Report - megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar

Report Overview

URL

megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
IP

91.209.70.182

ASN

#43317 FNK LLC
Submitted

2023-05-07T04:55:46Z

Access

public
Tags

suspicious
urlquery detections

Suspicious - Suspicious Javascript code

Detections

urlquery

7
Network Intrusion Detection

0
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
keydawnawe.com (1)	586690	2020-10-08 16:33:32	2023-05-06 10:06:03	404	1507	172.255.6.95
altowriestwispy.com (1)	951913	2021-02-24 11:44:10	2023-05-06 10:06:03	409	1506	172.255.6.128
dmmzkfd82wayn.cloudfront.net (7)	unknown	2021-03-18 18:00:47	2023-05-06 10:06:03	4189	193991	54.230.245.57
parrecleftne.xyz (1)	unknown	2022-12-18 10:40:16	2023-05-06 10:06:04	457	737	54.230.111.9
xml.serve-servee.com (3)	unknown	2022-06-18 09:06:23	2023-05-06 10:06:07	1362	7401	172.64.130.18
cdn.purpleads.io (1)	185817	2020-02-18 07:59:36	2023-05-06 11:21:28	570	22437	143.204.55.44
accounts.google.com (6)	81	2016-03-20 13:44:49	2023-05-06 08:42:40	3648	10723	216.58.207.237
mp.4dex.io (1)	2629	2019-01-03 14:51:11	2023-05-06 11:54:19	461	456	104.18.2.114
ocsp.sectigo.com (2)	487	2019-11-29 12:50:24	2023-05-06 07:39:53	660	1737	172.64.155.188
ocsp.pki.goog (4)	175	2018-07-01 08:43:07	2023-05-06 05:09:10	1332	2798	142.250.74.131
a.exdynsrv.com (1)	40663	2019-05-21 07:34:42	2023-05-06 06:38:39	400	29352	205.185.216.42
syndication.exdynsrv.com (2)	34243	2016-04-20 20:35:15	2023-05-06 05:22:35	1307	1990	95.211.229.247
ocsp.godaddy.com (1)	698	2012-05-20 21:28:57	2023-05-06 05:09:28	330	2285	192.124.249.36
cdn.prplads.com (3)	unknown	2023-02-20 12:56:34	2023-05-06 13:02:43	1389	746683	104.26.3.51
ocsp.r2m02.amazontrust.com (1)	unknown	2022-10-12 16:01:39	2023-05-06 09:12:44	340	1006	54.230.80.227
static.a-ads.com (1)	34827	2013-06-01 18:47:05	2023-05-06 06:38:39	472	113694	136.243.22.74
imp9.bidgear.com (1)	34078	2021-03-15 12:09:09	2023-05-06 12:45:36	505	1119	104.26.2.107
www.googletagmanager.com (1)	75	2013-05-22 04:07:37	2023-05-06 05:33:18	421	46521	142.250.74.168
s3t3d2y8.afcdn.net (1)	unknown	2022-08-09 00:22:56	2023-05-06 05:33:36	471	11649	185.76.9.26
script.4dex.io (4)	2135	2018-07-23 12:04:27	2023-05-06 09:54:22	1636	49924	172.67.75.241
nativiser-prebid.smart-hub.io (1)	unknown	2022-12-14 13:53:24	2023-05-06 13:02:44	477	331	8.2.109.53
static.serve-servee.com (2)	unknown	2022-06-18 05:19:30	2023-05-06 10:06:08	882	13918	172.64.130.18
workhovdiminatedi.info (11)	unknown	2023-04-27 10:35:04	2023-05-06 10:44:28	6553	6435	172.67.219.101
theharityhild.buzz (1)	unknown	2022-10-20 09:00:21	2023-05-06 10:06:04	564	267	52.20.131.174
platform.bidgear.com (2)	30367	2016-07-27 13:51:48	2023-05-06 12:45:35	887	7468	104.26.2.107
megaup.net (57)	179052	2017-09-01 20:45:15	2023-05-06 10:05:54	31147	2219321	91.209.70.182
kultingecauyuksehinkitw.info (11)	unknown	2023-04-27 23:05:28	2023-05-06 11:30:27	8345	25889	54.230.111.38
api.purpleads.io (6)	146037	2020-02-18 07:59:38	2023-05-06 10:06:04	5596	5043	3.229.139.30
prebid.a-mo.net (3)	1148	2020-07-14 19:45:55	2023-05-06 06:38:40	1505	826	147.75.84.158
pogothere.xyz (2)	unknown	2022-09-04 21:11:25	2023-05-06 11:52:50	828	104116	104.21.0.182
ad.a-ads.com (1)	26970	2013-04-19 23:54:57	2023-05-06 11:54:11	519	12784	136.243.22.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (140)

