Report - megaup.net/2un2B/Pocket.Stables-GoldBerg.zip

Report Overview

Submitted URL
megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
IP
91.209.70.182
ASN
#43317 FNK LLC
Submitted
2022-09-28 08:17:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.5 kB	143.204.55.115
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.7 kB	104.18.32.68
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	8.6 kB	216.58.207.237
reswsentativ.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	2.9 kB	172.67.140.14
imp9.bidgear.com	34078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	464 B	1.1 kB	104.26.3.107
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	37 kB	34.120.237.76
hypermusk.com	33416	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	2.2 kB	62.122.171.12
cdn.pncloudfl.com	13313	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	4.4 kB	172.67.25.161
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
altowriestwispy.com	951913	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.0 kB	172.255.6.33
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.189.157.130
dmmzkfd82wayn.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	4.4 kB	143.204.42.171
syndication.exdynsrv.com	34243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	3.7 kB	95.211.229.246
pogothere.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	327 kB	172.64.199.35
outsimiseara.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	23 kB	172.67.12.156
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.3 kB	23.36.77.32
hatsheisaco.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.9 kB	18 kB	143.204.55.30
platform.bidgear.com	30367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	791 B	4.8 kB	104.26.3.107
a.exdynsrv.com	40663	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	24 kB	205.185.216.10
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	43 kB	142.250.74.72
s3t3d2y8.afcdn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	19 kB	185.76.9.19
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	15 kB	157.240.200.35
megaup.net	179052	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	978 kB	91.209.70.182
keydawnawe.com	586690	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.9 kB	23.109.82.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	20 kB	142.250.74.174
agagraveleran.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	602 B	392 B	139.45.195.6

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	hatsheisaco.xyz/WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k	Phishing
2022-09-28	medium	hatsheisaco.xyz/RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg	Phishing
2022-09-28	medium	hatsheisaco.xyz/R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ	Phishing
2022-09-28	medium	hatsheisaco.xyz/UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4	Phishing
2022-09-28	medium	hatsheisaco.xyz/THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	agagraveleran.com	Sinkholed

JavaScript (53)

	URL	Size	First Seen	Last Seen
	hatsheisaco.xyz/WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k	2.9 kB	2023-03-08	2023-03-08
Pretty URL hatsheisaco.xyz/WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k IP 143.204.55.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 1c04cb8e9a418fc835f7b8b5c849f65d 4dc8d6fa3acedc3b9f3a6a5d61e6247b75c41dd2 e1d73c892979af7c49b088f1decc538644ead2a96bc59ba85fd1192c41bc72f3 Loading...

	hatsheisaco.xyz/RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg	3.0 kB	2023-03-08	2023-03-08
Pretty URL hatsheisaco.xyz/RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg IP 143.204.55.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 31a269099f6db15eecc4b9b6973af18b 23ea6a1e66982faf510ac59402b2459a3ed8e41d 4b9000f761d38146bc3fd2b404d9d14ae607b1d6a0c69db9823c9c2e2059854b Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	59 B	2023-03-07	2024-05-10
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 18:45:26 Times Seen3767 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	134 B	2023-03-07	2024-05-10
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 14:01:36 Times Seen3552 Hash 41eece0da217398b6f4d4ee2f01b6245 72f2098b0520b07dd3c6874646c920a3d367a4e2 62bba8c2295a14bb2d007a3f7f8730fd10cef7348a6474f3f832c99ca6795d35 Loading...

	platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664353053932	4.4 kB	2023-03-08	2023-03-08
Pretty URL platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664353053932 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 81a367140698c13d48393f4b23cf312f ddc766b827598986eff2d20309fc1e3c9ad5f5ce ef6808955e7472e62ada3b97fe7df4acba2d2add843f111dd97afa7ceb3b2f5b Loading...

	dmmzkfd82wayn.cloudfront.net/QOTluSXRaVgAvS01QCnRDDw1ffUUfUx0mGkkEPiARS3g3fzEMfB0tUk1DCnREH1UPJxMEHwsnFwQISCgQWwRabwBJVgV0AF1TAiUbXksHOFJMWFMkG0NQAiUVHAsofFoJHFx5XEEIX2xHexxceRhQVxsxUQsJFnFCZg9abEd7HFx5Bk8cXQhNDxdeYFELCQ-ksF1JWS3syCwlfeUQICV9sRglfBzsRX1YWbEZ/AFhnRB9MU3g	828 B	2023-03-08	2023-03-08
Pretty URL dmmzkfd82wayn.cloudfront.net/QOTluSXRaVgAvS01QCnRDDw1ffUUfUx0mGkkEPiARS3g3fzEMfB0tUk1DCnREH1UPJxMEHwsnFwQISCgQWwRabwBJVgV0AF1TAiUbXksHOFJMWFMkG0NQAiUVHAsofFoJHFx5XEEIX2xHexxceRhQVxsxUQsJFnFCZg9abEd7HFx5Bk8cXQhNDxdeYFELCQ-ksF1JWS3syCwlfeUQICV9sRglfBzsRX1YWbEZ/AFhnRB9MU3g IP 143.204.42.171 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 4649f33ba15fed354a2e768fbc301f60 ac229198c75f1abca031d4fc53313da4109d4423 4daa19e304fc28e486970b5074a06ca7b7889d2f6bc2247460262aa69f59e323 Loading...

	megaup.net/themes/flow/js/jquery.iframe-transport.js	9.3 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.iframe-transport.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1347 Hash bbf8d80f1841d07cbee13abcfe0a5ba2 a69ad62ab8a001e0ea8ea106ac404ac0af88984c 4f3f67c68965b4076cc7bc531f648c3a15aa30c1b9cede0486afd4eb4353f8c1 Loading...

	megaup.net/themes/flow/js/jquery.fileupload-resize.js	8.1 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.fileupload-resize.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen1224 Hash 23a8f0c0a8e9febbf563aef9fb28f2b0 a0d188d6535c31b9bce7d874e4731f3a0bd2a220 2d6f1126fbf381ae50f1264f82d5d2c55c400067557abf21387ab4c72af624cf Loading...

	megaup.net/themes/flow/frontend_assets/js/gauge.min.js	18 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/gauge.min.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1875 Hash aafe893df6f86140460a76d58dcecfe2 fe1a74890dc8f040f5f681041663b96d983163f6 2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	828 B	2023-03-08	2023-03-08
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash d5696b19c8d98adb7b629d11f95a61d3 a121bc0018b5349c0c90d97c03d61ca938230c1b dcc4083fc7dc997c9acf265cb1b55601d1182c44da23d164fccc9f0b47f9a299 Loading...

	megaup.net/themes/flow/frontend_assets/js/retina/retina.js	1.3 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/retina/retina.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen1373 Hash d3e2d6e7887add1872c197bab95a16b7 fe996175492409ca9e5b4f42911c5a69e8b2698c 4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	155 B	2023-03-07	2024-05-10
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen855 Hash dbc6f821e8ff7c4828576a426ee2d4e8 f043b3149f201934cfc9ff603023868202ac2141 68db8c28a54f45ff784d9386fb96e04dc8131f033f5f68307876dc2f1652ea59 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 19:30:04 Times Seen37517804 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js	16 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1976 Hash 38c5167c8052d0c73892c3742b16e903 213ef9210b4a5c4e73a242e832a08f4abef69a74 743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7 Loading...

	megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js	7.4 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1291 Hash ffa5849037af7c5e6fc1971877859645 deb7c1eca1d4ed43dfbf33442047136d5a5f41a9 8fa669071ed5fb03e9954ba360885e7ba95fb77ae5448dfc313c3c01202b46aa Loading...

	megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js	29 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 17:28:22 Times Seen10261 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	306 B	2023-03-07	2023-07-24
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-07-24 03:04:27 Times Seen477 Hash abb46aba0f13b8f263f7cfa04e028a84 66e88492b0432e2d7d16409e8ad80af81427869d 8e990eafe191080ca973aeee6d82f35eea96e9e80bfe7a01ae9a83cbc3d6f62a Loading...

	dmmzkfd82wayn.cloudfront.net/ib3pLVWYMFSUzWRsTL2heWEx4ZF5JEDg6CB9HMic/HR4cPAoHLn0YXyERB3MSFR52ZUADGyUyW0kfJTZbXlwqMQRSTm0hFgARdiECBRYnOgEdEzpzEw5HJjocBhYnNENdPH57VkpIe30eXktuZiRKSHs5DwEPM3BUXwJzYzlZTm5mJEpIeycQSkkKbFBBSm-JwVF8dLjYNAF95E1RfS3tlV19LbmdWCRM5MAAAAm5nIFZMZWVAGkd6	600 B	2023-03-08	2023-03-08
Pretty URL dmmzkfd82wayn.cloudfront.net/ib3pLVWYMFSUzWRsTL2heWEx4ZF5JEDg6CB9HMic/HR4cPAoHLn0YXyERB3MSFR52ZUADGyUyW0kfJTZbXlwqMQRSTm0hFgARdiECBRYnOgEdEzpzEw5HJjocBhYnNENdPH57VkpIe30eXktuZiRKSHs5DwEPM3BUXwJzYzlZTm5mJEpIeycQSkkKbFBBSm-JwVF8dLjYNAF95E1RfS3tlV19LbmdWCRM5MAAAAm5nIFZMZWVAGkd6 IP 143.204.42.171 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 87729549e58f73f78bce2e916940a868 0a17fa5cdbc1ff45142fb0bd49aa7c7f5b4a0c7e df2963729838762e144ff644e423a031445ca7d0d82d89518b2d4cc19dcaa1b3 Loading...

	megaup.net/themes/flow/js/global.js	3.4 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/global.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen951 Hash b62957c3c4788544cad00a761303b836 0436c4efedfe2075b24a87ff969034b2e258e609 ef8a1ff709899584c91496da397de0b0fcab774e3b6d258ccca9997e592e84d3 Loading...

	megaup.net/themes/flow/js/jquery.dataTables.min.js	70 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.dataTables.min.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 19:04:59 Times Seen7547 Hash 737f853e9fd6a31d62f5028e88663c9f cf144f2ab49f53a69fbfe10d3588fc23437d2736 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841 Loading...

	megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js	15 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:29 Times Seen2036 Hash d31e0426a59b32581835680633809ea3 98caf983b9349fcf2a32d6512f998ea9a557a90e c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba Loading...

	megaup.net/sw.js	78 kB	2023-03-07	2023-03-17
Pretty URL megaup.net/sw.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-03-17 12:54:06 Times Seen1 Hash 083e60300b424b4ee4aad68508c0b54a 115c0a7ecd0988be85c84b0e7c6b89908b5d854a 31db1d160d4b91baed2f9e35aec3d8368b598d3ec9df3533a75ac005106483b6 Loading...

	megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js	85 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 13:17:29 Times Seen2096 Hash 04426bc66c09c8881b5b329310e903e9 ff7f2f64ed5938023a91050e27f22f77becba78c ebf4e570b96d611fa540bb8745ba518a1005d50c4589a2c2cf3a60a97151a184 Loading...

	megaup.net/themes/flow/js/canvas-to-blob.min.js	1.0 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/canvas-to-blob.min.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen1297 Hash f1b353d74742a0d0d8dba4a82f07c050 a1b03792ee014e57e16a27cf343aaad13af08666 233a048b5eab2ecc75e2f72bf9a65de6ac06e697746156ade5b144305d76ca3a Loading...

	megaup.net/themes/flow/js/jquery.fileupload-validate.js	4.1 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.fileupload-validate.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1343 Hash 9e083d9e4a3e014b760d70ad0f1e85cb dbc0b1b973f8f77b74baadc0a696e001234f8ac5 217bffe44b964e10fe120949b9a143b665a8c03a57ab348713de7d8b2878345e Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	64 kB	2023-03-07	2023-10-30
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-10-30 15:18:53 Times Seen541 Hash e6096ea93da6ec531ec81c8acaf77ebf 810f3bf61851063ec1162938e7ca55b512fc537c b37b9a8b330d400b682e4eeec2c10a326aa384766815b355cdb472263abd00d6 Loading...

	megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js	1.8 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen1266 Hash 76cff321a3da409f04f1b9d25319ab78 f9de6b54f2eeeb85ea43693bee32dc930a252649 9930043ffb4753c135a12f6be97e24ef56fdfd5aaf1af6a204d99937a7ba8ef2 Loading...

	www.googletagmanager.com/gtag/js?id=UA-108868042-1	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-108868042-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 69a6a38ee5afd99776b73e32724b8766 37e957c9e8c04ffd4457aeeffd22f5d63e1c7691 bfd35306ae9b65e979ce1b14ce98f307e0dd985d2f14c966a83438298847308e Loading...

