:03:46 GMT
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiNX2eqvkAIF5-YSwFhzDzR975WXllQrgOgm1cAkJS5DXetTEELRuwrL_ctETTzanPii_LVj HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:4uBFsWXACs1Du6iUf06HqAKN18YTpg:pWQsoeqItAJTVur7;Path=/;Expires=Wed, 07-Jul-2027 02:08:10 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Jul 2025 02:08:10 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiM7nbgRcMSXW8ahJLO6ZHTMcTkoZGAOLes8ocXz34pXxXi2HCYr3ZwPVjnn8MWj9V_N0oI-Ow&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S792110031%3A1751854090478244
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-0ZsUI6jIsIwT2kMdEgJZ5Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 415
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
0 B URL GET HTTP
click.directrankcl.com/thumbnail?i=*r*a60FVI2I_0&imgt=icon
IP / ASN
0.0.0.0
#0
Requested by https://megaup.net/2e4afe31ef24363229a2199dbc71f49f/kps.omori.multi5.7z
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-08
Times Seen 5720909
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=*r*a60FVI2I_0&imgt=icon HTTP/1.1
Host: click.directrankcl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