URL IP Response Size

ocsp.sectigo.com/

172.64.155.188

471

URL

ocsp.sectigo.com/
IP

172.64.155.188:0
ASN

#13335 CLOUDFLARENET

Magic

data

Size

471
Hash

947d33200febe263b75c67d50890ab8b

1edccc0cbbd64f0d6457b0c832563e8ec220fa4a

8e41e228b6762acc899b676c536d58df4a7e6ecc78d996f8bc7674985f2c0cd7

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sun, 07 May 2023 04:55:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 05 May 2023 11:25:45 GMT
Expires: Fri, 12 May 2023 11:25:44 GMT
Etag: "1edccc0cbbd64f0d6457b0c832563e8ec220fa4a"
Cache-Control: max-age=454819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c36ded7ac7c0b06-OSL

megaup.net/themes/flow/images/main_logo_inverted.png

91.209.70.182

200 OK

7137

URL GET HTTP/2

megaup.net/themes/flow/images/main_logo_inverted.png
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data

Size

7137
Hash

5d15526be10b904a6b48d1af04a10cc3

c09b6874359ac6d71db95593618a9acb55baa984

894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018

HTTP Headers

                                        GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/images/loading_small.gif

91.209.70.182

200 OK

184355

URL GET HTTP/2

megaup.net/themes/flow/images/loading_small.gif
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

GIF image data, version 89a, 64 x 64\012- data

Size

184355
Hash

b0dd5b3af9c4c0644d7bddee83716209

30002468d0266b893b3559b8d0d260c6cbf0ad7c

2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d

HTTP Headers

                                        GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

cc2d9732ad7837eabab81ef7088f0f60

edbd3340ba4bf7b3510035a3d72d13a90ac6829a

e3006361ada40cd4ffdba6c0ecfd9e3c338e950de8075ee4f8c5066d712912b5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 07 May 2023 04:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css

91.209.70.182

200 OK

668

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with CRLF line terminators

Size

668
Hash

db0ddb7ed89a7f3d8da8445c6bfdfd39

e48203ba0147ee8acc7ced3d3a7d27b226ba00e1

fa64a751576f1e7e8110debcf5e6f8d8c9b1050eef807457f4543afe2ab2f6d5

HTTP Headers

                                        GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.tmpl.min.js

91.209.70.182

200 OK

1050

URL GET HTTP/2

megaup.net/themes/flow/js/jquery.tmpl.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (971), with no line terminators

Size

1050
Hash

a00f3bcca29e8bccd792773ed1518a5d

557014ec2692c1180bc41c4348e9d3572a7fc406

586e2d57e9b11f5387b214568a63e05795ff59bd7c664c8dbce8a468d7dd0162

HTTP Headers

                                        GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-108868042-1

142.250.74.168

200 OK

45874

URL GET HTTP/2

www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP

142.250.74.168:443
ASN

#15169 GOOGLE

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

FingerprintCA:2C:8E:2F:14:74:84:57:8C:39:86:59:92:AC:A1:7C:C8:FA:99:CA

ValidityMon, 17 Apr 2023 08:16:32 GMT - Mon, 10 Jul 2023 08:16:31 GMT

Magic

ASCII text, with very long lines (2271)