	hatsheisaco.xyz/THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM	2.9 kB	2023-03-08	2023-03-08
Pretty URL hatsheisaco.xyz/THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM IP 143.204.55.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 40ba3ebee4644f3f2cc522644ec717fd 820a02ea6a00a001fe564651d913f94547ffedf8 459c2008bc906be31b03f2172eb002d9684ffa15368d8cbdedefc9da8c030084 Loading...

	a.exdynsrv.com/ad-provider.js	73 kB	2023-03-07	2023-03-17
Pretty URL a.exdynsrv.com/ad-provider.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:53 Last Seen2023-03-17 12:54:06 Times Seen1 Hash 4340ea5d8c1b0196fdc017ad4feb9cf9 d944899a6eb421496e94cbddc42832b755d29c59 0ec91f164d8f0f10b75742279950b9a089f836afe7a2b6c9f631a6d413732db6 Loading...

	megaup.net/themes/flow/js/jquery-ui.js	436 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery-ui.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen5074 Hash ec9758d9508e2fd22ddbdc6d5a28f214 0ed7df6cc32be8f9687cda3cd6e109e5de44339e ba0103f765802f299bc7dca5c35d9a00359a0abb10cac136f43caf9c0bf98b7c Loading...

	megaup.net/themes/flow/js/clipboardjs/clipboard.min.js	8.9 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/clipboardjs/clipboard.min.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1519 Hash 55db0ff82a3b6b247844ae0d07d85fc6 9bc5c7dc92ef0b31d212a66bbdff591e484f427c 404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	59 kB	2023-03-07	2023-03-17
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-03-17 12:54:06 Times Seen1 Hash 5a882a0f638fd9d53c9d19885dddec4c d79d93893482d0a523fb1784e19248a48f0c9680 6ae715421ac31135c348cf291ac077ddfe4f061d733f33ef9a2bd0e3eba7f477 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	4.7 kB	2023-03-07	2023-03-08
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:56:52 Last Seen2023-03-08 03:22:06 Times Seen1 Hash 640db730a1c269c91bdb862ecb13ce33 fd793eda87f7ad902296b25c66f8efb7ae663ad2 97cd57e7ca87bc8b4c5f7f7eb8db324a7a3698f46bf84c321de69171cbf8ac86 Loading...

	hatsheisaco.xyz/UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4	3.0 kB	2023-03-08	2023-03-08
Pretty URL hatsheisaco.xyz/UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4 IP 143.204.55.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 6f6999746972c6924ec764dec27f0c00 c9c0030b81f314556674765816380ae7cfef2c09 abe829535508f50ff157a608c4049280022704a01417f2f5e0100a9c5931005e Loading...

	dmmzkfd82wayn.cloudfront.net/dS2hkeTkoBwofBj8BAEQOfVlVQQ9tAhcWVztVBht6egovSn45JTVMUCROEANddlhCFVglD1lfXCULWUgfKgwGRA1tHBQWUnYcABNVJwcDC1A6ThEYBCYHHhBVJwlBS39+RlRcC3tAHEgIblsmXAt7BA0XTDNNVklBc147Tw1uWyZcC3saElwKClFSVwliTV-ZJXi4LDxYceS5WSQh7WFVJCG5aVB9QOQ0CFkFuWiJAD2VYQgwEeg	834 B	2023-03-08	2023-03-08
Pretty URL dmmzkfd82wayn.cloudfront.net/dS2hkeTkoBwofBj8BAEQOfVlVQQ9tAhcWVztVBht6egovSn45JTVMUCROEANddlhCFVglD1lfXCULWUgfKgwGRA1tHBQWUnYcABNVJwcDC1A6ThEYBCYHHhBVJwlBS39+RlRcC3tAHEgIblsmXAt7BA0XTDNNVklBc147Tw1uWyZcC3saElwKClFSVwliTV-ZJXi4LDxYceS5WSQh7WFVJCG5aVB9QOQ0CFkFuWiJAD2VYQgwEeg IP 143.204.42.171 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 2d0ea279779fc693f279f622154ac80d 0b1b395a34e080aa67b2b92634b903431b6846d0 dc9c9fda0aced359f185b19c5819462f8c5d76eedab8acab12a0dea42abb0baf Loading...

	dmmzkfd82wayn.cloudfront.net/gYmx0TEwBAxoqcxYFEHF0UFlNfX1EBgcjIhJRPDwrOFsCHyEbVCM8K1FKADYoX1xSIC0MC0lqKQwPSX1qAwgWcXhEGAQjJ18ZGigpBAUaKShEGRVxIQ0WHSAgA0lGCnlMXFF+fEoURX1pUS5RfnwOBRo5NEdeRDR0VDNCeGlRLlF+fBAaUX8NW1pafGVHXk-QrKQEHG2l+JF5EfXxSXUR9aVBcEiU+BwobNGlQKk16YlJKAXF9	458 B	2023-03-08	2023-03-08
Pretty URL dmmzkfd82wayn.cloudfront.net/gYmx0TEwBAxoqcxYFEHF0UFlNfX1EBgcjIhJRPDwrOFsCHyEbVCM8K1FKADYoX1xSIC0MC0lqKQwPSX1qAwgWcXhEGAQjJ18ZGigpBAUaKShEGRVxIQ0WHSAgA0lGCnlMXFF+fEoURX1pUS5RfnwOBRo5NEdeRDR0VDNCeGlRLlF+fBAaUX8NW1pafGVHXk-QrKQEHG2l+JF5EfXxSXUR9aVBcEiU+BwobNGlQKk16YlJKAXF9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 650e5407c869e45255296624d0980ce5 9ffdfa4dd601c4a6fc0d402699cfa57c8420d2dd 722202f78d1ed1b325f383bf62a28b443f75e0ecbf90afd9025d46a1ec9e4c21 Loading...

	dmmzkfd82wayn.cloudfront.net/ddThNZ1oWVyMBZQFRKVpjQQF1UW5TUj4INAUFDDJqH1sZERgvSy9ffAFCKVpqU1QsCT1IHigJOUgJawY+FwV5QS8UBSAIIBxUIQZ/R354SWpQCn1PIkQJaFQYUAp9CzMbTTVCaEVAdVEFQwxoVBhQCn0VLFALDF5sWwhkQmhFXygEMRodfyFoRQl9V2tFCW-hVahNRPwI8GkBoVRxMDmNXfAAFfA	192 B	2023-03-08	2023-03-08
Pretty URL dmmzkfd82wayn.cloudfront.net/ddThNZ1oWVyMBZQFRKVpjQQF1UW5TUj4INAUFDDJqH1sZERgvSy9ffAFCKVpqU1QsCT1IHigJOUgJawY+FwV5QS8UBSAIIBxUIQZ/R354SWpQCn1PIkQJaFQYUAp9CzMbTTVCaEVAdVEFQwxoVBhQCn0VLFALDF5sWwhkQmhFXygEMRodfyFoRQl9V2tFCW-hVahNRPwI8GkBoVRxMDmNXfAAFfA IP 143.204.42.171 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash a976b475a5acc75d40b6b964ac4f09f9 ee29879574258c37862b819ecc7f9a35d676ecd0 ba6960385ca43c7e7e2dce45fd1fe2df2d2a65fcad89db6695d2b5789e60e898 Loading...

	megaup.net/themes/flow/js/jquery.fileupload-ui.js	25 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.fileupload-ui.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:29 Times Seen1903 Hash 6d74ec0b03e02825fef8093d64629489 de746f1c7aeb0927541e1d55bdea4672bb47aa73 5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2 Loading...

	megaup.net/themes/flow/frontend_assets/js/custom/custom.js	5.2 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/custom/custom.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1286 Hash 2d40e9899d9667475ee4a7d5d9731311 6e3b230480bc36ce2e9b0622a48af5924535a72b a72e6ce7c10983fcd6773f0db77f049b7a85039d3e7212a12ad56fbb8d70a6e6 Loading...

	megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js	1.5 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen2055 Hash c2474adb496ade0e96aa9400a3974307 9ab48147ecad83275d147a61dea8df8a968e5a0e fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	544 B	2023-03-07	2024-05-10
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen910 Hash 2c5344f3c45196fa90087fa5091fe077 87ccb6407143d5f6e903e8ca63433d19b62d3dca b3d346aab31b4ed5487d72996581dbff3bb212be0b8cb54e141d3b6204757375 Loading...

	megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js	4.2 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1239 Hash 72e348954c20cc27df3e9d9bd3a4905f e50ad79ab0949f7e40e8d0dc4ed38476220f79f0 9c9f251d98edd1208a6c45aee90ff4011ed964e87e8bb622ae7a45249f1dae43 Loading...

	hatsheisaco.xyz/R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ	2.9 kB	2023-03-08	2023-03-08
Pretty URL hatsheisaco.xyz/R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ IP 143.204.55.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash 38d71c79d366d83eb68d89aa3bcc15d4 e14962602db6842478e557d4cfd4666c759163b6 dbd28f86b8ef68e8bb09e61fad261e71cb1c8710fe09868eebd6c46f7eef018e Loading...

	megaup.net/themes/flow/js/jquery.fileupload-process.js	5.3 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.fileupload-process.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1240 Hash 8f27159561d43ede851b9b84f63cd727 c4672cc17326d35d092741dad007ee72b2c13095 f6626568ee243b737cdfc12efc464eb97d786bdcce590a0326427e11f360293f Loading...

	megaup.net/themes/flow/js/jquery.fileupload.js	56 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/js/jquery.fileupload.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1901 Hash b85ba9fdc07788f5208002e4588c1e2a f4a5b283e901f573f1237b6a096da4c295e8a65b f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc Loading...

	megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js	5.4 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:27 Times Seen1253 Hash 1ebf524053e3259b38cd33a44bff9685 4b073458bfd8526583eaca302f5d21bd1d8b31f5 10815e9b5addf60315886f7216b0530fd58fa8580ca6a81687f14ffee517c619 Loading...

	megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js	198 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:29 Times Seen1810 Hash 35045d45f7d1dde1f90457c5d73700c5 a7fcee0ab1da615e828e51967c474ae91d768569 d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221 Loading...

	megaup.net/2un2B/Pocket.Stables-GoldBerg.zip	2.2 kB	2023-03-07	2023-04-15
Pretty URL megaup.net/2un2B/Pocket.Stables-GoldBerg.zip IP 91.209.70.182 ASN #43317 FNK LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2023-04-15 04:24:13 Times Seen257 Hash c73ed2df8f925b3acdf86093260372df 83bfb39d5cb4bff82d71c480c6fe252c4f40ee93 72b0e3127865be6b332522d2af948e2fecec372743d86e8e0cc382704a4c7808 Loading...

	megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js	2.4 kB	2023-03-07	2024-05-10
Pretty URL megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-10 13:17:28 Times Seen1514 Hash 1e4ba2a9c6f022f7c920cd2e76d95bd4 f15cbf023a4a1e1c810eff679cc9b35b81a6f2c2 afff7cdd8f6f0ca43b26573840f5ec5d3302dc1fc2b2209a1163e3978c9d012c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 57143c38ff308b700bda81d33fffdc1c	47 B	2023-03-07	2023-11-28
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2023-11-28 15:07:25 Times Seen935 Hash 57143c38ff308b700bda81d33fffdc1c 7a4357101b77e5e514797ea16df9f31d0c1711df 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d Loading...

		Size	First Seen	Last Seen
	#1 Write - af7ca850d8fa904dc122c9127d193695	2.3 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 03:01:20 Last Seen2023-03-08 03:01:20 Times Seen1 Hash af7ca850d8fa904dc122c9127d193695 b04b22e7306bcb1e03788c2f60f5ad7f39066944 d463b3808bf5f097fecc23e39dee023bcab730a5e3b1c2863f227544ac0872f6 Loading...