Size

45874
Hash

c243b252d5754710467af13b17f1aa98

3326225b3d6ebc1e8a12a1ee4a5912af131f8430

0f7297915940b9f93eca930962ee53c844c886f0ca93247c53ad659f5b0df532

HTTP Headers

                                        GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 07 May 2023 04:55:24 GMT
expires: Sun, 07 May 2023 04:55:24 GMT
cache-control: private, max-age=900
last-modified: Sun, 07 May 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

keydawnawe.com/gwZ1U5hjA8ii/32575

172.255.6.95

200 OK

URL GET HTTP/1.1

keydawnawe.com/gwZ1U5hjA8ii/32575
IP

172.255.6.95:443
ASN

#7979 SERVERS-COM

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectkeydawnawe.com

FingerprintF7:57:30:58:C1:35:AA:9E:BA:6E:40:60:AF:90:29:A9:64:83:53:EA

ValidityThu, 13 Apr 2023 23:00:56 GMT - Wed, 12 Jul 2023 23:00:55 GMT

Magic

ASCII text, with no line terminators

Size

26
Hash

4e5d65669f8dcd928dad06adf883f025

d771713d758c3348dd7e5b38bb40c7935399ae46

0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

                                        GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 07 May 2023 04:55:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 08-May-2023 04:55:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 08-May-2023 04:55:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

altowriestwispy.com/tysaSHG1FMaM/18410

172.255.6.128

200 OK

URL GET HTTP/1.1

altowriestwispy.com/tysaSHG1FMaM/18410
IP

172.255.6.128:443
ASN

#7979 SERVERS-COM

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectaltowriestwispy.com

FingerprintC3:95:E3:67:82:EA:18:9C:5A:2C:E7:4F:33:5E:9E:3A:E2:EE:4C:D8

ValiditySat, 25 Mar 2023 23:05:39 GMT - Fri, 23 Jun 2023 23:05:38 GMT

Magic

ASCII text, with no line terminators

Size

25
Hash

d488addc5df5fc9b9ff4135bb4e3a823

6ce56f48e851df4d562b43d3bc1269a504ae83fc

d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

                                        GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Date: Sun, 07 May 2023 04:55:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 08-May-2023 04:55:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 08-May-2023 04:55:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

megaup.net/themes/flow/js/canvas-to-blob.min.js

91.209.70.182

200 OK

1265

URL GET HTTP/2

megaup.net/themes/flow/js/canvas-to-blob.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (1032), with no line terminators

Size

1265
Hash

47e77d368ec79248f17bd92a0848ea63

3b4d3ce267a7d5274e54665a0727140dd0f158d5

213e885426f23abba9980d0e92a745f1f2882e08bc0ba8fe5656d49c72c06d80

HTTP Headers

                                        GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/fonts/raleway.woff

91.209.70.182

200 OK

31836

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

Web Open Font Format, TrueType, length 31836, version 1.1\012- data

Size

31836
Hash

4514fa5a5b3d1e0b14aa32a7d068124a

e634977bfabc20ed15fe7ed03d3876cf68834b93

5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861

HTTP Headers

                                        GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css

91.209.70.182

200 OK

35476

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with CRLF line terminators

Size

35476
Hash

fbd149087a7df92687f98887614ecd56

d4066d120ec850e556bd2f5bd95dee2a8b4ea12d

8a9404eabd4c3996a8b70b9d9c23a166e9f5804a8f0a4cb5bfa93ed013dfcc49

HTTP Headers

                                        GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/load-image.min.js

91.209.70.182

200 OK

33122

URL GET HTTP/2

megaup.net/themes/flow/js/load-image.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (2546), with no line terminators