HTTP Transactions (122)

URL IP Response Size

megaup.net/2un2B/Pocket.Stables-GoldBerg.zip

91.209.70.182

301 Moved Permanently

162 B

URL HTTP/1.1
megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /2un2B/Pocket.Stables-GoldBerg.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 08:17:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:42:53 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ip4XnX0_v2B6Qyt-13NM5-ayrbYbEiuqJ0grQ72HoP6KmTK7dGTE9w==
Age: 2082

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4267
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 08:17:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EGaZaMW7q1PwrNn4G_ZdtuBbVQW-j0gbwYWVVr5XLOykvfNTz9744A==
age: 82402
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
55fc559ae8097427d7a66ec558f569a4
e1258370408ae50c859ec874ff7c260e3c850846
1df3b994d416e1ee8ee3494fc298862c80d5b3ea01d4d41ee4e05b80c7f48918

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:17:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 23:25:47 GMT
Expires: Mon, 03 Oct 2022 23:25:46 GMT
Etag: "e1258370408ae50c859ec874ff7c260e3c850846"
Cache-Control: max-age=485890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751b0b247b631c0e-OSL

megaup.net/themes/flow/images/main_logo_inverted.png

91.209.70.182

200 OK

7.1 kB

URL HTTP/2
megaup.net/themes/flow/images/main_logo_inverted.png
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7137 bytes)
Hash
5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018

HTTP Headers

GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/images/loading_small.gif

91.209.70.182

200 OK

184 kB

URL HTTP/2
megaup.net/themes/flow/images/loading_small.gif
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
GIF image data, version 89a, 64 x 64\012- data
Size
184 kB (184355 bytes)
Hash
b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d

HTTP Headers

GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css

91.209.70.182

200 OK

4.7 kB

URL HTTP/2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
Unicode text, UTF-8 text
Size
4.7 kB (4686 bytes)
Hash
f99733190bc791ae1be04ab4318b5b96
b37400f133ffb42461ab08a5d7fe27234026f281
924b63b9d3d81bceb10bb03634cce2cb2168dfeca3d8ea8a4103fcff131971ef

HTTP Headers

GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/css/custom.css

91.209.70.182

200 OK

34 kB

URL HTTP/2
megaup.net/themes/flow/frontend_assets/css/custom.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
assembler source, ASCII text, with CRLF line terminators
Size
34 kB (33890 bytes)
Hash
7819bba13b25a8532e346d12b6c78a37
8bd8700a8f6740ef14f9327ce6208c4a9d2c7b61
659db71cfad768359d4103fa00ea9d6174da9e535b508f9ad80cbd0934ed61fe

HTTP Headers

GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/styles/file-upload.css

91.209.70.182

200 OK

42 kB

URL HTTP/2
megaup.net/themes/flow/styles/file-upload.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
assembler source, ASCII text
Size
42 kB (41794 bytes)
Hash
bd73744012fa65d04ebd459a3d7f1096
28663761889a61c5c7c17a9a4ac076fef21ac799
e41ff77246576368a529f6b9dbe08b8636d77a90065dd404844b7505291bad49

HTTP Headers

GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

keydawnawe.com/gwZ1U5hjA8ii/32575

23.109.82.168

200 OK

26 B

URL HTTP/1.1
keydawnawe.com/gwZ1U5hjA8ii/32575
IP
23.109.82.168:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 29-Sep-2022 08:17:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 29-Sep-2022 08:17:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=UA-108868042-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42335 bytes)
Hash
cfaa4fa14b84afb2afd09c0d02de8171
32da095346e1ae7f4a03d579dcfb9b567c3da4a1
edd63145a4681fea3d96d6034fa72da72c12bc3a405e249d9326fc3b5a544ef7

HTTP Headers

GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 08:17:35 GMT
expires: Wed, 28 Sep 2022 08:17:35 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

altowriestwispy.com/tysaSHG1FMaM/18410

172.255.6.33

200 OK

25 B

URL HTTP/1.1
altowriestwispy.com/tysaSHG1FMaM/18410
IP
172.255.6.33:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 29-Sep-2022 08:17:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 29-Sep-2022 08:17:35 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Last-Modified: Wed, 28 Sep 2022 07:44:21 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

megaup.net/themes/flow/js/canvas-to-blob.min.js

91.209.70.182

200 OK

5.1 kB

URL HTTP/2
megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (1032), with no line terminators
Size
5.1 kB (5118 bytes)
Hash
32b2d747159dee8e339f4cb60e75c8d5
9338af004ee16f7f9c094ce351422c4aaae9fdaf
60e8a8362021ac966ed230757f972e735c792d24b668bc11acb0e7d5a4c38179

HTTP Headers

GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-validate.js

91.209.70.182

200 OK

1.6 kB

URL HTTP/2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text
Size
1.6 kB (1615 bytes)
Hash
063000146abe0eaa25380b31ea51a3d7
53f1ad431d4f2deeb0cb20c9b4c66abb5b0b9fdb
54c4fe96e01109c03ff0bac6cc752027904b171d24306eb8c06b2d8e57c3d35f

HTTP Headers

GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-ui.js

91.209.70.182

200 OK

37 kB

URL HTTP/2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text
Size
37 kB (36660 bytes)
Hash
12ae6ae4f8d2e1cb198f18179954d2ac
17b40e8dff2cce637507b11c48fd93f14d60a25e
66bf83c5b525d360386a3664eb3c17467deef2862469c47bece7bfc9be93d968

HTTP Headers

GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff

91.209.70.182

200 OK

31 kB

URL HTTP/2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Size
31 kB (31344 bytes)
Hash
21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42

HTTP Headers

GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery-1.11.0.min.js

91.209.70.182

200 OK

86 kB

URL HTTP/2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (32341)
Size
86 kB (85599 bytes)
Hash
f66c1a9b586a99b45f6a80658c629da4
ce5e58929a04dead8c81cb9834346a9b55c99bd1
5668b1a65b6c22fd7102cc590ee58bea400ac1f6b8e32c5e169585e724be7d67

HTTP Headers

GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff

91.209.70.182

200 OK

21 kB

URL HTTP/2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Size
21 kB (20972 bytes)
Hash
cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887

HTTP Headers

GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d630ef5b1d7afaa72254be011eda5da3
1d36045b0711cb90cf63f0cb403c6e08c24374f0
65a57ef2098917f9d92c6bb00a4d556bf3864200c070bcc295336ad7e3c781fe

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "65A57EF2098917F9D92C6BB00A4D556BF3864200C070BCC295336AD7E3C781FE"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2689
Expires: Wed, 28 Sep 2022 09:02:25 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d630ef5b1d7afaa72254be011eda5da3
1d36045b0711cb90cf63f0cb403c6e08c24374f0
65a57ef2098917f9d92c6bb00a4d556bf3864200c070bcc295336ad7e3c781fe

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "65A57EF2098917F9D92C6BB00A4D556BF3864200C070BCC295336AD7E3C781FE"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2689
Expires: Wed, 28 Sep 2022 09:02:25 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

altowriestwispy.com/tysaSHG1FMaM/18410

172.255.6.33

200 OK

25 B

URL HTTP/1.1
altowriestwispy.com/tysaSHG1FMaM/18410
IP
172.255.6.33:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

hatsheisaco.xyz/WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k

143.204.55.30

200 OK

1.2 kB

URL HTTP/2
hatsheisaco.xyz/WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Size
1.2 kB (1176 bytes)
Hash
2e1a76a92e1ecbd10701d6c314c2709e
4d66381dbf39d9169ad74bbe281b43f60d5b1c12
33a196efb9b3e11bdcef04b4845907df0b0d1268294256991fb15d2aaba44cc0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /WkNCTUQ7ISEgezt+IGsxKC9/aHYcZnALIDcuOCYiPntwOiUjLWwuKDU2Jis2NS02Yyo/N2d/Aj0aLzV0DgY1DwUiLDMuPAMFBwUCahYEIQo8G3MIBj0gKAQsEBESCTMoDAQ+BxI6By8SGQ56BnUcCAMJHTUbczUXEwByAAdqLzMGFS0TERV1KwI1KhM5GyoIAxsSKAd1YhkFJCMqAQMYJREQKggDCBU6BBVqFAoeBT0CciEDGS0uABwcBWd/BjwGLRgWAnIyGBdvESQjMxUBECJxFAYmKBYeEXIbABQAJwooCA8uC2FoASQPBTsWGnUKDXIyLCIdFQoVL3cSMAYVHwsFfyh/cQAHAm8GJBU8CRsXH307FQAuATMWZ38GGDQtLwodLxMGL2t1GyEOEQIaC318KTEiKip+Cj0jAHQ0HikjexU9I2k HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EkqAtMECO8z85ra8HAnqS6pvvtrET5l5yXkSOEWGDQMQe51mzq88BQ==
X-Firefox-Spdy: h2

keydawnawe.com/gwZ1U5hjA8ii/32575

23.109.82.168

200 OK

26 B

URL HTTP/1.1
keydawnawe.com/gwZ1U5hjA8ii/32575
IP
23.109.82.168:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

hatsheisaco.xyz/RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg

143.204.55.30

200 OK

1.2 kB

URL HTTP/2
hatsheisaco.xyz/RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Size
1.2 kB (1176 bytes)
Hash
f1dc8b055a70f816f87535843f759a08
bdb018cd32e44280d8ffe7986b1ede1fd688640e
8c528b47ac8dee651a08c1e3f37445ba1ab62f52fec4474d56fcb9471cd8f04f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /RFVXRGUlNzQpWiVoNWIQNjlqYVcCcGUCASk4LS8DIG1lMwQ9O3knCSsgMyIXKzsjagshIXJ2IyAGZSwOIQE8KyczOjEGD3wXFgE0CzMBKDMVBG4wJCw2ABIfMAMVLBFyMDArExc7Y3EvEAMaESYWGhIFKyAxOywmAgMwKCF1OTEcJhEZABECIh4wMyIWFGYwLQYEABELHTYWBisSHyAnIQdkFnIxLBAOBiYdHR8sJxIfICgnF2ZuYVcGBzsWBgdmIwUtATIeJgk3OA8FEXMXFnQ9EBEZCjMvORUnVHBiAzNUMQIuHgYHZiQlICgiHAcJAgYBMwktAQFpPw4NPnApAC0OJwAXYAAXNCxiAAIzDhYQcQQSF24VKhVlFAIOAiAALS8FEWUSPBUyIAEAI3M9NwoqJWomBwdkNQ9WAycaFVAtOg HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y3B3Y-fUiAszMIbn_enDYEgVIDh1Bkux00SSkrX-F0yVqxtWdjiOSg==
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.189.157.130

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.157.130:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pDcW+c/mB52hrPnwcA8s1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uHjRsaIGw/hoRAyJ2Klxa6otdv4=

hatsheisaco.xyz/R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ

143.204.55.30

200 OK

1.2 kB

URL HTTP/2
hatsheisaco.xyz/R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2996), with no line terminators
Size
1.2 kB (1155 bytes)
Hash
7d62e12e6bc4279a7d0129352d58d385
91adc6d176a8833f1c0a5748a787c6fe7787cad4
bd7d787373c864eb01e47f566f6a125b98aa2b6f6c693fb5d9148dbfa86af1ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /R0RJeGImJioVXSZ5K14XNSh0XVABYXs+BiopMxMEI3x7DwM+KmcbDigxLR4QKCo9VgwiMGxKJCMgHRAsHXUmLzQ+CQsiMwEWAi4SLRUYPlMSE3wsNy1wADYjEgINPCg2DHgLOAIWLg4xPn0vHiMBBwIuEjYReCkRBBB4MSouIwM3NyAOKA87YnYLPhURcRgrWhIGGjkrDgYxLSsWHmxKJBV3fEwxEDQYOwx2FAATMw0lDyk7EgU5QSE9CSssNhEHKD00BiAfPSQWMzEXNAUsGDsMdxIFPiMLAA9NERAzIRMzKiwPIBsgAQQqDSMiMD4NFRUlQTR1MA87NWosHxkKCRYZDyt/AyI6DREWMTUmKgoRHiMGAi85RC03JhYSegUcSAgkED86ODQmcQ HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V5dfm0KUFbyRyXXfsvRzEroHiDxLFfeV9pBDw0EExuRczljjkaceDg==
X-Firefox-Spdy: h2

hatsheisaco.xyz/UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4

143.204.55.30

200 OK

1.2 kB

URL HTTP/2
hatsheisaco.xyz/UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3026), with no line terminators
Size
1.2 kB (1182 bytes)
Hash
0dc69adea53d51f57704e76c3cc07093
5e847fa5112fe6deec8cb304055fd2386abac34a
ab54dc56bf22e33d117ed9780b1bd9c3532766b693a88ff742e3d8e2d256e473

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /UmtWaHYzCTUFSTNWNE4DIAdrTUQUTmQuEj8GLAMQNlNkHxcrBXgLGj0eMg4EPQUiRhg3H3NaMDsJZRg6BDwPJTABPiw/JCE/GloeNzwTEEIILWMiMxYMYCs0ayMbARV3WRAgJGYIBikZGic4WC8KEhM6NGEmBS4kZ1kMPTcWLC89DwVbPQ48BjE0MBolGhs5JAE/O1geFAwXOhI7LhUqJAsFGQ8zNi4sGAwXHGMgPDgENSoeCwUYLTg2Ox5dQQQAJiETYVszMB0mHgwBJBk4HhtDFhwTODthKQMwARgRDxIaCD87XRsYLiYhEysIBzsdOSA0LjQQODtFPCU9EFASHgEPJjcUUmMtRwANBVsCPj1nUTowBjI/NQAmYyU3EyoXBUM8IhAyOwg8ACkxOQ9gThwhBDgYSysZDxoSBQI6ACJkJm8mHR4 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3G4g2yCJgmxuQcMr4MorfNywU4TrsUSR_NrPhPdvWJUOEoUZZjyjWg==
X-Firefox-Spdy: h2

reswsentativ.xyz/V2tDckZ4VCABexgvJxokZRwTMyoBDxQFMRI9ckslFjp2IRA7GGUGLzNWdER3ZlN1VDY+D35DYCQfIgYzJFZyVC85DSxPYCFWclx1Y0VxSmhmTTZPd3EfMxMhalplAjIjB35DcGFfcEd1Z15wRXJk

172.67.140.14

204 No Content

0 B

URL HTTP/2
reswsentativ.xyz/V2tDckZ4VCABexgvJxokZRwTMyoBDxQFMRI9ckslFjp2IRA7GGUGLzNWdER3ZlN1VDY+D35DYCQfIgYzJFZyVC85DSxPYCFWclx1Y0VxSmhmTTZPd3EfMxMhalplAjIjB35DcGFfcEd1Z15wRXJk
IP
172.67.140.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /V2tDckZ4VCABexgvJxokZRwTMyoBDxQFMRI9ckslFjp2IRA7GGUGLzNWdER3ZlN1VDY+D35DYCQfIgYzJFZyVC85DSxPYCFWclx1Y0VxSmhmTTZPd3EfMxMhalplAjIjB35DcGFfcEd1Z15wRXJk HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JrO4ilqT5mBujy1TI9wtAVj9QKRI2jyfd8slyeRmdTZCcJfB63q1OrW7WS9g3T5yhmg5B1EYsTIC0sBfovOVdSKtfCbIfWRo2NSIFuqnzMcsqAR3ZwsJ9NCVOxQq6ahUjXv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b299951b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-process.js

91.209.70.182

200 OK

1.5 kB

URL HTTP/2
megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text
Size
1.5 kB (1536 bytes)
Hash
c3036731a042617a2f79907310514f6f
5814aeaaac53f24b5c1720a5d5baf7e35ca13f8b
8a154e6e263a987bbfda884085e5c1a6b53515ce3d17ecca14d1279ac658578c

HTTP Headers

GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

hatsheisaco.xyz/THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM

143.204.55.30

200 OK

1.2 kB

URL HTTP/2
hatsheisaco.xyz/THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Size
1.2 kB (1169 bytes)
Hash
6ab9c7ab7924bbe4891090a1e511e4cd
cac4b145c84ab42a343ff7cc581612662a70801d
cada0016ed2713b4988968f2fa7807fa6ba7828f70b26652beb5f81a22bb5ca5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /THc4R2UtFVsqWi1KWmEQPhsFYlcKUgoBASEaQiwDKE8KMAQ1GRYkCSMCXCEXIxlMaQspAx11Ix04bCsQHy9qJjMrNk4UVX0meyk3CDNPdgMqIm0hMDRHVQAOJzJoLiQeJAsgVioNfQoDDkdMEg59M3spNwk/CRI1Bg91Ai07BFYBEh0+awQCHSBPFQQuAHoNMyshCAYjfSN5LjAuL1M0LQMxcgoyCjpTAFUCJnkuMBo/eTQKKjFXDS0KDw0fIAk+YHUdBBJAPwYpJVAWMzQEQBI0Pz1+KSMPLV9+BC4yXHAtCg8NBQ50FGAWDQIzQCMAFTF9CyYdWlM0I309bxRWPw57MAkqEm0WLA8hATQ3KxteBR8/JWB2PBsVfR1AfjF5AQ0iJXp+KBlEX2EPPxhWN1gcHl01JBVBfXIgPxM HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cRjSX7eI7jHFwTX5gQ6yaYbCT3neleonCMHWwKY9lxFsUsBvfL9LSA==
X-Firefox-Spdy: h2

reswsentativ.xyz/MFIwbEwfbVMfcWYWVDgWZ2NeLSFmB2Y7O3cIdi4taTVUBRkBBxYYJVRvCFt6A2MISjxZNg1edRYhRA04RSENXWpZPFYDcRYkDV1iAHwFVWIBdEVRfRYmQA0rDWMWHDhEPg1degZmA1l/AGcDW3sD

172.67.140.14

204 No Content

0 B

URL HTTP/2
reswsentativ.xyz/MFIwbEwfbVMfcWYWVDgWZ2NeLSFmB2Y7O3cIdi4taTVUBRkBBxYYJVRvCFt6A2MISjxZNg1edRYhRA04RSENXWpZPFYDcRYkDV1iAHwFVWIBdEVRfRYmQA0rDWMWHDhEPg1degZmA1l/AGcDW3sD
IP
172.67.140.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MFIwbEwfbVMfcWYWVDgWZ2NeLSFmB2Y7O3cIdi4taTVUBRkBBxYYJVRvCFt6A2MISjxZNg1edRYhRA04RSENXWpZPFYDcRYkDV1iAHwFVWIBdEVRfRYmQA0rDWMWHDhEPg1degZmA1l/AGcDW3sD HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gXB0ixLDQmsYbVB3Obw26l3ifOIv1%2FmM0TEUMHuKSV4Qenur0PC4FsSi%2FY8LsASfyimtxyiBTtT8Da%2B7nkbsmm63ezK%2FJJlJWjODfGtI2v8pkO8LuOOHJoO0iFrgaDa75qh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b29995ab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

reswsentativ.xyz/QnZhREttSQI3dhRGUHYvLzwIIQ4QOTcDCXYkChYaG0VQABkUI0cwIiZLVnJ/c0JQYjsrElx1bTECADA+MUtQYiIsEA55bTRLUGp4dlhTfGVzUBR5emQCESUsf0dHND82Glx1fXRCUnF4ckNSc3J0

172.67.140.14

204 No Content

0 B

URL HTTP/2
reswsentativ.xyz/QnZhREttSQI3dhRGUHYvLzwIIQ4QOTcDCXYkChYaG0VQABkUI0cwIiZLVnJ/c0JQYjsrElx1bTECADA+MUtQYiIsEA55bTRLUGp4dlhTfGVzUBR5emQCESUsf0dHND82Glx1fXRCUnF4ckNSc3J0
IP
172.67.140.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QnZhREttSQI3dhRGUHYvLzwIIQ4QOTcDCXYkChYaG0VQABkUI0cwIiZLVnJ/c0JQYjsrElx1bTECADA+MUtQYiIsEA55bTRLUGp4dlhTfGVzUBR5emQCESUsf0dHND82Glx1fXRCUnF4ckNSc3J0 HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7I%2BlsyoGcTEWQOtErLVOgRDdRj3szM9Vm3OUJoAxNNumnC0pI0Z1EZ41Sb7LbjfFYy1lSDF7ODansxv%2FGJfqRe7q5KyPpvewDTVSAjT6o%2FowNRRbSWkFWQ%2Fj0r22%2FAHzlHI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b29a978b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

reswsentativ.xyz/NmMzVTgZXFAmBWIlZRFtWCUDDFZCDWEdAUUAdA9/UDQCLWFjNhUhUVJeC2cND1ICc0hfBw5mChAQRzRMQxAOZwgGVBU8VlAMDmceQF4DewAYWh1kHkNeAnNMRgJUaAkQE0chVAtSBWMMBVYAZQ0FVAZs

172.67.140.14

204 No Content

0 B

URL HTTP/2
reswsentativ.xyz/NmMzVTgZXFAmBWIlZRFtWCUDDFZCDWEdAUUAdA9/UDQCLWFjNhUhUVJeC2cND1ICc0hfBw5mChAQRzRMQxAOZwgGVBU8VlAMDmceQF4DewAYWh1kHkNeAnNMRgJUaAkQE0chVAtSBWMMBVYAZQ0FVAZs
IP
172.67.140.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /NmMzVTgZXFAmBWIlZRFtWCUDDFZCDWEdAUUAdA9/UDQCLWFjNhUhUVJeC2cND1ICc0hfBw5mChAQRzRMQxAOZwgGVBU8VlAMDmceQF4DewAYWh1kHkNeAnNMRgJUaAkQE0chVAtSBWMMBVYAZQ0FVAZs HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B%2FSNWl%2B631GHdrS9d7JcUy%2FbPoTnb%2Fztyhfbh5AdCcoyMxmqc36QaHig4yNFl%2B%2BlBSWg0bTjd6yCf%2FszLOBZcvYdd4V5Qtgks%2BA3wJrbMR1Dh8iSzgb7%2Bh7swnvxBOza9Ke"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b29b98db4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

reswsentativ.xyz/ZGV6UlhLWhkhZQAjO2EOMS8+Cxk+DR5iPAgnSBhqNlc7FgFXJFwmMQBYQ2ZhXFNOdCgNAUdjYEIWDjMsERZHY34NCxw9ZUITR2N2VEtLfGtCEEdjfhAVGzVlVUMKJiwIWEtkblBWT2FoUVZNams

172.67.140.14

204 No Content

0 B

URL HTTP/2
reswsentativ.xyz/ZGV6UlhLWhkhZQAjO2EOMS8+Cxk+DR5iPAgnSBhqNlc7FgFXJFwmMQBYQ2ZhXFNOdCgNAUdjYEIWDjMsERZHY34NCxw9ZUITR2N2VEtLfGtCEEdjfhAVGzVlVUMKJiwIWEtkblBWT2FoUVZNams
IP
172.67.140.14:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ZGV6UlhLWhkhZQAjO2EOMS8+Cxk+DR5iPAgnSBhqNlc7FgFXJFwmMQBYQ2ZhXFNOdCgNAUdjYEIWDjMsERZHY34NCxw9ZUITR2N2VEtLfGtCEEdjfhAVGzVlVUMKJiwIWEtkblBWT2FoUVZNams HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BSDV8Dokw%2BiRCMErLq7Wp6sMJLNR6p64OEvBAczG%2F%2Fu1wNJloiC3PL7%2FVVNcCvG0QTs%2FPHndNDsS%2Fin3uMNRONVCHJBHb%2BUzNYISHegESJEk%2F%2Fg6%2ByYESgyXCt%2BtXNsiGdQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b29b991b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
d630ef5b1d7afaa72254be011eda5da3
1d36045b0711cb90cf63f0cb403c6e08c24374f0
65a57ef2098917f9d92c6bb00a4d556bf3864200c070bcc295336ad7e3c781fe

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "65A57EF2098917F9D92C6BB00A4D556BF3864200C070BCC295336AD7E3C781FE"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2689
Expires: Wed, 28 Sep 2022 09:02:25 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

megaup.net/imageads/017.gif

91.209.70.182

200 OK

201 kB

URL HTTP/2
megaup.net/imageads/017.gif
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
GIF image data, version 89a, 300 x 250\012- data
Size
201 kB (201359 bytes)
Hash
deba3956e47484e8ba669125b2a814d9
2c86aab5ecf6c37457dd9f99861e55b3a57ecd52
d6c5fd53b238600374fe816597570a25ce2aef3aeb902e459e140293be16ddcd

HTTP Headers

GET /imageads/017.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: image/gif
content-length: 201359
last-modified: Sun, 14 Mar 2021 22:43:04 GMT
vary: Accept-Encoding
etag: "604e9178-3128f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js

91.209.70.182

200 OK

4.4 kB

URL HTTP/2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
ASCII text, with very long lines (1288)
Size
4.4 kB (4360 bytes)
Hash
a515d80349a4f163e4d21ccc86203b63
ab506ac95f701eb18aa870b07723ac513c306af3
d28dd072d41a2d20b4521ac81d0d322a09395fa005971f94d76ea8693fde3cf6

HTTP Headers

GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

281 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
281 B (281 bytes)
Hash
76d1f6267026a53ba2e40c12aff0c2c8
9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0
915114bd4ebe358031f5f2aef414fea695d66012a6069d339e6997cb2263d38b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:17:36 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 09:53:49 GMT
Expires: Tue, 04 Oct 2022 09:53:48 GMT
Etag: "9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0"
Cache-Control: max-age=523571,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751b0b2b2a1e1c0e-OSL

platform.bidgear.com/media/img/b15.png

104.26.3.107

200 OK

649 B

URL HTTP/2
platform.bidgear.com/media/img/b15.png
IP
104.26.3.107:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
649 B (649 bytes)
Hash
d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943

HTTP Headers

GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 426743
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBVEiMHXY1qkNWHUw%2B2AazzQOpBHUtm%2Fb1o9FHszLT5PlTryeFs9gOZxzIqVrC8EQnJLobXBwWFxfxql6Li9pgtY63UJaJAgmXJvvDq5IDwPVeVwKKoeSvCd2XYmmUwWXS8wSonw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b2b7bf0b505-OSL
X-Firefox-Spdy: h2

a.exdynsrv.com/ad-provider.js

205.185.216.10

200 OK

24 kB

URL HTTP/1.1
a.exdynsrv.com/ad-provider.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23727 bytes)
Hash
81ef2e5397caa335947731e7e737f5c3
6a05a4b2d22c13ad2692170510bc8685b16002bf
cec22380c4f1438b29077d202d0396a6ad32b41761ed51d968f1bfbdf2423378