Size

33122
Hash

12ae3a83a9e216a2c55cf9312dc76f09

e8da8afe16a2e52739bc9b8877e41958666f2b31

d832b0c1eaebd7c8e03159c2f96ef5e9ac249ec6a37c7d91dba8a4c6c380d4e4

HTTP Headers

                                        GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-ui.js

91.209.70.182

200 OK

33437

URL GET HTTP/2

megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text

Size

33437
Hash

319e8081b09c26e6cc21af34fda0c288

bfa33c823c79d9dfb5754356612b3d389386dc1c

fb3569b49a3346192b2647ae8e18e32af047b9b3a98e494664267e90a6dc11c3

HTTP Headers

                                        GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

dmmzkfd82wayn.cloudfront.net/?kzmmd=761186

54.230.245.57

200 OK

188765

URL GET HTTP/2

dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP

54.230.245.57:443
ASN

#16509 AMAZON-02

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerAmazon

Subject*.cloudfront.net

FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB

ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (15948)

Size

188765
Hash

472ef1cf5d08d3e5794eda13e4013975

e07c6d80f0eac3a2603e2f4a192a7c853e99cd36

b96f6ef0ca5a888c241d7f17b23a4c9ac43c7a286526a5c71c7e434b00dc6525

HTTP Headers

                                        GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-length: 188765
date: Sun, 07 May 2023 04:55:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UfUzE8TWAoAWAZ-IfGLg4fNvlmb6hgy4RlCThq0FNYqTOSbZY__8aA==
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js

91.209.70.182

200 OK

2285

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text

Size

2285
Hash

3aea5970f7edfa3b4e4e402f955b9fa6

95199bf5f5c23a4e15ea2aeebbecd15f450403f0

64c4d9eb27d6b38f1a0a4eb94fe77ed252fb9a0b3f68123842db671fb60cc8b7

HTTP Headers

                                        GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

workhovdiminatedi.info/OEYzNjIXeVBFD24RCll/VC5bbmRXAlIESloRRHhCWhBLb3BvdhVCW1x7BAADCX4FEEJRIg4HFEsyUkJHS3sCEFtWIFwLFE57AhgBDGgABBwKYEYLAx4yQ1dVBXcVRkZMKg4HBAB1BwUHC3QFAAUO

172.67.219.101

204 No Content

URL GET HTTP/2

workhovdiminatedi.info/OEYzNjIXeVBFD24RCll/VC5bbmRXAlIESloRRHhCWhBLb3BvdhVCW1x7BAADCX4FEEJRIg4HFEsyUkJHS3sCEFtWIFwLFE57AhgBDGgABBwKYEYLAx4yQ1dVBXcVRkZMKg4HBAB1BwUHC3QFAAUO
IP

172.67.219.101:443
ASN

#13335 CLOUDFLARENET

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectworkhovdiminatedi.info

Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB

ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /OEYzNjIXeVBFD24RCll/VC5bbmRXAlIESloRRHhCWhBLb3BvdhVCW1x7BAADCX4FEEJRIg4HFEsyUkJHS3sCEFtWIFwLFE57AhgBDGgABBwKYEYLAx4yQ1dVBXcVRkZMKg4HBAB1BwUHC3QFAAUO HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 204 No Content
date: Sun, 07 May 2023 04:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsNwLD70lIgwKrNfRR3%2B6qX%2FCq0yO0i%2B%2FVMuT7l2nmFUDt1X6DraNckBGlK7JQmG5CUYmL9xRc%2B7zphOLsOYMkFvaVMQaXZWNG1rTbHg75VI%2Fubl0utnpuqO4j%2FjgyaTpiEB6q4GP1OH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c36dedd7c11b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js

91.209.70.182

200 OK

9126

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (28941)

Size

9126
Hash

f3933fc210618515b5c09e38fe0159de

01fd14425a8599dc2a6bb49ba6509fd08c63670c

f234ceb6460fe6b227c65e0f2a7989e25b58d80d2e65644b2b896b7c815478cc

HTTP Headers

                                        GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload-validate.js

91.209.70.182

200 OK

2468

URL GET HTTP/2

megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text

Size

2468
Hash

feefdea919187c1d488b008804ae822d

64428aecc81d0d033c5f213ba682873a34475b60

0b57d28942adb6ead82d1cb9362d1b15186135172f03b896dd7cbb4c675e24a9

HTTP Headers

                                        GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.iframe-transport.js

91.209.70.182

200 OK

119897

URL GET HTTP/2

megaup.net/themes/flow/js/jquery.iframe-transport.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text