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23727
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"d944899a6eb421496e94cbddc42"
X-HW: 1664353056.dop208.sk1.t,1664353056.cds209.sk1.shn,1664353056.dop208.sk1.t,1664353056.cds246.sk1.c
Access-Control-Allow-Origin: *, *

platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664353053932

104.26.3.107

200 OK

2.7 kB

URL HTTP/2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664353053932
IP
104.26.3.107:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Size
2.7 kB (2745 bytes)
Hash
0629d2e1f3439237510676ead3c3ab3a
523f3c44df94d25b6598ff0ea4e1a988d8ec9e0a
cbad36c96c13177aac9d28f3d0a1114c0e350005b6db4b70d10cb58b54dc1ac4

HTTP Headers

GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664353053932 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfSrU1nLcsUVxzbU5akZii8DFf7L6G9JGd%2Fy8mj5HxTM5KHU0OC5H3m8YTHagmIBvEMdA6wgba092CzKZPwrcP42yNALBCM%2BxeDdCnMK0JNOf%2B6%2Fym6H8c2VhQ1hUgiSVU%2BaH24N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b2a8abdb505-OSL
content-encoding: br
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/dS2hkeTkoBwofBj8BAEQOfVlVQQ9tAhcWVztVBht6egovSn45JTVMUCROEANddlhCFVglD1lfXCULWUgfKgwGRA1tHBQWUnYcABNVJwcDC1A6ThEYBCYHHhBVJwlBS39+RlRcC3tAHEgIblsmXAt7BA0XTDNNVklBc147Tw1uWyZcC3saElwKClFSVwliTV-ZJXi4LDxYceS5WSQh7WFVJCG5aVB9QOQ0CFkFuWiJAD2VYQgwEeg

143.204.42.171

200 OK

600 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/dS2hkeTkoBwofBj8BAEQOfVlVQQ9tAhcWVztVBht6egovSn45JTVMUCROEANddlhCFVglD1lfXCULWUgfKgwGRA1tHBQWUnYcABNVJwcDC1A6ThEYBCYHHhBVJwlBS39+RlRcC3tAHEgIblsmXAt7BA0XTDNNVklBc147Tw1uWyZcC3saElwKClFSVwliTV-ZJXi4LDxYceS5WSQh7WFVJCG5aVB9QOQ0CFkFuWiJAD2VYQgwEeg
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (834), with no line terminators
Size
600 B (600 bytes)
Hash
289a74dfbbe4db342b8cc7898719b291
7aae68a0cac37af3af756d2494e4714ff708b0e1
566370853e853c0d7a9491624becd1f04cda1333569a1e379ce390b61a19a5aa

HTTP Headers

GET /dS2hkeTkoBwofBj8BAEQOfVlVQQ9tAhcWVztVBht6egovSn45JTVMUCROEANddlhCFVglD1lfXCULWUgfKgwGRA1tHBQWUnYcABNVJwcDC1A6ThEYBCYHHhBVJwlBS39+RlRcC3tAHEgIblsmXAt7BA0XTDNNVklBc147Tw1uWyZcC3saElwKClFSVwliTV-ZJXi4LDxYceS5WSQh7WFVJCG5aVB9QOQ0CFkFuWiJAD2VYQgwEeg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatsheisaco.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 600
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HQDtTxwh3GeGh6T7uGMXV6lbQ4050MRcFiMaXKbYcTY29SGdYtGmLw==
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/QOTluSXRaVgAvS01QCnRDDw1ffUUfUx0mGkkEPiARS3g3fzEMfB0tUk1DCnREH1UPJxMEHwsnFwQISCgQWwRabwBJVgV0AF1TAiUbXksHOFJMWFMkG0NQAiUVHAsofFoJHFx5XEEIX2xHexxceRhQVxsxUQsJFnFCZg9abEd7HFx5Bk8cXQhNDxdeYFELCQ-ksF1JWS3syCwlfeUQICV9sRglfBzsRX1YWbEZ/AFhnRB9MU3g

143.204.42.171

200 OK

590 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/QOTluSXRaVgAvS01QCnRDDw1ffUUfUx0mGkkEPiARS3g3fzEMfB0tUk1DCnREH1UPJxMEHwsnFwQISCgQWwRabwBJVgV0AF1TAiUbXksHOFJMWFMkG0NQAiUVHAsofFoJHFx5XEEIX2xHexxceRhQVxsxUQsJFnFCZg9abEd7HFx5Bk8cXQhNDxdeYFELCQ-ksF1JWS3syCwlfeUQICV9sRglfBzsRX1YWbEZ/AFhnRB9MU3g
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (828), with no line terminators
Size
590 B (590 bytes)
Hash
6df704c3d1ca76918d3863e0f00a25b1
2ff3ef2a6364bedd9b6660604de991f966bcc37b
cc3969fe97f34d317645cdbda395e10729383cb5aaf2658a2dedef4e33a2bd25

HTTP Headers

GET /QOTluSXRaVgAvS01QCnRDDw1ffUUfUx0mGkkEPiARS3g3fzEMfB0tUk1DCnREH1UPJxMEHwsnFwQISCgQWwRabwBJVgV0AF1TAiUbXksHOFJMWFMkG0NQAiUVHAsofFoJHFx5XEEIX2xHexxceRhQVxsxUQsJFnFCZg9abEd7HFx5Bk8cXQhNDxdeYFELCQ-ksF1JWS3syCwlfeUQICV9sRglfBzsRX1YWbEZ/AFhnRB9MU3g HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatsheisaco.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 590
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5BmDPsQpPgZ138vA2pQZzlF0-SJUsH3l-2IBIQ6Uew_xSgx85daqLg==
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/ib3pLVWYMFSUzWRsTL2heWEx4ZF5JEDg6CB9HMic/HR4cPAoHLn0YXyERB3MSFR52ZUADGyUyW0kfJTZbXlwqMQRSTm0hFgARdiECBRYnOgEdEzpzEw5HJjocBhYnNENdPH57VkpIe30eXktuZiRKSHs5DwEPM3BUXwJzYzlZTm5mJEpIeycQSkkKbFBBSm-JwVF8dLjYNAF95E1RfS3tlV19LbmdWCRM5MAAAAm5nIFZMZWVAGkd6

143.204.42.171

200 OK

458 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/ib3pLVWYMFSUzWRsTL2heWEx4ZF5JEDg6CB9HMic/HR4cPAoHLn0YXyERB3MSFR52ZUADGyUyW0kfJTZbXlwqMQRSTm0hFgARdiECBRYnOgEdEzpzEw5HJjocBhYnNENdPH57VkpIe30eXktuZiRKSHs5DwEPM3BUXwJzYzlZTm5mJEpIeycQSkkKbFBBSm-JwVF8dLjYNAF95E1RfS3tlV19LbmdWCRM5MAAAAm5nIFZMZWVAGkd6
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (600), with no line terminators
Size
458 B (458 bytes)
Hash
8dc5d0da4dbb6c788df50d8e83fc1b2a
5cf4795a6f126b4b110e4deccda5835cd64e95cf
f715c6bb983b0b941974697d6ff2c6d4a677f81147de349e8a1698814057ffa7

HTTP Headers

GET /ib3pLVWYMFSUzWRsTL2heWEx4ZF5JEDg6CB9HMic/HR4cPAoHLn0YXyERB3MSFR52ZUADGyUyW0kfJTZbXlwqMQRSTm0hFgARdiECBRYnOgEdEzpzEw5HJjocBhYnNENdPH57VkpIe30eXktuZiRKSHs5DwEPM3BUXwJzYzlZTm5mJEpIeycQSkkKbFBBSm-JwVF8dLjYNAF95E1RfS3tlV19LbmdWCRM5MAAAAm5nIFZMZWVAGkd6 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatsheisaco.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 458
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z19s7Bbka2eT5GdmMBu7H3x-FVcR91NGsD42qbx8JJVM2MVgauIM7A==
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/ddThNZ1oWVyMBZQFRKVpjQQF1UW5TUj4INAUFDDJqH1sZERgvSy9ffAFCKVpqU1QsCT1IHigJOUgJawY+FwV5QS8UBSAIIBxUIQZ/R354SWpQCn1PIkQJaFQYUAp9CzMbTTVCaEVAdVEFQwxoVBhQCn0VLFALDF5sWwhkQmhFXygEMRodfyFoRQl9V2tFCW-hVahNRPwI8GkBoVRxMDmNXfAAFfA

143.204.42.171

200 OK

189 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/ddThNZ1oWVyMBZQFRKVpjQQF1UW5TUj4INAUFDDJqH1sZERgvSy9ffAFCKVpqU1QsCT1IHigJOUgJawY+FwV5QS8UBSAIIBxUIQZ/R354SWpQCn1PIkQJaFQYUAp9CzMbTTVCaEVAdVEFQwxoVBhQCn0VLFALDF5sWwhkQmhFXygEMRodfyFoRQl9V2tFCW-hVahNRPwI8GkBoVRxMDmNXfAAFfA
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
189 B (189 bytes)
Hash
95119e666cef8bd85a300452ece4d327
b27650d3c46562d15bbfa014cc1c5b8f0ed02b5b
fa19f95350e6683e73ca1873b476a4395f4f54e486202b3657c2981b3984006f

HTTP Headers

GET /ddThNZ1oWVyMBZQFRKVpjQQF1UW5TUj4INAUFDDJqH1sZERgvSy9ffAFCKVpqU1QsCT1IHigJOUgJawY+FwV5QS8UBSAIIBxUIQZ/R354SWpQCn1PIkQJaFQYUAp9CzMbTTVCaEVAdVEFQwxoVBhQCn0VLFALDF5sWwhkQmhFXygEMRodfyFoRQl9V2tFCW-hVahNRPwI8GkBoVRxMDmNXfAAFfA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hatsheisaco.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 189
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n6R7moLlfr0hXBh-mGHsSYSELfILACG3JVcNe6t0UNVcSVb1F_ThyA==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
173fcd5342ac62d5ae47a58bd4efec45
43e7bee3ae2630f431eb71277b0cda738068e2b6
e61014e02aa1c046c3a0f552e0fd2aade3d31714a63cfcd8d08eda3fb40c59cc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imp9.bidgear.com/rec?t=1&z=6192&uuid=2e270521d70f4c92b45778b0eb59673f&p=28&g=NO&token=4a44335432&tbg=1664353056

104.26.3.107

200 OK

599 B

URL HTTP/2
imp9.bidgear.com/rec?t=1&z=6192&uuid=2e270521d70f4c92b45778b0eb59673f&p=28&g=NO&token=4a44335432&tbg=1664353056
IP
104.26.3.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6192&uuid=2e270521d70f4c92b45778b0eb59673f&p=28&g=NO&token=4a44335432&tbg=1664353056 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rYTrujVGfTnfi19N8ANEJTy1JcifNjnawJS7J5pSXGKu%2FDrJ6BdrUSIFkEG%2FPAS7axr2P2knJjWrsyMi2Cp3KePHu%2BwfY%2B3nYMc%2BXmFpfk%2BDsxn0SsuvkXtdIDmgfYcRes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b2b7bfeb505-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Last-Modified: Wed, 28 Sep 2022 07:28:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 06:41:09 GMT
expires: Wed, 28 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 5787
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
173fcd5342ac62d5ae47a58bd4efec45
43e7bee3ae2630f431eb71277b0cda738068e2b6
e61014e02aa1c046c3a0f552e0fd2aade3d31714a63cfcd8d08eda3fb40c59cc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

hatsheisaco.xyz/utx?cb=EQYWmcAq24NI&top=megaup.net&tid=761186

143.204.55.30

204 No Content

0 B

URL HTTP/2
hatsheisaco.xyz/utx?cb=EQYWmcAq24NI&top=megaup.net&tid=761186
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=EQYWmcAq24NI&top=megaup.net&tid=761186 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:18:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O3xEBOwePg1YSE9_famGHFWx5LwMJT95KRaqq-d_X8Ai5xQT0hsrRw==
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

398 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Size
398 B (398 bytes)
Hash
0d71bf7ad699d538301b4e90d9e91db6
6a0524c2f370c6812e8f382a17a88d287dba638b
e087e36a14423e3cce2ab3687f0b3e40aee6baad609c83c1eefca48a3c3d4757

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:17:36 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S755440684%3A1664353056748861&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoykml_93am0Zmku_NWbzFOrfFXGojn27lVTms8Am-dTRY76O2F8xKgiLCJWwnGHwuKoyv7Hw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-lNJOxMu15DmCNcbRcnYJmg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:ieMPUuM9zDSC3Yj-6Z-ZJ5bc26EOvQ:3oGdpT69h_TDkxgB;Path=/;Expires=Fri, 27-Sep-2024 08:17:36 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

389 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size
389 B (389 bytes)
Hash
81347f414c60a7f2e36483978e174cd6
1f22549ca521e5276ee906e5bea76f15238f0f58
dbed4be1dadbe8a5fc86b3bdd3820419ee503657ff48674c0166a780ff90b399

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:17:36 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S184708438%3A1664353056765093&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoljHl43EiYmu3smyyTQ0QXH1qGTgEPbF1qv6YTL_eVLx6JDQt2glHaBAFhMVA_xB8-usjb4A
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-oGJsR22uVDS3P8Lf_xV74Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:N84r0nK6WnQh7rf7e4XTQVSMz_CoRg:nK_YLmMh41lO1zTv;Path=/;Expires=Fri, 27-Sep-2024 08:17:36 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hatsheisaco.xyz/utx?cb=xZ2ftKlz6gFl&top=megaup.net&tid=876318

143.204.55.30

204 No Content

0 B

URL HTTP/2
hatsheisaco.xyz/utx?cb=xZ2ftKlz6gFl&top=megaup.net&tid=876318
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=xZ2ftKlz6gFl&top=megaup.net&tid=876318 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:18:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kNrGrVbjGsmBP__DBkP0PZNoAtzkgnSJ9NJzAb23ylynk677DgdflQ==
X-Firefox-Spdy: h2

hatsheisaco.xyz/utx?cb=hO0YQf1xwYkQ&top=megaup.net&tid=764141

143.204.55.30

204 No Content

0 B

URL HTTP/2
hatsheisaco.xyz/utx?cb=hO0YQf1xwYkQ&top=megaup.net&tid=764141
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=hO0YQf1xwYkQ&top=megaup.net&tid=764141 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:18:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: We4lyTcAJLGcNxLZcdxzRmHtnvB5VMncDZNl43uEhdMBxZVHteTGbQ==
X-Firefox-Spdy: h2

hatsheisaco.xyz/utx?cb=Mv9K1qnEGp09&top=megaup.net&tid=825911

143.204.55.30

204 No Content

0 B

URL HTTP/2
hatsheisaco.xyz/utx?cb=Mv9K1qnEGp09&top=megaup.net&tid=825911
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=Mv9K1qnEGp09&top=megaup.net&tid=825911 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 28 Sep 2022 08:17:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 28 Sep 2022 08:18:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zsv_TnScUGjMh3nipk7-AmLIWEkcvUbEmYK_ioGAyQ8KAX2usTTMgg==
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/

143.204.42.171

200 OK

73 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399

HTTP Headers

GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 73
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AMGVTuVFI41L4LsNuSu-IMemmBy2YzGGFeeBN9liQF-tzD9jHfTTfg==
X-Firefox-Spdy: h2

syndication.exdynsrv.com/v1/api.php

95.211.229.246

200 OK

2.4 kB

URL HTTP/1.1
syndication.exdynsrv.com/v1/api.php
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with very long lines (5242), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
2ed1dcd97c43406fc4e7a60c76f32049
8a6f9db91c22df7cc785d59452a84b01dc08bef6
4a5741cbe07486050222280045e89e360016cb095f90a2fdc3b64adec813881a

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 290
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263340320c48866.981825853325912135%22%3B%7D; expires=Fri, 27-Sep-2024 08:17:36 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Last-Modified: Wed, 28 Sep 2022 07:28:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
cf4d1ef827b71ee69d1e8be3bd11881f
76d609cab8d3f56ed9a86c20ab36205dae82cac2
432faa36d729ed00fc79bc1c33da908b86df850fee389570476dc27390b557ac

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3254
Expires: Wed, 28 Sep 2022 09:11:50 GMT
Date: Wed, 28 Sep 2022 08:17:36 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 08:17:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megaup.net/2un2B/Pocket.Stables-GoldBerg.zip

91.209.70.182

200 OK

236 kB

URL HTTP/2
megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58554), with CRLF, LF line terminators
Size
236 kB (235840 bytes)
Hash
e0d40ea9ea2c07a09c546763b6af8459
e362042402110b5cbe4b9afb6dbe1eda2848da58
bb71e923fb9bf9883003658d80ce4608354b9daf085a7a7ddf4a05e1ec750b21

HTTP Headers

GET /2un2B/Pocket.Stables-GoldBerg.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8ihfYIUlX+rHffisoHmD6MX65CCoo1OHtmcXFFAl5VCoxMTtJOVm+E5w1nUNk0aXIAlvUwYfHJ0L5Nl7Xr/flMj7prpDIWIogswRkiwQiNEe6Kt2KlclIHlxiylRnoEyYB2DPFhFRjczCl+f7w3XChDPuJ2mZmLl873tiKHXEWJuLbrmjDk891R5787X0nfj/RbliEZND9q/BoAgG40lvBThNeIzXj59LI2/067P0QyFQAZlybc2jQmve6sDYLFRL1hSj9LaNln8B5OUE/lQBAAA=

95.211.229.246

200 OK

20 B

URL HTTP/1.1
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8ihfYIUlX+rHffisoHmD6MX65CCoo1OHtmcXFFAl5VCoxMTtJOVm+E5w1nUNk0aXIAlvUwYfHJ0L5Nl7Xr/flMj7prpDIWIogswRkiwQiNEe6Kt2KlclIHlxiylRnoEyYB2DPFhFRjczCl+f7w3XChDPuJ2mZmLl873tiKHXEWJuLbrmjDk891R5787X0nfj/RbliEZND9q/BoAgG40lvBThNeIzXj59LI2/067P0QyFQAZlybc2jQmve6sDYLFRL1hSj9LaNln8B5OUE/lQBAAA=
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8ihfYIUlX+rHffisoHmD6MX65CCoo1OHtmcXFFAl5VCoxMTtJOVm+E5w1nUNk0aXIAlvUwYfHJ0L5Nl7Xr/flMj7prpDIWIogswRkiwQiNEe6Kt2KlclIHlxiylRnoEyYB2DPFhFRjczCl+f7w3XChDPuJ2mZmLl873tiKHXEWJuLbrmjDk891R5787X0nfj/RbliEZND9q/BoAgG40lvBThNeIzXj59LI2/067P0QyFQAZlybc2jQmve6sDYLFRL1hSj9LaNln8B5OUE/lQBAAA= HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263340320c48866.981825853325912135%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 08:17:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263340320c48866.981825853325912135%22%3B%7D; expires=Fri, 27 Sep 2024 08:17:36 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%2263340320c48866.981825853325912135%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Fri, 27 Sep 2024 08:17:36 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

accounts.google.com/v3/signin/identifier?dsh=S184708438%3A1664353056765093&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoljHl43EiYmu3smyyTQ0QXH1qGTgEPbF1qv6YTL_eVLx6JDQt2glHaBAFhMVA_xB8-usjb4A

216.58.207.237

403 Forbidden

806 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S184708438%3A1664353056765093&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoljHl43EiYmu3smyyTQ0QXH1qGTgEPbF1qv6YTL_eVLx6JDQt2glHaBAFhMVA_xB8-usjb4A
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size
806 B (806 bytes)
Hash
c92cca5763f9e64055a2864c038a756e
35dfca430acc5fc69166df34190634aa4f548e88
dcde4e58a23c06ec69a1f8ca1ffe0abefb0802619c1341bcfce507d5cea75653

HTTP Headers

GET /v3/signin/identifier?dsh=S184708438%3A1664353056765093&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoljHl43EiYmu3smyyTQ0QXH1qGTgEPbF1qv6YTL_eVLx6JDQt2glHaBAFhMVA_xB8-usjb4A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:17:36 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-deYFxDmHkkLGNkfZkkZmJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=KwhLc2ud1Sqne3OBeAeDP9Tl2Mp8Poz4OTxUkZbDpHWm9be4ox040FRFCBB4YwdbZquZROGdMnbgplqqznybbMdedQihzAwmwUjEb7W3xhtLFzpMLisagNoU279hwhXiHvwZzRnM3DwD2KNA4tBF6FGfaOsKddziYWcEd8G6CrU; expires=Thu, 30-Mar-2023 08:17:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg

185.76.9.19

200 OK

19 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg
IP
185.76.9.19:0
ASN
#60068 Datacamp Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
19 kB (18807 bytes)
Hash
2f1ee77f4701e8d6b0258466d99fc010
afd0544e028fe06635d1d3c51cd1eef2a7c975a8
8d0328ae01c3531184b0a2376386caa4c9275747e5037d85be6ff0e06ffeda43

HTTP Headers

GET /library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:37 GMT
content-type: image/jpeg
content-length: 18807
last-modified: Wed, 26 May 2021 05:14:02 GMT
etag: "60add91a-4977"
expires: Sat, 29 Jul 2023 23:25:57 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690680215
server: CDN77-Turbo
x-77-nzt: AblMCQ13RcL/CntPAA
x-77-nzt-ray: cb6h3hm7WDU
x-cache: HIT
x-age: 5208842
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.200.35

200 OK

12 kB

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
data
Size
12 kB (11993 bytes)
Hash
01c7576980e68147c406dd7fc0c5a490
eb58826c0bd1be3da821386861db7926dc534fdf
fcceb1b3127a38e03fb1031f4c2a462a1ceda99ef964e8a0c513899e82a4a66a

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: UJhtdSmLxhZjn/qrZ0f+HPPevoS63erY5ElISgmZTXMHnXqhlbFK6ku7L2f/OW7McVldb3HjwgZ8o+V6OoSPXw==
date: Wed, 28 Sep 2022 08:17:36 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff

91.209.70.182

200 OK

32 kB

URL HTTP/2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Size
32 kB (31568 bytes)
Hash
e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af

HTTP Headers

GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:37 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

hatsheisaco.xyz/floater?cs=OGtPRTEAXHdwBAtSfHEGCVN9dgU&abt=0&red=1&sm=83&k=download%20file%20pocket%20stables%20goldberg&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=94209342636032&agec=1664353056&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=128.86597938144328&ref=https%3A%2F%2Fmegaup.net%2F2un2B%2FPocket.Stables-GoldBerg.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_KE6f=1664353054630&crc=1

143.204.55.30

200 OK

5.5 kB

URL HTTP/2
hatsheisaco.xyz/floater?cs=OGtPRTEAXHdwBAtSfHEGCVN9dgU&abt=0&red=1&sm=83&k=download%20file%20pocket%20stables%20goldberg&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=94209342636032&agec=1664353056&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=128.86597938144328&ref=https%3A%2F%2Fmegaup.net%2F2un2B%2FPocket.Stables-GoldBerg.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_KE6f=1664353054630&crc=1
IP
143.204.55.30:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8687), with no line terminators
Size
5.5 kB (5538 bytes)
Hash
1b0f8743a4d62141c9ccef96d6689984
a31fe04d13f510c4d37b5bfe5ce9bf4d20a002ac
839d2a879b469628abad904208c2d54e2e9cf51a7df331912351314518d0a378

HTTP Headers

GET /floater?cs=OGtPRTEAXHdwBAtSfHEGCVN9dgU&abt=0&red=1&sm=83&k=download%20file%20pocket%20stables%20goldberg&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=94209342636032&agec=1664353056&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=128.86597938144328&ref=https%3A%2F%2Fmegaup.net%2F2un2B%2FPocket.Stables-GoldBerg.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_KE6f=1664353054630&crc=1 HTTP/1.1
Host: hatsheisaco.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
content-length: 5538
date: Wed, 28 Sep 2022 08:17:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b5ea1779-feb9-4479-aeaa-d98aed0223b5
csu=94209342636032
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JuH655wrh-6c_pXLv0gqwYV5NRaoNFyv_W84Lk3lEmpW-J3W7l0KoA==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12422
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:17:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12422
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:17:37 GMT
Connection: keep-alive

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

103 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
103 kB (102903 bytes)
Hash
c7e6561fe621c48a16046f33a7dc8119
4fe6e4c43bec577c2b1bcb220a2ef2a61e8550fa
6bd4b892404ca79160cb776aa70ad0305373c2c22225b5a638c1f1cec849dce2

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 333
last-modified: Wed, 28 Sep 2022 08:12:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XItia5geJ1z9LllpoogH9GLI8jeE6QEncciROcNzEQVyfjgAsXJz5zB9fVUGPfKTgglZ54EA9e0sBb45zxEuVA0bnYkuDcoW6oGLBfjJlYfsM%2F9JshE6YILQns0PBoAw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b2cbcf972f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12422
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 08:17:37 GMT
Connection: keep-alive

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

108 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
108 kB (107777 bytes)
Hash
1196a97f7cf328f6a8cd3cd6ae73b197
953351a2ac4d62ed75fcbe1f088ab54632046125
b08922b8d3b17e0346ae64a72f92fd24b9614d9f978b21446c4f27df6d4dd64a

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 333
last-modified: Wed, 28 Sep 2022 08:12:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BnSlhohC%2FFxbIh6QCBg%2BBcragVUyP7LNSzMwMnR0ackt%2Fcf%2Fd%2FftpGOkjDMnZ1e02K4fqWwy%2Flu8GPV5%2BQ2Q1p22mOtEQKHF7tMEByWOV5hyYj0PPVxfCY6J0jpvYMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b2cdd1d72f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