Size

119897
Hash

d621e7ca2269f021c0d6cc6037b964b6

21deb4d21283ce3364ed9b21665a90b41623aff4

02c81a2d7192fe2b51d63b14f1d35d2ce8d215b158e09fe0bc2cc60e0f07626b

HTTP Headers

                                        GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

workhovdiminatedi.info/ekkyQ0ZVdlEwey4eQhsLLBMKFnQvA2gLcxwQVQEuHHgHJAQtCBQ3Lx50CnFzQ3gDZTYTLQ9wdFw6RiIyDzoPcXZKfhQqKBwmD3FgDHQCbX9UeBx2YA90A2UyCihVfndcOUY3Kkd4BHt1TnoHcHRMfwt0

172.67.219.101

204 No Content

URL GET HTTP/2

workhovdiminatedi.info/ekkyQ0ZVdlEwey4eQhsLLBMKFnQvA2gLcxwQVQEuHHgHJAQtCBQ3Lx50CnFzQ3gDZTYTLQ9wdFw6RiIyDzoPcXZKfhQqKBwmD3FgDHQCbX9UeBx2YA90A2UyCihVfndcOUY3Kkd4BHt1TnoHcHRMfwt0
IP

172.67.219.101:443
ASN

#13335 CLOUDFLARENET

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectworkhovdiminatedi.info

Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB

ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /ekkyQ0ZVdlEwey4eQhsLLBMKFnQvA2gLcxwQVQEuHHgHJAQtCBQ3Lx50CnFzQ3gDZTYTLQ9wdFw6RiIyDzoPcXZKfhQqKBwmD3FgDHQCbX9UeBx2YA90A2UyCihVfndcOUY3Kkd4BHt1TnoHcHRMfwt0 HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 204 No Content
date: Sun, 07 May 2023 04:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0PLEZhq48amOLsMHyZDNVXlUy0dlWDpKdzHPFvsMz%2FbSR6GjGFVHnKUfiCcuyNGkchF10yDR78VAUtf1goVzuge68QaVYOlFLlPdhecVwG2xg44vYp%2FWAv42hIgs2BgYpUjnJCBxDnQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c36dedd9c2eb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js

91.209.70.182

200 OK

6371

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

HTML document, ASCII text, with very long lines (15714), with CRLF line terminators

Size

6371
Hash

6c90cf2e54a984146134a5d0a27c2cf7

7ec9633dedf421cba35a6eb818c9450fe9c3b9ea

2cedd97fdd9e4f042ed05ee2400ff4966c0bb78a300e7c17aae78d9def5e4c4e

HTTP Headers

                                        GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js

91.209.70.182

200 OK

29722

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (23470)

Size

29722
Hash

18ba4e51764e57722b329608511edae0

d2d4e9ce73d5bc88c945f8cca0d21d80f89a5da8

78a99d8d5f503fd55586f8934ee4cb3e5e4b48e5672196f680fc6e78ce77d4e6

HTTP Headers

                                        GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery.fileupload.js

91.209.70.182

200 OK

17791

URL GET HTTP/2

megaup.net/themes/flow/js/jquery.fileupload.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text

Size

17791
Hash

6fb1ad1a6c39e97f57df0ecefbe906cd

978f9bf4e43133c171a8ff723139fccfb8a59c05

ac75008650d97b5d44be7c60c917d97cfaeefee28c10abfaa0e5c74f3c6a9c44

HTTP Headers

                                        GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

workhovdiminatedi.info/VGNwRk17XBM1cBo1IjcsLgQxH3weOjQhBzw7HHICFg4qIxgzV1YyJDBeSXJ0bFVEYD09B013dXIQBCc5IRBNd2s9DRYpcHIVTXdjZE1CaH5yFk13ayATESFwZUUAMjk4XkFwdWdXQ3N+ZlVHdH8

172.67.219.101

204 No Content

URL GET HTTP/2

workhovdiminatedi.info/VGNwRk17XBM1cBo1IjcsLgQxH3weOjQhBzw7HHICFg4qIxgzV1YyJDBeSXJ0bFVEYD09B013dXIQBCc5IRBNd2s9DRYpcHIVTXdjZE1CaH5yFk13ayATESFwZUUAMjk4XkFwdWdXQ3N+ZlVHdH8
IP

172.67.219.101:443
ASN

#13335 CLOUDFLARENET

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectworkhovdiminatedi.info

Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB

ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /VGNwRk17XBM1cBo1IjcsLgQxH3weOjQhBzw7HHICFg4qIxgzV1YyJDBeSXJ0bFVEYD09B013dXIQBCc5IRBNd2s9DRYpcHIVTXdjZE1CaH5yFk13ayATESFwZUUAMjk4XkFwdWdXQ3N+ZlVHdH8 HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 204 No Content
date: Sun, 07 May 2023 04:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHKdpJ3bcwhYmd7QupAGXQzzp5XQ5bGD%2B4f865kv%2FTJG%2By2R1AmB6PuvyKN%2FjKEjuKJWXElOOGU6HzDOtmEnRfFYssQSXFLCvivZeRph23FWcPJ4ZD8076aajG9H5ifKaDY9skxZ9Sez"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c36deddbc48b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/gauge.min.js

91.209.70.182

200 OK

6063

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (1259)

Size

6063
Hash

65b0265d91facd04682c82a2d155643d

616d3e3d72d4b61f5ffadc9632ea951dd8842814

deab12cfc43f8b6b41c2a88c38720fe7e620bbb2c29752723b57dee943642112

HTTP Headers

                                        GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js

91.209.70.182

200 OK

708

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (1285)

Size

708
Hash

c63d77e0fd41daafb620c89a9735522e

89d098bde920e3bdbb810bf06abe530b1fc3737b

c7d9a559dfe55c2d4f9e6d0f72601ab12797e768dfe95f41d59d5aa496a6cb70

HTTP Headers

                                        GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/flow/js/jquery-1.11.0.min.js

91.209.70.182

200 OK

35088

URL GET HTTP/2

megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (32341)

Size

35088
Hash

35be249e32c54aa664167594242de66d

ff4fc21dce0eff3aa8d0a725d2f77fdda79e3c3e

6d5b21f09e98e8726b2e9609f62157e14c7b8333a552b5c043e46b4c512dfa99

HTTP Headers

                                        GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655

143.204.55.44

200 OK

21906

URL GET HTTP/2

cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP

143.204.55.44:443
ASN

#16509 AMAZON-02

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerAmazon

Subject*.purpleads.io

Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4

ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT

Magic

HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65522), with no line terminators

Size

21906
Hash

ff70d9f9fae24229f0d0a396a41b49da

0b85006adc466e582bfe2127e5d27aaefd2b7242

1467ef102058225b3b6ce597fe2acabb12e7032a4a6bbb11d0bf435b4f082bb4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code

HTTP Headers

                                        GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript
content-length: 21906
last-modified: Thu, 04 May 2023 11:04:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 May 2023 11:05:04 GMT
etag: "ff70d9f9fae24229f0d0a396a41b49da"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XsXQpBXE8WxoUE9jf95jrP1zGub-jPDvIXDYK6Ye9YnC6qgjhUfeKQ==
age: 64222
X-Firefox-Spdy: h2

a.exdynsrv.com/ad-provider.js

205.185.216.42

200 OK

28967

URL GET HTTP/1.1

a.exdynsrv.com/ad-provider.js
IP

205.185.216.42:443
ASN

#20446 STACKPATH-CDN

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerLet's Encrypt

Subjectexdynsrv.com

Fingerprint54:0A:66:69:27:EA:63:01:A0:42:9B:75:C5:75:97:C3:19:3C:EC:0F

ValidityMon, 27 Feb 2023 07:27:23 GMT - Sun, 28 May 2023 07:27:22 GMT

Magic

ASCII text, with very long lines (54191)