112 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
112 kB (111714 bytes)
Hash
46cb101d90258ec53977578d05cc3491
50279d0f8e1a05f5645fd13684a3694a42702fe2
c44ed4c706d8d87aa827f49c77d0fd78bfb62f32f94ec28cac320d1117dc30c9

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 333
last-modified: Wed, 28 Sep 2022 08:12:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qk68aHV7CMN30Rx1Z2E6DMoUqo9I2ZCH4c5RyQ%2FLJM6cI30Mzkufe9uTI%2FZExDl5VIbJIiglJK71KDdpi5HnnG6wwhQCf6EHhp%2FT0guuj5QTAf1zB1T9v89%2BTNtLAKUO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b2cdd2172f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 37834
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 36507
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6157 bytes)
Hash
b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:24:38 GMT
age: 3179
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 38208
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=h1_ZXGbciu3FDnHKrzzqcFJvk5YBHEqks8klk5cgJTbNFK9PO_pkrQZ8f-bms4x7tDzXvqWB84NDNx6-hya77zMS8CTVjL2KQfc2_nQ0UtTT1KVddsTgcj1_U1WH0zWHuHAEf3ehjulApjvFBThwx5-Fjs5mY2ITPQymS7f7Bj34fhTfiB2zUZlcdLV12ZMUp6S71KUp4KUCVXmlF_qD7pL-7Ke_TXyW90rvzJZMSncP_arBLGMnKBk-usa1NfYVc5kvzgfO1Lw0JxyBWJppafG3dqK3pG_vXtcc8BEzzAEOtSZBbAUAL9_ASUeP7nn8gz-jp5-ZJRz35vnM5dpssaNGk9QCFniyuJ5LlQPZQNk9SbdRPi6fq120KkG6W6NcDirp0GEJ0dgonZlxBt78hb7HUb5iZT-aGaM-k6yWdMDHbs5gif80t7-wZJfUz95FBXySfe3olyS1lHwTWeijU5pcX5YVUiYg6PqALaIqKQAFwwAOwoTBJrNQg9N8tCzN9wPtnywV4GMa8qvPfsaFII8qTi5NZOxnQucBu4ayvLeexUf920mAiZ5d8olclxltS6J0DBdEITjgrrUoH_p2jE-1XtdanUAruq_IYx_bPKu7NjpgVkfmh4m6tFR5_rO8gVW5gFVeIO_PvXrnzXAG9FSvQ189AwdbAF-5gYxHM3cRSQAJ2MpeTMpR9suju7sF43KuVB5U8JbRelhdiPNVql9j4ioio2MDsXNRbEfy8LVyYlWlopAbbi0ur6T640qdbPLWuybNJegMVRUkTKa-0TF1Z0TyVBDcT-WYtiKjaO4un8ZuSF58lkqHu9DAvWgh2HaSMCtw7bDIt26iBj555YLd1yKR0CUO_RTRTgrMMhr_ZzEsVu3osr7IyEQKzYi8dkHoynXJKm58KnClTNa3OGz9W-ul4uC4NT22gZCLZQQYHe8UzRxoVT2htQ82sYvW0oNAFlzlmP_7Y9tEbl-0sbZtwAZHlalHYGN4hy-dpEVQbXZ0KDLyh1XOSRlA26MfL5DpifiVBqiY&rd=vl5AKvc-Fe-dqRDRx7xpFkluFroRjzTrUb3bfAymSOti2TwEPwCRl6fGrBssjG2Ea35SlUdrXcrBVz86SI1hLrI5V4dGGo_Jw8kp9DH07snq8eVDWoqzDgDPCDWyighNhVAii_Dv2h8NWOiFlgKhTck=

62.122.171.12

302 Found

108 B

URL HTTP/2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=h1_ZXGbciu3FDnHKrzzqcFJvk5YBHEqks8klk5cgJTbNFK9PO_pkrQZ8f-bms4x7tDzXvqWB84NDNx6-hya77zMS8CTVjL2KQfc2_nQ0UtTT1KVddsTgcj1_U1WH0zWHuHAEf3ehjulApjvFBThwx5-Fjs5mY2ITPQymS7f7Bj34fhTfiB2zUZlcdLV12ZMUp6S71KUp4KUCVXmlF_qD7pL-7Ke_TXyW90rvzJZMSncP_arBLGMnKBk-usa1NfYVc5kvzgfO1Lw0JxyBWJppafG3dqK3pG_vXtcc8BEzzAEOtSZBbAUAL9_ASUeP7nn8gz-jp5-ZJRz35vnM5dpssaNGk9QCFniyuJ5LlQPZQNk9SbdRPi6fq120KkG6W6NcDirp0GEJ0dgonZlxBt78hb7HUb5iZT-aGaM-k6yWdMDHbs5gif80t7-wZJfUz95FBXySfe3olyS1lHwTWeijU5pcX5YVUiYg6PqALaIqKQAFwwAOwoTBJrNQg9N8tCzN9wPtnywV4GMa8qvPfsaFII8qTi5NZOxnQucBu4ayvLeexUf920mAiZ5d8olclxltS6J0DBdEITjgrrUoH_p2jE-1XtdanUAruq_IYx_bPKu7NjpgVkfmh4m6tFR5_rO8gVW5gFVeIO_PvXrnzXAG9FSvQ189AwdbAF-5gYxHM3cRSQAJ2MpeTMpR9suju7sF43KuVB5U8JbRelhdiPNVql9j4ioio2MDsXNRbEfy8LVyYlWlopAbbi0ur6T640qdbPLWuybNJegMVRUkTKa-0TF1Z0TyVBDcT-WYtiKjaO4un8ZuSF58lkqHu9DAvWgh2HaSMCtw7bDIt26iBj555YLd1yKR0CUO_RTRTgrMMhr_ZzEsVu3osr7IyEQKzYi8dkHoynXJKm58KnClTNa3OGz9W-ul4uC4NT22gZCLZQQYHe8UzRxoVT2htQ82sYvW0oNAFlzlmP_7Y9tEbl-0sbZtwAZHlalHYGN4hy-dpEVQbXZ0KDLyh1XOSRlA26MfL5DpifiVBqiY&rd=vl5AKvc-Fe-dqRDRx7xpFkluFroRjzTrUb3bfAymSOti2TwEPwCRl6fGrBssjG2Ea35SlUdrXcrBVz86SI1hLrI5V4dGGo_Jw8kp9DH07snq8eVDWoqzDgDPCDWyighNhVAii_Dv2h8NWOiFlgKhTck=
IP
62.122.171.12:0
ASN
#50245 Serverel Inc.

File type
HTML document, ASCII text
Size
108 B (108 bytes)
Hash
022a95cacd9f3720430e1eb4fe87c905
d83c5db5fc6dbdc5893f3f500476188192467a45
6a5340804ff6302bc8a5761fbefccbc3624b9e6307a4d80a95c8a9b9eee68a4e

HTTP Headers

GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=h1_ZXGbciu3FDnHKrzzqcFJvk5YBHEqks8klk5cgJTbNFK9PO_pkrQZ8f-bms4x7tDzXvqWB84NDNx6-hya77zMS8CTVjL2KQfc2_nQ0UtTT1KVddsTgcj1_U1WH0zWHuHAEf3ehjulApjvFBThwx5-Fjs5mY2ITPQymS7f7Bj34fhTfiB2zUZlcdLV12ZMUp6S71KUp4KUCVXmlF_qD7pL-7Ke_TXyW90rvzJZMSncP_arBLGMnKBk-usa1NfYVc5kvzgfO1Lw0JxyBWJppafG3dqK3pG_vXtcc8BEzzAEOtSZBbAUAL9_ASUeP7nn8gz-jp5-ZJRz35vnM5dpssaNGk9QCFniyuJ5LlQPZQNk9SbdRPi6fq120KkG6W6NcDirp0GEJ0dgonZlxBt78hb7HUb5iZT-aGaM-k6yWdMDHbs5gif80t7-wZJfUz95FBXySfe3olyS1lHwTWeijU5pcX5YVUiYg6PqALaIqKQAFwwAOwoTBJrNQg9N8tCzN9wPtnywV4GMa8qvPfsaFII8qTi5NZOxnQucBu4ayvLeexUf920mAiZ5d8olclxltS6J0DBdEITjgrrUoH_p2jE-1XtdanUAruq_IYx_bPKu7NjpgVkfmh4m6tFR5_rO8gVW5gFVeIO_PvXrnzXAG9FSvQ189AwdbAF-5gYxHM3cRSQAJ2MpeTMpR9suju7sF43KuVB5U8JbRelhdiPNVql9j4ioio2MDsXNRbEfy8LVyYlWlopAbbi0ur6T640qdbPLWuybNJegMVRUkTKa-0TF1Z0TyVBDcT-WYtiKjaO4un8ZuSF58lkqHu9DAvWgh2HaSMCtw7bDIt26iBj555YLd1yKR0CUO_RTRTgrMMhr_ZzEsVu3osr7IyEQKzYi8dkHoynXJKm58KnClTNa3OGz9W-ul4uC4NT22gZCLZQQYHe8UzRxoVT2htQ82sYvW0oNAFlzlmP_7Y9tEbl-0sbZtwAZHlalHYGN4hy-dpEVQbXZ0KDLyh1XOSRlA26MfL5DpifiVBqiY&rd=vl5AKvc-Fe-dqRDRx7xpFkluFroRjzTrUb3bfAymSOti2TwEPwCRl6fGrBssjG2Ea35SlUdrXcrBVz86SI1hLrI5V4dGGo_Jw8kp9DH07snq8eVDWoqzDgDPCDWyighNhVAii_Dv2h8NWOiFlgKhTck= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 08:17:39 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

62.122.171.12

302 Found

108 B

URL HTTP/2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=h1_ZXGbciu3FDnHKrzzqcFJvk5YBHEqks8klk5cgJTbNFK9PO_pkrQZ8f-bms4x7tDzXvqWB84NDNx6-hya77zMS8CTVjL2KQfc2_nQ0UtTT1KVddsTgcj1_U1WH0zWHuHAEf3ehjulApjvFBThwx5-Fjs5mY2ITPQymS7f7Bj34fhTfiB2zUZlcdLV12ZMUp6S71KUp4KUCVXmlF_qD7pL-7Ke_TXyW90rvzJZMSncP_arBLGMnKBk-usa1NfYVc5kvzgfO1Lw0JxyBWJppafG3dqK3pG_vXtcc8BEzzAEOtSZBbAUAL9_ASUeP7nn8gz-jp5-ZJRz35vnM5dpssaNGk9QCFniyuJ5LlQPZQNk9SbdRPi6fq120KkG6W6NcDirp0GEJ0dgonZlxBt78hb7HUb5iZT-aGaM-k6yWdMDHbs5gif80t7-wZJfUz95FBXySfe3olyS1lHwTWeijU5pcX5YVUiYg6PqALaIqKQAFwwAOwoTBJrNQg9N8tCzN9wPtnywV4GMa8qvPfsaFII8qTi5NZOxnQucBu4ayvLeexUf920mAiZ5d8olclxltS6J0DBdEITjgrrUoH_p2jE-1XtdanUAruq_IYx_bPKu7NjpgVkfmh4m6tFR5_rO8gVW5gFVeIO_PvXrnzXAG9FSvQ189AwdbAF-5gYxHM3cRSQAJ2MpeTMpR9suju7sF43KuVB5U8JbRelhdiPNVql9j4ioio2MDsXNRbEfy8LVyYlWlopAbbi0ur6T640qdbPLWuybNJegMVRUkTKa-0TF1Z0TyVBDcT-WYtiKjaO4un8ZuSF58lkqHu9DAvWgh2HaSMCtw7bDIt26iBj555YLd1yKR0CUO_RTRTgrMMhr_ZzEsVu3osr7IyEQKzYi8dkHoynXJKm58KnClTNa3OGz9W-ul4uC4NT22gZCLZQQYHe8UzRxoVT2htQ82sYvW0oNAFlzlmP_7Y9tEbl-0sbZtwAZHlalHYGN4hy-dpEVQbXZ0KDLyh1XOSRlA26MfL5DpifiVBqiY&rd=vl5AKvc-Fe-dqRDRx7xpFkluFroRjzTrUb3bfAymSOti2TwEPwCRl6fGrBssjG2Ea35SlUdrXcrBVz86SI1hLrI5V4dGGo_Jw8kp9DH07snq8eVDWoqzDgDPCDWyighNhVAii_Dv2h8NWOiFlgKhTck=
IP
62.122.171.12:0
ASN
#50245 Serverel Inc.