Size

28967
Hash

6cebad4a9da95c68f459accf99eabf4a

7b5de6376d08e7ec1a06e28f371ee41dbd4dceb8

6474d9a8357ea8cc465c2ad9df9d8580765b4c1d39a6ce8a3853a4cfdf2549e2

HTTP Headers

                                        GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Date: Sun, 07 May 2023 04:55:25 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 28967
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"5edd88b11d181710b873d5701fc"
X-HW: 1683435325.dop017.sk1.t,1683435325.cds015.sk1.shn,1683435325.cds015.sk1.c
Access-Control-Allow-Origin: *, *

megaup.net/themes/flow/frontend_assets/css/responsive.css

91.209.70.182

200 OK

1730

URL GET HTTP/2

megaup.net/themes/flow/frontend_assets/css/responsive.css
IP

91.209.70.182:443
ASN

#43317 FNK LLC

Requested by

https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
Certificate

IssuerSectigo Limited

Subject*.megaup.net

FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A

ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT

Magic

assembler source, ASCII text

Size

1730
Hash

ca5ccdec1dae2455ed8c95b197c968e9

a8856207c7f332bdff68ddf495d2528608728e5f

dc02f1a90bf137242115d0ba8d5e2a3f4b7200533dccd1bd52cfc3a601d3bf2d

HTTP Headers

                                        GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/135al/POKLEGARC-NSwTcH-NSP-Update111-Ziperto.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=2ktu1e5u3mq9cjjjejfnfktrp6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
server: nginx
date: Sun, 07 May 2023 04:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (61)

#1 JS:Script (size: 971)

#2 JS:Script (size: 58837)

#3 JS:Script (size: 6707)

#4 JS:Script (size: 4691)

#5 JS:Script (size: 75082)

#6 JS:Script (size: 483)

#7 JS:Script (size: 17848)

#8 JS:Script (size: 804)

#9 JS:Script (size: 491)

#10 JS:Script (size: 75466)

#11 JS:Script (size: 63744)

#12 JS:Script (size: 197554)

#13 JS:Script (size: 148)

#14 JS:Script (size: 306)

#15 JS:Script (size: 435844)

#16 JS:Script (size: 2204)

#17 JS:Script (size: 5447)

#18 JS:Script (size: 9255)

#19 JS:Script (size: 8063)

#20 JS:Script (size: 614934)

#21 JS:Script (size: 1478)

#22 JS:Script (size: 103036)

#23 JS:Script (size: 29110)

#24 JS:Script (size: 59)

#25 JS:Script (size: 1644)

#26 JS:Script (size: 6)

#27 JS:Script (size: 7391)

#28 JS:Script (size: 334516)

#29 JS:Script (size: 85185)

#30 JS:Script (size: 595)

#31 JS:Script (size: 147)

#32 JS:Script (size: 88340)

#33 JS:Script (size: 69604)

#34 JS:Script (size: 1821)

#35 JS:Script (size: 5302)

#36 JS:Script (size: 4074)

#37 JS:Script (size: 3417)

#38 JS:Script (size: 2971)

#39 JS:Script (size: 96381)

#40 JS:Script (size: 117904)

#41 JS:Script (size: 1032)

#42 JS:Script (size: 56276)

#43 JS:Script (size: 8854)

#44 JS:Script (size: 25071)

#45 JS:Script (size: 544)

#46 JS:Script (size: 5423)

#47 JS:Script (size: 155)

#48 JS:Script (size: 2433)

#49 JS:Script (size: 16045)

#50 JS:Script (size: 1326)

#51 JS:Script (size: 5152)

#52 JS:Script (size: 2546)

#53 JS:Script (size: 15314)

#54 JS:Script (size: 5)

#55 JS:Script (size: 4249)

#56 JS:Script (size: 1690)