File type
HTML document, ASCII text
Size
108 B (108 bytes)
Hash
022a95cacd9f3720430e1eb4fe87c905
d83c5db5fc6dbdc5893f3f500476188192467a45
6a5340804ff6302bc8a5761fbefccbc3624b9e6307a4d80a95c8a9b9eee68a4e

HTTP Headers

GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=h1_ZXGbciu3FDnHKrzzqcFJvk5YBHEqks8klk5cgJTbNFK9PO_pkrQZ8f-bms4x7tDzXvqWB84NDNx6-hya77zMS8CTVjL2KQfc2_nQ0UtTT1KVddsTgcj1_U1WH0zWHuHAEf3ehjulApjvFBThwx5-Fjs5mY2ITPQymS7f7Bj34fhTfiB2zUZlcdLV12ZMUp6S71KUp4KUCVXmlF_qD7pL-7Ke_TXyW90rvzJZMSncP_arBLGMnKBk-usa1NfYVc5kvzgfO1Lw0JxyBWJppafG3dqK3pG_vXtcc8BEzzAEOtSZBbAUAL9_ASUeP7nn8gz-jp5-ZJRz35vnM5dpssaNGk9QCFniyuJ5LlQPZQNk9SbdRPi6fq120KkG6W6NcDirp0GEJ0dgonZlxBt78hb7HUb5iZT-aGaM-k6yWdMDHbs5gif80t7-wZJfUz95FBXySfe3olyS1lHwTWeijU5pcX5YVUiYg6PqALaIqKQAFwwAOwoTBJrNQg9N8tCzN9wPtnywV4GMa8qvPfsaFII8qTi5NZOxnQucBu4ayvLeexUf920mAiZ5d8olclxltS6J0DBdEITjgrrUoH_p2jE-1XtdanUAruq_IYx_bPKu7NjpgVkfmh4m6tFR5_rO8gVW5gFVeIO_PvXrnzXAG9FSvQ189AwdbAF-5gYxHM3cRSQAJ2MpeTMpR9suju7sF43KuVB5U8JbRelhdiPNVql9j4ioio2MDsXNRbEfy8LVyYlWlopAbbi0ur6T640qdbPLWuybNJegMVRUkTKa-0TF1Z0TyVBDcT-WYtiKjaO4un8ZuSF58lkqHu9DAvWgh2HaSMCtw7bDIt26iBj555YLd1yKR0CUO_RTRTgrMMhr_ZzEsVu3osr7IyEQKzYi8dkHoynXJKm58KnClTNa3OGz9W-ul4uC4NT22gZCLZQQYHe8UzRxoVT2htQ82sYvW0oNAFlzlmP_7Y9tEbl-0sbZtwAZHlalHYGN4hy-dpEVQbXZ0KDLyh1XOSRlA26MfL5DpifiVBqiY&rd=vl5AKvc-Fe-dqRDRx7xpFkluFroRjzTrUb3bfAymSOti2TwEPwCRl6fGrBssjG2Ea35SlUdrXcrBVz86SI1hLrI5V4dGGo_Jw8kp9DH07snq8eVDWoqzDgDPCDWyighNhVAii_Dv2h8NWOiFlgKhTck= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 08:17:39 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

cdn.pncloudfl.com/pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg

172.67.25.161

200 OK

3.3 kB

URL HTTP/2
cdn.pncloudfl.com/pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg
IP
172.67.25.161:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.3 kB (3310 bytes)
Hash
08cbcae432e7e9ae625966004a149b37
039d163adb8f2e85c67bbb5ee60a6a87af85cde5
4ca10713b3a32298e406f966879a8fd59c198479cae2bd4008fa58c33092d39a

HTTP Headers

GET /pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:39 GMT
content-type: image/webp
content-length: 3310
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5912
content-disposition: inline; filename="3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.webp"
etag: 0a9c3bcc55125dbc4b43809747567310
expires: Thu, 29 Sep 2022 22:04:09 GMT
last-modified: Fri, 14 Jan 2022 13:46:01 GMT
vary: Accept
x-openstack-request-id: tx88da71cc9b214abfb87c3-0061e18331
x-proxy-cache: HIT
x-timestamp: 1642167960.59843
x-trans-id: tx88da71cc9b214abfb87c3-0061e18331
cf-cache-status: HIT
age: 36810
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 751b0b403b960b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff

91.209.70.182

200 OK

32 kB

URL HTTP/2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type
Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Size
32 kB (31900 bytes)
Hash
1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825

HTTP Headers

GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:42 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc067c1aaba7eba7c32f4141cd6976e2
5559e9678695e42300ce8322c6034fc1d5a318f1
12328a79b8a321bbf0182d27ebe91a595ed1930e46898d9599a3ee1c0f8b91b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12328A79B8A321BBF0182D27EBE91A595ED1930E46898D9599A3EE1C0F8B91B2"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3369
Expires: Wed, 28 Sep 2022 09:13:52 GMT
Date: Wed, 28 Sep 2022 08:17:43 GMT
Connection: keep-alive

agagraveleran.com/icon?ctx=Iure7DEwqMsXReJ9LbgqV4DU65mVm3BRo3Tc7j7Jif-a9Ig30RHFssQ4GfWGkdHiSodH6EcfSQzXHi3Z_ZjlLh1PykaJWiGDYjmgVndZ277mUgPVCx6HHeJzVCzYdy6BsM4R_UGvNqy0_sFC6DE7ty8GTBeyR6cfageIgLWNG9G2a22SyXrguMXIvuHso5-Qc33y2d4En33lno09vaGUzvzqZOCrtR18apZ94d7tZmvtDs4O-I2nhJ5S_yT0JysJ&z=3324887

139.45.195.6

301 Moved Permanently

0 B

URL HTTP/1.1
agagraveleran.com/icon?ctx=Iure7DEwqMsXReJ9LbgqV4DU65mVm3BRo3Tc7j7Jif-a9Ig30RHFssQ4GfWGkdHiSodH6EcfSQzXHi3Z_ZjlLh1PykaJWiGDYjmgVndZ277mUgPVCx6HHeJzVCzYdy6BsM4R_UGvNqy0_sFC6DE7ty8GTBeyR6cfageIgLWNG9G2a22SyXrguMXIvuHso5-Qc33y2d4En33lno09vaGUzvzqZOCrtR18apZ94d7tZmvtDs4O-I2nhJ5S_yT0JysJ&z=3324887
IP
139.45.195.6:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /icon?ctx=Iure7DEwqMsXReJ9LbgqV4DU65mVm3BRo3Tc7j7Jif-a9Ig30RHFssQ4GfWGkdHiSodH6EcfSQzXHi3Z_ZjlLh1PykaJWiGDYjmgVndZ277mUgPVCx6HHeJzVCzYdy6BsM4R_UGvNqy0_sFC6DE7ty8GTBeyR6cfageIgLWNG9G2a22SyXrguMXIvuHso5-Qc33y2d4En33lno09vaGUzvzqZOCrtR18apZ94d7tZmvtDs4O-I2nhJ5S_yT0JysJ&z=3324887 HTTP/1.1
Host: agagraveleran.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 08:17:43 GMT
Content-Length: 0
Connection: keep-alive
Location: https://outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6eafbe8ef8a5663320194d6c4e176d01
06a01d938c3a7ad3843e9f6e649f17a344ec0fdc
c5262a6c5620d1c43aacfc9c6f8aa945efb2f90eeaee6e91e55387ace48fa7c6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C5262A6C5620D1C43AACFC9C6F8AA945EFB2F90EEAEE6E91E55387ACE48FA7C6"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3556
Expires: Wed, 28 Sep 2022 09:16:59 GMT
Date: Wed, 28 Sep 2022 08:17:43 GMT
Connection: keep-alive

outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg

172.67.12.156

200 OK

23 kB

URL HTTP/2
outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg
IP
172.67.12.156:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
23 kB (23018 bytes)
Hash
7a555faea541a27da9de79a0e67abf9b
c6650bdf11a8badb1f4ea8eff3003928c5df877f
170b360c4605bbcc8939aa230ff5bb5d274bb6163e50cf47c6e00d3284e4c01e

HTTP Headers

GET /www/images/7a555faea541a27da9de79a0e67abf9b.jpeg HTTP/1.1
Host: outsimiseara.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:43 GMT
content-type: image/jpeg
content-length: 23018
cache-control: max-age=86400
cf-bgj: h2pri
etag: "5e240fa2-59ea"
expires: Wed, 28 Sep 2022 10:07:10 GMT
last-modified: Sun, 19 Jan 2020 08:13:22 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 79833
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b5969b9b51d-OSL
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/css/colors/flow.css

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/css/responsive.css

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery-ui.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery-ui.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.dataTables.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/custom/custom.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/clipboardjs/clipboard.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/sw.js?dXZlV28uVF1kXUNFVnVDV1RJdQlBElxiXhASSGRfRU9IY1dCEEhvCUNDSG9eF08EYFgQR1A0CVdaR2FfRUUBbgtBW1w0CkBbUTVeQ1sHYlxFW11kV0ZEBmUKRxNcNU1ZVBYgTVlUFjgMHBMRPgESGAR5BhsQCnVDV09LZU1ZEAQ7HBBaAzYDBhM4

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/sw.js?dXZlV28uVF1kXUNFVnVDV1RJdQlBElxiXhASSGRfRU9IY1dCEEhvCUNDSG9eF08EYFgQR1A0CVdaR2FfRUUBbgtBW1w0CkBbUTVeQ1sHYlxFW11kV0ZEBmUKRxNcNU1ZVBYgTVlUFjgMHBMRPgESGAR5BhsQCnVDV09LZU1ZEAQ7HBBaAzYDBhM4
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js?dXZlV28uVF1kXUNFVnVDV1RJdQlBElxiXhASSGRfRU9IY1dCEEhvCUNDSG9eF08EYFgQR1A0CVdaR2FfRUUBbgtBW1w0CkBbUTVeQ1sHYlxFW11kV0ZEBmUKRxNcNU1ZVBYgTVlUFjgMHBMRPgESGAR5BhsQCnVDV09LZU1ZEAQ7HBBaAzYDBhM4 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.199.35

200 OK

0 B

URL HTTP/2
pogothere.xyz/
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: text/plain
set-cookie: csu=405276199407350@1@1664353056; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6VvcIsr6t3Nkug2ZUX%2F6an%2Flq3UyqfvRU%2FbYeDc1mgb6tb8dop1rrsGcaGBcWq2nDV5DXZ%2F3%2BEYN8gbBOEFM54NOofiH0GoeYBFPLCGPRyFv%2FphOCrRydhb9ixxg5f5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751b0b2ced2d72f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 333
last-modified: Wed, 28 Sep 2022 08:12:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0omdjziYyXaF9GdlHRvplz4nliaiofEHel%2BDHy4gRgfO2PWK9wglG%2FsEPl7ZVPjrWGwDMVF3v1zYyNVGAHEk2nrYp9RUQVxNcRAk2IjwW03J%2BCHf5oSKIEojtbj7UDzy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751b0b2ccd1172f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.tmpl.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-resize.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.iframe-transport.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/jquery.fileupload.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/global.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/global.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:36 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/sw.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/sw.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/retina/retina.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/gauge.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S755440684%3A1664353056748861&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoykml_93am0Zmku_NWbzFOrfFXGojn27lVTms8Am-dTRY76O2F8xKgiLCJWwnGHwuKoyv7Hw

216.58.207.237

403 Forbidden

0 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S755440684%3A1664353056748861&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoykml_93am0Zmku_NWbzFOrfFXGojn27lVTms8Am-dTRY76O2F8xKgiLCJWwnGHwuKoyv7Hw
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/signin/identifier?dsh=S755440684%3A1664353056748861&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoykml_93am0Zmku_NWbzFOrfFXGojn27lVTms8Am-dTRY76O2F8xKgiLCJWwnGHwuKoyv7Hw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 08:17:36 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-hU9iRRMX7rPpiplbE8Lbhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=meNWdjL_esuM1YOHfym8RXEqEVkHtJ3VAIPzTER49uekYd5kCz1_GH3wzUyjihBwZPQtK28BsvDPdpDhn-Do0J33M7lTDi8aLH7HrnU00YJN447pUWn3jkP2bQ_xV_cmj8lBIqbMMLGx11_SM2SMk37Njx6ov_5V978k3HSQvWI; expires=Thu, 30-Mar-2023 08:17:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/?kzmmd=761186

143.204.42.171

200 OK

0 B

URL HTTP/2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
143.204.42.171:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 188771
date: Wed, 28 Sep 2022 08:17:36 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xo1pTdTWNzIqiTq6B4NYUpWgsg0F-8_ghOobUPrUKi75zsfQd9kg5Q==
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/load-image.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/js/load-image.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js

91.209.70.182

200 OK

0 B

URL HTTP/2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
91.209.70.182:0
ASN
#43317 FNK LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2un2B/Pocket.Stables-GoldBerg.zip
Connection: keep-alive
Cookie: cf_clearance=.WVFMvFpLibAcnBIhc5LoaNzdDgIkfHeaFSSeKDT6mw-1664347159-0-150; filehosting=fr5nr3q4t0bvorg5jnu91elni5; _ga=GA1.2.1462319565.1664347160; _gid=GA1.2.190544916.1664347160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 08:17:35 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations