megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
91.209.70.182301 Moved Permanently 162 B URL User Request GET HTTP/1.1 megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
IP 91.209.70.182:80
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 05 May 2023 17:52:39 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
54.230.245.58200 OK 189 kB URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 54.230.245.58:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188764 bytes)
Hash e35adbbf9dd9ba898389b4a7ed26b5cd
05d4abbd8e97aa87b78e10d5ad13ca0b374c311d
1dc469d507fbaaf1052e28f2618ac6e22f09e89f357db15cc8ab7d03b5355296
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 188764
date: Fri, 05 May 2023 17:50:51 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n-XKK6FgBNh3GZfOLp4u2kvz2aprETLoUzJaUbJQliHQkU45s4kktQ==
age: 108
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL GET HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.168200 OK 46 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.168:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint07:22:19:79:30:9E:4C:35:4E:21:BD:55:7D:44:2F:A9:71:9E:4C:AA
ValidityMon, 03 Apr 2023 08:16:11 GMT - Mon, 26 Jun 2023 08:16:10 GMT
File type ASCII text, with very long lines (2271)
Hash 913b5b968d66d66ac07ed7323928f5af
576292db3bbf6513b5ec386eb53ead789dd37178
a21e34a1498fc50ebd80cf8549dce88d612e8888301d0c7bad497b050bf3e177
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 05 May 2023 17:52:39 GMT
expires: Fri, 05 May 2023 17:52:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 05 May 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL GET HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.153200 OK 25 B URL GET HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.153:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectaltowriestwispy.com
FingerprintC3:95:E3:67:82:EA:18:9C:5A:2C:E7:4F:33:5E:9E:3A:E2:EE:4C:D8
ValiditySat, 25 Mar 2023 23:05:39 GMT - Fri, 23 Jun 2023 23:05:38 GMT
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 17:52:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sat, 06-May-2023 17:52:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 06-May-2023 17:52:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.95200 OK 26 B URL GET HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.95:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectkeydawnawe.com
FingerprintF7:57:30:58:C1:35:AA:9E:BA:6E:40:60:AF:90:29:A9:64:83:53:EA
ValidityThu, 13 Apr 2023 23:00:56 GMT - Wed, 12 Jul 2023 23:00:55 GMT
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 17:52:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sat, 06-May-2023 17:52:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 06-May-2023 17:52:39 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 34 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash f891ad0f102cb19d10191be2d2932334
c813c190c1df4ded8432f9a8e5597c4217930c96
3363023ddf985c19592264d2f156e72a131fb9826778abf8c90d4042b5312326
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 26 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1259)
Hash 41f58a891cb1843bfb134b146b2b724d
7847beda762d73929b354c9f28a0749ba12df464
7fafc48cf82b7074cedbbc9d0a974e565ba75175b044237ed2bed20e4b098fee
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 8.9 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash 3ada7c4ceaa7bff9bf42a471af84413b
27f2cafa6ee6c9ee2a4a02081e7a3635a2c1838f
37c907028834c77480211caeb96ed22831aaec36b3a9219f9e334ac745eb5faa
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/imageads/019.png
91.209.70.182200 OK 163 kB URL GET HTTP/2 megaup.net/imageads/019.png
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 163 kB (162957 bytes)
Hash 67d8f5a75ac6afacc6db055e5b1ca58d
eb538a3b69febd3d1dea26aeb644c58d6f1a91f8
8460892a960f4c741e54cee913c7e985607caffec43419f5dc6d6cfd714b3814
GET /imageads/019.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/png
content-length: 162957
last-modified: Sat, 15 Apr 2023 07:22:57 GMT
vary: Accept-Encoding
etag: "643a50d1-27c8d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 8.0 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (28941)
Hash 2100c9966cc44bff5c235660c2ba83de
59956e8a7c4cec4ec71d42a26977fbaf379fd1fb
1e3f48d8a2b2d67b15b47e10280a492a3294fe5d6d583ba6a489ff6dff3d3a14
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 5.2 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 7e4eb1f86db5e2a93f0ccbc7f0605677
f6484bdf3a95938abcf7bb3a4cbb50f00a458e0c
37bc8012eb8cab3901b632a0a484ccb869a04a15af188a0e8d60e019e1c73531
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 31 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (23470)
Hash db6cb083b7fe7673e4066d48d184e3ec
0c7c2bb566f463d0cfaae9ae6a142d88e978e635
e22d172ed01610082a16d0b1c38b1288f82794fd6c3d591d54aab815c935716c
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 1.8 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1249)
Hash 7ebf5ac08ccb4bc0ab6c12d272886d84
b03e3f4b24ef33781987f2126ee02f2172cdd6e3
e209e60a49140ac46d35723578bf1903a8592794e0bf49e9db51d15bf4fe7c17
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 1.9 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1285)
Hash 556ff1404f0d05b38ffe88554aaf5af4
e8a28a28b57764dde314505190e2b81c82a55b28
079910fab19735015d14b70d843925240f17aff4608cf7e85cdcbc14205bcc5c
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
workhovdiminatedi.info/Z0pTa3FIdTAYTD0mARsiMwQEMh0TfxIHFQ8fG18wP3gJDRImH3UfGAN3a1lEXntiTQEOLm5YQ0E5JwoFEjluWlcOJDUETEE8bltfXmRiRURBP25aVxM6MgxMVmwjHwULd2JdSVR5Y1JAUH5hWEM
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/Z0pTa3FIdTAYTD0mARsiMwQEMh0TfxIHFQ8fG18wP3gJDRImH3UfGAN3a1lEXntiTQEOLm5YQ0E5JwoFEjluWlcOJDUETEE8bltfXmRiRURBP25aVxM6MgxMVmwjHwULd2JdSVR5Y1JAUH5hWEM
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z0pTa3FIdTAYTD0mARsiMwQEMh0TfxIHFQ8fG18wP3gJDRImH3UfGAN3a1lEXntiTQEOLm5YQ0E5JwoFEjluWlcOJDUETEE8bltfXmRiRURBP25aVxM6MgxMVmwjHwULd2JdSVR5Y1JAUH5hWEM HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQIQ5mDrMrDNPnx9%2BXVdZLaB49o8BvygkJIKGHfGQbGmn1ZOjjeh40TQDzRJ1lrePIBGEZQ2Nlv%2Bs4bfgCxRzFEjFWkDwa8vDiv%2BokcBiXz4ohy4HtuH0P23%2Fr9c4AG5c41TpNyubR9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa68131c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 5.7 kB URL GET HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash 48f08b798d06f690516ec2d0a598eef2
2fdddcf7bb09155c83d2db2737d5a96abb13d739
0235b0b9b1d8f11221a4192bf02212ba993ef38b129dc40419436a3d63895d66
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
91.209.70.182200 OK 1.4 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash b8b74ee63391a564ccc5896c1a4cda79
a788009620845e1b5d8d1a48c92d0051e06fd804
ac7bab6753cd11924bf17aead885826f3b2ef84d70f8e9efa0761bab4efa507f
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
workhovdiminatedi.info/dUZwWUxaeRMqcSwQKhUfGC4iO38NY0IfGxkuHjwETCUma3VMJUE2agEvFGR7Q3JBbX1TNhk9cURgAy0tATMDZH1TLx4/I0hgBmR9W3VEd39HaEJ/OUh3Vi08FCFNaGoFMgQ1cURwSGp/RX9BbnhHc0g
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/dUZwWUxaeRMqcSwQKhUfGC4iO38NY0IfGxkuHjwETCUma3VMJUE2agEvFGR7Q3JBbX1TNhk9cURgAy0tATMDZH1TLx4/I0hgBmR9W3VEd39HaEJ/OUh3Vi08FCFNaGoFMgQ1cURwSGp/RX9BbnhHc0g
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dUZwWUxaeRMqcSwQKhUfGC4iO38NY0IfGxkuHjwETCUma3VMJUE2agEvFGR7Q3JBbX1TNhk9cURgAy0tATMDZH1TLx4/I0hgBmR9W3VEd39HaEJ/OUh3Vi08FCFNaGoFMgQ1cURwSGp/RX9BbnhHc0g HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzWnCJKvULFrsDmr7alTZv3btdsb14UJJnmrcEznnXAWrKHWs05pTH8lqYIwVOtiVGr7KC0blM%2FWcE4TR6179LFXc%2BlekmVkaEfKE%2FYN%2BciCK%2BFVtUnF2pUm2i9aFChjvlQjkVhkrLBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa982f1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 2.6 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1b977aef07b45a5a3ba8347638d9c4a9
2eb6adde839805697b6adb5714cabea768a1b1a5
ddcc4735dadc8f4c2ca1b58626613266b958f978b51b739df1a799e437a1e2f8
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1683309174300
172.67.74.36200 OK 2.7 kB URL GET HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1683309174300
IP 172.67.74.36:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5423), with no line terminators
Hash c4adb5b3af2754910029b42d371f2a57
17825fd9fca25f22a16ae6f5a56f8cd270a202da
720d139f7ceb3f269df680d9b6d9ca3b610c0f6831e1746659d32fcb9c9df2dd
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1683309174300 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWrWO3Two%2BuZFjStYXBpMYIR35glHeqmTyLgbL1Hs2u4vXCAC8phuHF9lCTHkmimtEjAj4Bj94eCatvM35gAVszFA584fzZNcmekrgRqwMJnPksCR%2FOGYmZMdgsd1G9sG%2BxdItjV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aaefadb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
172.67.74.36200 OK 649 B URL GET HTTP/2 platform.bidgear.com/media/img/b15.png
IP 172.67.74.36:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Wed, 03 May 2023 17:48:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1238820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLpgXf3sNCdyy7gEFRf7xjRKGfcXUYXAhPku7SD9z0HZ1ox168hY82N5BtvaGK08cQQf7SV2efn4NACC3A7E3Hz%2B3VmQdFiozsxxC2cQpM%2Bajemm5ZSTZja4fvowMGJ463UBebLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6acda86b515-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 130 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (840)
Size 130 kB (130427 bytes)
Hash aee2544d5de0558eb66f8f57571f7ea8
0d10d8f690af5b4eb9e00f315abb126b5122247e
8840c28b2726bdea4a72fc4d03f734338a5ef9a0e043d83d8a3daeb4a03fbcc0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 68 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash 18c3a31ed619e5ff351c919ce3b3d90b
41e954424d6a3cd12125bd92b269dc7182869cc0
16b57257fa7196106d84cdedd9f9cc4f22f67470808116240f80a52ceee82e85
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=3875e7dbf83f40e29bfbfdf3f22ec2cc&p=28&g=NO&token=4a44335432&tbg=1683309160
172.67.74.36200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=3875e7dbf83f40e29bfbfdf3f22ec2cc&p=28&g=NO&token=4a44335432&tbg=1683309160
IP 172.67.74.36:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=3875e7dbf83f40e29bfbfdf3f22ec2cc&p=28&g=NO&token=4a44335432&tbg=1683309160 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuRLtZmikiUbfBFa6PH4iQShMHVrvGzxoK5vDqemcW25p3xRrBQmpwccSpemSAf8O6mi6P1Zx365JXdySQ%2BKUgSMWgnIIt9taqjTwy4Er03bBP6RCn4HqSXs0OsdZOFMTP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6acda84b515-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 62 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash dbb61638a392ae185cd20902666359d4
e303ee7df1603091058f24c39d1e2175d4da9254
d7ce9fdf944d81d01511a5d859130851390ab7620d1bb9cf35c4c4efa6aa2ffd
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/iWUpLMzQ6JSVVCy0jLw4Mbnx4Agx/IDhcWil3PVVODSwcW1cPGCF/ASNsP0lQZHptX1U3LXYVUTcpdgISOC4pDgB/PjtcX2QgLkVYLiYvRVM0bD5SCTQlMVpYNStuAXJsZHsWBmliMwIFfHkJFgZpJiJdQSFveQNMYXwUBQB8eQkWBmk4PRYHGHt7ChppY2-4BBD4vKFhbfHgNAQRoensCBGhveQNSMDguVVshb3l1BWh7ZQMSLHd6
54.230.245.58 470 B URL dmmzkfd82wayn.cloudfront.net/iWUpLMzQ6JSVVCy0jLw4Mbnx4Agx/IDhcWil3PVVODSwcW1cPGCF/ASNsP0lQZHptX1U3LXYVUTcpdgISOC4pDgB/PjtcX2QgLkVYLiYvRVM0bD5SCTQlMVpYNStuAXJsZHsWBmliMwIFfHkJFgZpJiJdQSFveQNMYXwUBQB8eQkWBmk4PRYHGHt7ChppY2-4BBD4vKFhbfHgNAQRoensCBGhveQNSMDguVVshb3l1BWh7ZQMSLHd6
IP 54.230.245.58:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (614), with no line terminators
Hash 40a65841d032c0290b81bce8f47ab497
fa8640a383a7c962ca6311c050a30c9c8f8469c4
49f3ab858d242e45345c64e9f377fd3ab8add259032cd179c54ce7bd47fd78d9
GET /iWUpLMzQ6JSVVCy0jLw4Mbnx4Agx/IDhcWil3PVVODSwcW1cPGCF/ASNsP0lQZHptX1U3LXYVUTcpdgISOC4pDgB/PjtcX2QgLkVYLiYvRVM0bD5SCTQlMVpYNStuAXJsZHsWBmliMwIFfHkJFgZpJiJdQSFveQNMYXwUBQB8eQkWBmk4PRYHGHt7ChppY2-4BBD4vKFhbfHgNAQRoensCBGhveQNSMDguVVshb3l1BWh7ZQMSLHd6 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kultingecauyuksehinkitw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 470
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b79Bo18FFuFfnC_87dSqLb5vZu-2j3QOWkisXpJoRXydJcZDvD1CmA==
X-Firefox-Spdy: h2
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=FCy2Sj5pmbIM
54.230.111.9204 No Content 0 B URL GET HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=FCy2Sj5pmbIM
IP 54.230.111.9:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectparrecleftne.xyz
Fingerprint36:D5:D9:43:13:F4:FE:83:A7:9F:01:89:96:60:5B:AD:CB:A5:27:B7
ValiditySun, 18 Dec 2022 00:00:00 GMT - Tue, 16 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=FCy2Sj5pmbIM HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 05 May 2023 17:53:40 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vez4pDpnosV_OflIfJEjppX3gwfqhKTpDT-JnGQRt6BGFei6M6Cv1Q==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/yM085ZElQIFcCdkcmXVl+BXsIUHgVJUoLJ0NyQQ4efAFSMzppLVcMemkGHxAzV3IJQiVSIV5Zb1YhWll4FS5dBnQHaU0UJlhyUwE/XzhVAD9UIh8RKA4iVh4gXyNYQXt1ehdUbAF/ERx4AmoKJmwBf1UNJ0Y3HFZ5S3cPO38HagombAF/SxJsAA4IVHAdfx-BBewMoXAciXGoLInsDfglUeAN+HFZ5VSZLAS9cNxxWDwJ+CEp5FToEVQ
54.230.245.58 626 B URL dmmzkfd82wayn.cloudfront.net/yM085ZElQIFcCdkcmXVl+BXsIUHgVJUoLJ0NyQQ4efAFSMzppLVcMemkGHxAzV3IJQiVSIV5Zb1YhWll4FS5dBnQHaU0UJlhyUwE/XzhVAD9UIh8RKA4iVh4gXyNYQXt1ehdUbAF/ERx4AmoKJmwBf1UNJ0Y3HFZ5S3cPO38HagombAF/SxJsAA4IVHAdfx-BBewMoXAciXGoLInsDfglUeAN+HFZ5VSZLAS9cNxxWDwJ+CEp5FToEVQ
IP 54.230.245.58:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (871), with no line terminators
Hash 42769688aa9ab9363be75a22bd3e6a17
bc47144b5069d8690b4fdbe6e4d710e3a3bf83de
b0201fc69872c93a2a43fd2c1aca8a327eb7a2dc377c6feac29b4cd2e1d4d999
GET /yM085ZElQIFcCdkcmXVl+BXsIUHgVJUoLJ0NyQQ4efAFSMzppLVcMemkGHxAzV3IJQiVSIV5Zb1YhWll4FS5dBnQHaU0UJlhyUwE/XzhVAD9UIh8RKA4iVh4gXyNYQXt1ehdUbAF/ERx4AmoKJmwBf1UNJ0Y3HFZ5S3cPO38HagombAF/SxJsAA4IVHAdfx-BBewMoXAciXGoLInsDfglUeAN+HFZ5VSZLAS9cNxxWDwJ+CEp5FToEVQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kultingecauyuksehinkitw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 626
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4_wf8zcAwO3zhM5tFsEAX-FHgYatSt7rcfIOtw1RGVO0WBCBHVHmhw==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.247200 OK 1.2 kB URL POST HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.247:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint54:0A:66:69:27:EA:63:01:A0:42:9B:75:C5:75:97:C3:19:3C:EC:0F
ValidityMon, 27 Feb 2023 07:27:23 GMT - Sun, 28 May 2023 07:27:22 GMT
File type JSON data\012- , ASCII text, with very long lines (1560), with no line terminators
Hash ae0acf93311b53f76d44fb3cba357740
d224f72abcc48e7a30a7ee67c1040fd69222b054
015588c3424770f08842731f918db256453496fca74b9294a85827b3daa44348
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 341
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 17:52:40 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264554268a80d44.34618119406163938%22%3B%7D; expires=Sun, 04-May-2025 17:52:40 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
dmmzkfd82wayn.cloudfront.net/2M3VIRkhQGiYgd0ccLHtwAUBxd3kVHzspJkNIPn4yUj14HHFRJ24yMldIeGAkUhsve25WGyt7eRUULCR1B1M8NidYSD0oLFYTISgtV1M9J3VeGjIvJF8UbXQOBlt4Y3oDXTB3eRZGCmN6AxkhKD1LUHp2MAtDF3B8FkYKY3oDBz5je3JEeH9mA1xtdHhUEC-stJxZHDnR4AkV4d3gCUHp2LloHLSAnS1B6AHkCRGZ2bkZIeQ
54.230.245.58200 OK 387 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/2M3VIRkhQGiYgd0ccLHtwAUBxd3kVHzspJkNIPn4yUj14HHFRJ24yMldIeGAkUhsve25WGyt7eRUULCR1B1M8NidYSD0oLFYTISgtV1M9J3VeGjIvJF8UbXQOBlt4Y3oDXTB3eRZGCmN6AxkhKD1LUHp2MAtDF3B8FkYKY3oDBz5je3JEeH9mA1xtdHhUEC-stJxZHDnR4AkV4d3gCUHp2LloHLSAnS1B6AHkCRGZ2bkZIeQ
IP 54.230.245.58:443
Requested by https://kultingecauyuksehinkitw.info/Y3BUbm0CEjcDUgJNNkgYERxpS18lVWYoCQ4dLgULB0hmGQwaHnoNAQwFMAgfDB4gQAMGBHFcK1E9ZzgkMRs8PyoKKTMKXQATGCYZFDEBLBUHQz84JRkDJCQGLTkEAFkaJT5fWSs4EjwnUUQtIwEHOTEpLAglPB0bBkJhOSoaBGMLPzYlGC0/UjJlI1UtGTA3PidAOyIrOiQdPQoXJmUjVClDAgsqCTkiJCtbJTY2PCwyOBpZOkM7KjU3MmcLPzk3FwMjVTEsBQUoNGUiOCsAZiMsFzQSXS9bNj83JjpDOyovGUU+C14pNTEmVA4xZRYZBzg8OyggXScaJxsqHCoDMUQVBTtXFGcJLjY4JFwhDx8cIj4iHgdfL1UxHAUuMTcOXA8IKh0LPEUaJwEDE00iVhcCOGQ0VAEi
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (490), with no line terminators
Hash 8f2ebbdcf2bd5a68d6fba29015621015
fe7970eff6b6eaa7a8756a792e116b1c569e6716
089988da7e06570dc07d224ebf5521214ebee4d79d8658e1fc9c5918dce69a7c
GET /2M3VIRkhQGiYgd0ccLHtwAUBxd3kVHzspJkNIPn4yUj14HHFRJ24yMldIeGAkUhsve25WGyt7eRUULCR1B1M8NidYSD0oLFYTISgtV1M9J3VeGjIvJF8UbXQOBlt4Y3oDXTB3eRZGCmN6AxkhKD1LUHp2MAtDF3B8FkYKY3oDBz5je3JEeH9mA1xtdHhUEC-stJxZHDnR4AkV4d3gCUHp2LloHLSAnS1B6AHkCRGZ2bkZIeQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kultingecauyuksehinkitw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 387
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -UlkxPeOmNUKBHts4b50tbFa_kliGumBuxwjFqu36b5ueON9XTShww==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/3aXIxcWkKHV8XVh0bVUxQXUsJR11PGEIeBxlPXgE5KzNSSFg6IUM1LS07UFcdExYMQU8FE18WVE8XXxJUWFRQFQtURhcECFQfXgsABR5QVFsvRx9BTFtCGQlYWFcCM0xbQl0YBxwKFENZEUoHLl9dVwIzTFtCQwdMWjMAQVBHQhhUW1kVVBICBlcDN1tZQw-FBWFlDFENZDxtDFA8GChRDL1hDAF9ZTwcMQA
54.230.245.58 209 B URL dmmzkfd82wayn.cloudfront.net/3aXIxcWkKHV8XVh0bVUxQXUsJR11PGEIeBxlPXgE5KzNSSFg6IUM1LS07UFcdExYMQU8FE18WVE8XXxJUWFRQFQtURhcECFQfXgsABR5QVFsvRx9BTFtCGQlYWFcCM0xbQl0YBxwKFENZEUoHLl9dVwIzTFtCQwdMWjMAQVBHQhhUW1kVVBICBlcDN1tZQw-FBWFlDFENZDxtDFA8GChRDL1hDAF9ZTwcMQA
IP 54.230.245.58:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 344f2ba4bf299c674d81271a6219f66e
0e44a9b7ecaf784f3e4246e44340ee12843c22e1
9c2731a45358c43bf2b8cbf683544059c06ab3d46ec541c78d4d31427274dd1d
GET /3aXIxcWkKHV8XVh0bVUxQXUsJR11PGEIeBxlPXgE5KzNSSFg6IUM1LS07UFcdExYMQU8FE18WVE8XXxJUWFRQFQtURhcECFQfXgsABR5QVFsvRx9BTFtCGQlYWFcCM0xbQl0YBxwKFENZEUoHLl9dVwIzTFtCQwdMWjMAQVBHQhhUW1kVVBICBlcDN1tZQw-FBWFlDFENZDxtDFA8GChRDL1hDAF9ZTwcMQA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kultingecauyuksehinkitw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 209
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qSUowzXzWAqCmQo0Iw81xbbbi-RrOFVfpz5fby-W83DF3XXq6YXX3A==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/iVHdDZnE3GC0ATiAeJ1tGYkZyXkdyHTAJHyRKNwEIDTJ6LxMfD3coBixRNxwVaUdlChA6EH5AFDoUfldXNRMhW0VyAzMJGmkdJhAdIxsnEBY5UTYHTDkYOQ8dOBZmVDdhWXNDQ2RfO1dAcUQBQ0NkGyoIBCxScVYJbEEcUEVxRAFDQ2QFNUNCFUZzX19kXm-ZUQTMSIA0ecUUFVEFlR3NXQWVScVYXPQUmAB4sUnEgQGVGbVZXIUpy
54.230.245.58 628 B URL dmmzkfd82wayn.cloudfront.net/iVHdDZnE3GC0ATiAeJ1tGYkZyXkdyHTAJHyRKNwEIDTJ6LxMfD3coBixRNxwVaUdlChA6EH5AFDoUfldXNRMhW0VyAzMJGmkdJhAdIxsnEBY5UTYHTDkYOQ8dOBZmVDdhWXNDQ2RfO1dAcUQBQ0NkGyoIBCxScVYJbEEcUEVxRAFDQ2QFNUNCFUZzX19kXm-ZUQTMSIA0ecUUFVEFlR3NXQWVScVYXPQUmAB4sUnEgQGVGbVZXIUpy
IP 54.230.245.58:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (870), with no line terminators
Hash b11f047fcf9a05cd680fa98170acacc7
6ccd9d359e1e1f3b997370df55033800f6a01f8c
8a9765c9308964e5370ec809bb3eae116296bb34915f4cf27a96dc31d73ec882
GET /iVHdDZnE3GC0ATiAeJ1tGYkZyXkdyHTAJHyRKNwEIDTJ6LxMfD3coBixRNxwVaUdlChA6EH5AFDoUfldXNRMhW0VyAzMJGmkdJhAdIxsnEBY5UTYHTDkYOQ8dOBZmVDdhWXNDQ2RfO1dAcUQBQ0NkGyoIBCxScVYJbEEcUEVxRAFDQ2QFNUNCFUZzX19kXm-ZUQTMSIA0ecUUFVEFlR3NXQWVScVYXPQUmAB4sUnEgQGVGbVZXIUpy HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kultingecauyuksehinkitw.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 628
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FUiNziob0zBps40vrQeP54xUV0YM5vl5WyjKpgV-egVAqbj8zF9d1Q==
X-Firefox-Spdy: h2
megaup.net/sw.js?N0ZHdzhsZH9ECgF1dFUUFWRrVV4PdXQUCAMkakFdByRqQ1xVdmpODA9xahEOUiMiFF1UJSQUXRVqZRRZASV2RwFSa34RDVVrcxIOVGslQg5Ua39AXVN2JRYIBH8kFRobZDQAGhtkMx9dXyc1HkxOLi4bXBkkMg1CFWplRggZc2VbXlYqNBIUUScrBF0bICYbS1Ib
91.209.70.182 40 kB URL megaup.net/sw.js?N0ZHdzhsZH9ECgF1dFUUFWRrVV4PdXQUCAMkakFdByRqQ1xVdmpODA9xahEOUiMiFF1UJSQUXRVqZRRZASV2RwFSa34RDVVrcxIOVGslQg5Ua39AXVN2JRYIBH8kFRobZDQAGhtkMx9dXyc1HkxOLi4bXBkkMg1CFWplRggZc2VbXlYqNBIUUScrBF0bICYbS1Ib
IP 91.209.70.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5849d9d5584d8337c818a2831ae9615
adcd66ed79069368cca2f811c635bbe9fbadc7b6
ce1718e3cbaeea5d88ce8310b7d41e747d6cbded47bb9b732d333ac491e48ab5
GET /sw.js?N0ZHdzhsZH9ECgF1dFUUFWRrVV4PdXQUCAMkakFdByRqQ1xVdmpODA9xahEOUiMiFF1UJSQUXRVqZRRZASV2RwFSa34RDVVrcxIOVGslQg5Ua39AXVN2JRYIBH8kFRobZDQAGhtkMx9dXyc1HkxOLi4bXBkkMg1CFWplRggZc2VbXlYqNBIUUScrBF0bICYbS1Ib HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp
185.76.9.19200 OK 9.3 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp
IP 185.76.9.19:443
ASN #60068 Datacamp Limited
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint58:E2:EC:9A:A1:55:22:20:28:3E:43:7C:0D:B9:0A:67:84:6B:EA:FB
ValidityMon, 27 Feb 2023 07:22:15 GMT - Sun, 28 May 2023 07:22:14 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb03f4e5d663ede8681562a9c16eef8b
04acbb678195a275c6dd299316373dd8e36cb668
f6cab5e8a71d551694a9d2e5defc0f834536c70d7505712438642c72988c34fc
GET /library/522770/04acbb678195a275c6dd299316373dd8e36cb668.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/webp
content-length: 9332
last-modified: Thu, 04 Nov 2021 11:03:44 GMT
etag: "6183be10-2474"
expires: Tue, 24 Oct 2023 19:22:25 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCQ0zyST/Q5XFAA
x-77-nzt-ray: c0a4cc28c1d3ebf668425564a61d6638
x-accel-expires: @1701896357
x-accel-date: 1670360357
x-cache: HIT
x-age: 12948803
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
54.230.245.58200 OK 73 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 54.230.245.58:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Fri, 05 May 2023 17:50:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ly5ymp5Gh1FZsmlqpfkenYwoqeHlK_80N7itZNRC7v6cTgD8npMs_w==
age: 109
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:41 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
workhovdiminatedi.info/dzY1YTFYCVYSDC4GXRloHXxhB1o5ZXRQe05lczRzIFhFKWYAZxMVWBMLDVMETgcER0EeUghSA1FFQQBFAkUIUwFHARMIXxFZCFMXAQsFTwhZBxtUFwILBEdFB1dSXABRRkEVXUoHA1kCRAYMUAZCBgxV
188.114.97.1204 No Content 0 B URL POST HTTP/3 workhovdiminatedi.info/dzY1YTFYCVYSDC4GXRloHXxhB1o5ZXRQe05lczRzIFhFKWYAZxMVWBMLDVMETgcER0EeUghSA1FFQQBFAkUIUwFHARMIXxFZCFMXAQsFTwhZBxtUFwILBEdFB1dSXABRRkEVXUoHA1kCRAYMUAZCBgxV
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /dzY1YTFYCVYSDC4GXRloHXxhB1o5ZXRQe05lczRzIFhFKWYAZxMVWBMLDVMETgcER0EeUghSA1FFQQBFAkUIUwFHARMIXxFZCFMXAQsFTwhZBxtUFwILBEdFB1dSXABRRkEVXUoHA1kCRAYMUAZCBgxV HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Alt-Used: workhovdiminatedi.info
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ELUx7%2FgjnCEu0jPa7KVU8FwkMB2jw9sDtKZJ%2BXKTP%2BLgP%2FT5tkpbS%2BcCL6dIopUcEJRbCZ%2Ff5mZCda3OIEUV3D1rcWj0R%2Fxhv1tboajWQqqvye99KJcdkin%2FVzZeiGY%2BGJ9k1zjIkEj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6afacbfb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjecttheharityhild.buzz
Fingerprint4F:3F:5B:8C:AA:6E:37:C3:45:68:90:BE:2C:8B:F0:01:D7:5F:3F:89
ValidityFri, 05 May 2023 05:15:10 GMT - Thu, 03 Aug 2023 05:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 396
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/utx?cb=asTYc4W0uL8k&top=megaup.net&tid=761186
54.230.111.38204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=asTYc4W0uL8k&top=megaup.net&tid=761186
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=asTYc4W0uL8k&top=megaup.net&tid=761186 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 05 May 2023 17:53:41 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Np20IWiB5Hfz4tPa-RmbWbqeLuC3FXxK_jONvRykwk_OdehPnSBJ_w==
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/utx?cb=81XDxkQnxi15&top=megaup.net&tid=825911
54.230.111.38204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=81XDxkQnxi15&top=megaup.net&tid=825911
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=81XDxkQnxi15&top=megaup.net&tid=825911 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 05 May 2023 17:53:41 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h-HOUq3JJqk4QhImwyJk-lvxeWyrO9JLiPa2uESldINzSijWZXBmlg==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEj5bvL5cARA49z-LZ4KdxW3iKnVlMMZ9VoKrxz3OPDafDIxOdoCYFs2QjfeRLd042b78_L
142.250.74.109302 Found 395 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEj5bvL5cARA49z-LZ4KdxW3iKnVlMMZ9VoKrxz3OPDafDIxOdoCYFs2QjfeRLd042b78_L
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 4c5be9adf105d5cefeafd59d3ca628f6
77769c724558c4853391b82980e6459c91627990
b98142a6561497c45ae8c3abce7a26fa810029e360cc7e6c03c9340c9ec1d3e9
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEj5bvL5cARA49z-LZ4KdxW3iKnVlMMZ9VoKrxz3OPDafDIxOdoCYFs2QjfeRLd042b78_L HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S872758899%3A1683309161148342&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEyMUcps_qqzjEgGx48o--lLLn8U4tsJEQ1rC2OAjhNuUwg93p9PIlrc6iWrDz-mDwKJ3Jl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QMCXCazuK8O3I9sQcHAGRw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:EKNfNU2VFNxT2PQeca9iif9CNhp6_Q:g0bzfcczDsEcWpAg;Path=/;Expires=Sun, 04-May-2025 17:52:41 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHvUcFlA92zs8bQMaoR4xKa_-XOyxC5sbmuUnI5gSU8g5-v9heBgHo1qixzwK2vglDJ_8Hq
142.250.74.109302 Found 391 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHvUcFlA92zs8bQMaoR4xKa_-XOyxC5sbmuUnI5gSU8g5-v9heBgHo1qixzwK2vglDJ_8Hq
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 55b6c9b7ab9a7d23ff33177ca46e8e7b
55f616ba81fef450bb8e1785c4a908c9fdc943c1
b90ca08c38403c5f28505c8a5f367fd800d72369c74e67b4b58050c4a03b3749
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHvUcFlA92zs8bQMaoR4xKa_-XOyxC5sbmuUnI5gSU8g5-v9heBgHo1qixzwK2vglDJ_8Hq HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1560073361%3A1683309161161437&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFB5nGfDyeFj0fgV8mX9ISldGxbSdMPn7U7JxVgZarH7ZhXO9WIu_jVjdU7wt2G9DDa26xh&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-RwmMNYvMnNlY171rSspqLw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:OgkArTX1g_jN834jZtT7ttkvV7J-Gg:udUB9jDE_pHUWcFn;Path=/;Expires=Sun, 04-May-2025 17:52:41 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1683309174713
3.228.155.150200 OK 87 B URL OPTIONS HTTP/2 api.purpleads.io/x/init?ts=1683309174713
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1683309174713 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.4
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzNmdWpvL0RFTVNMQVktS05ZLVRIQy0oVVNBKS1OU3dUY0gtTlNQLVVwZGF0ZTE1My1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:41 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/utx?cb=xg8H2RY2EfTM&top=megaup.net&tid=764141
54.230.111.38204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=xg8H2RY2EfTM&top=megaup.net&tid=764141
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=xg8H2RY2EfTM&top=megaup.net&tid=764141 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 05 May 2023 17:53:41 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v7rP8qNpRRZiQ73GwUATitXohCLOyuHymkB9yQ7oQgFPYSJeqKS-sQ==
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/multi?cs=Q1pBUmJ1aHhlUnNqcWVbdmh0Y1Y&abt=0&red=1&sm=76&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_ej6N=1683309175096&crc=1
54.230.111.38200 OK 1.6 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/multi?cs=Q1pBUmJ1aHhlUnNqcWVbdmh0Y1Y&abt=0&red=1&sm=76&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_ej6N=1683309175096&crc=1
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3355), with no line terminators
Hash 389ba1ee3faf9eb80eda9d01fd86d053
fc8db5c253f8e2a03761374f28b8cfbea6d206e9
397bc9e8761a728874154c62c4481713a8ea3fb9f954f59de8308a5b420074ae
GET /multi?cs=Q1pBUmJ1aHhlUnNqcWVbdmh0Y1Y&abt=0&red=1&sm=76&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_ej6N=1683309175096&crc=1 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1594
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=33f6b7a3-bcac-466a-89e5-b4495dfa43fa
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y4K9ZO4S9v9seFa5ADGH_AS8gIAhPajJigGZhWt6R0Vfu7-zo6GV9w==
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/utx?cb=KILJsRFw2Hfd&top=megaup.net&tid=876318
54.230.111.38204 No Content 0 B URL GET HTTP/2 kultingecauyuksehinkitw.info/utx?cb=KILJsRFw2Hfd&top=megaup.net&tid=876318
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=KILJsRFw2Hfd&top=megaup.net&tid=876318 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 05 May 2023 17:53:41 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zKaXsxGHqGcn5U63ZGsfFWPcihvtzHhXtLtbXE4NGAj80Y42E3NnZA==
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjecttheharityhild.buzz
Fingerprint4F:3F:5B:8C:AA:6E:37:C3:45:68:90:BE:2C:8B:F0:01:D7:5F:3F:89
ValidityFri, 05 May 2023 05:15:10 GMT - Thu, 03 Aug 2023 05:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Referer: https://megaup.net/
Content-Length: 355
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjecttheharityhild.buzz
Fingerprint4F:3F:5B:8C:AA:6E:37:C3:45:68:90:BE:2C:8B:F0:01:D7:5F:3F:89
ValidityFri, 05 May 2023 05:15:10 GMT - Thu, 03 Aug 2023 05:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Referer: https://megaup.net/
Content-Length: 354
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/floater?cs=bktzWUtefUFpel9%2BSm54V3lFYH0&abt=0&red=1&sm=83&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_rhZF=1683309175095&crc=1
54.230.111.38200 OK 2.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/floater?cs=bktzWUtefUFpel9%2BSm54V3lFYH0&abt=0&red=1&sm=83&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_rhZF=1683309175095&crc=1
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3930), with no line terminators
Hash 8687239ff4994f6f35e47743846ad27e
43eee59d91c1ceef43a741c4f5dd71b4d12b700b
655fce2b1e4a3b722df23cb246a985af91d5958eb856d4af9e25791585bc6655
GET /floater?cs=bktzWUtefUFpel9%2BSm54V3lFYH0&abt=0&red=1&sm=83&k=download%20file%20demslay%20nswtch%20update153%20ziperto&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_rhZF=1683309175095&crc=1 HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2030
date: Fri, 05 May 2023 17:52:41 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=bbe0d5c4-d575-4f41-9cdc-ad6f1290c3cb
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JxFN6Z0eTrXDZXRicHM6xe14ihOkkp3ml_VGypc_t0P1ceoRMTpywQ==
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.158.17200 OK 74 kB URL GET HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.158.17:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subject4dsply.com
Fingerprint31:FD:E2:5E:52:27:E7:39:C7:DB:EA:A6:84:8F:4E:0E:48:82:BF:5C
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (64095)
Hash d9680a8b6dd084541c5535de7ab0d7b3
e6266a32e686af8d10692d5f63cfca7e1e4c63f2
23055aa8c9d853033c5dc8ad32b6366a72c393288d4d2368fbd47f3cd275fb05
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Fri, 05 May 2023 17:45:49 GMT
cf-cache-status: HIT
age: 108
expires: Fri, 05 May 2023 18:07:41 GMT
server: cloudflare
cf-ray: 7c2ad6b1682c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint41:4F:6A:6E:28:C5:B0:0A:0D:CD:46:9A:2B:DA:3E:54:9C:D7:75:E6
ValidityWed, 31 Aug 2022 00:00:00 GMT - Thu, 31 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2205
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7c2ad6b46be1b4f9-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.84.158204 No Content 0 B IP 147.75.84.158:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1641
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Fri, 05 May 2023 17:52:41 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageReferrer=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
185.255.84.151200 OK 179 B URL POST HTTP/2 hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageReferrer=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
IP 185.255.84.151:443
ASN #200271 Iguane Solutions SAS
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subjectomnitagjs.com
Fingerprint2A:15:BB:D7:C8:C4:82:F5:8E:87:59:17:B9:2C:B5:8E:12:AC:26:E3
ValidityTue, 21 Jun 2022 00:00:00 GMT - Fri, 21 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash e4ed606e87a936e0d62dab199a14b99a
13982d91d1f2962af60d304b131983632ec10b85
3d68f222fe27f4a6215ac883f5737ca82f23ea7f04d87b10b2028c30a39d0f7e
POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageUrl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&PageReferrer=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 752
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://megaup.net
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=c7deffdaca277a7e075c8ac939932ce9; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 05 May 2023 17:52:41 GMT
content-length: 179
x-envoy-upstream-service-time: 3
server: ayl-lb-fra02
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-05-04.js
104.26.2.51200 OK 101 kB URL GET HTTP/2 cdn.prplads.com/prebid-2023-05-04.js
IP 104.26.2.51:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint44:46:5A:F0:A0:B0:25:70:06:3F:E4:EB:02:D5:A2:67:7A:E3:7D:0E
ValidityWed, 19 Apr 2023 12:34:16 GMT - Tue, 18 Jul 2023 12:34:15 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 101 kB (100803 bytes)
Hash b64d7044c9320ed4c34a0091731471ed
893d49cc19c21de82edcdf3211c1941df83d1731
5d3c829b372606e0b17bccc65a0111199593bfec11e61b808610173cad11d093
GET /prebid-2023-05-04.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=335064
etag: W/"9b3f8b7fe908cdb21e8c7a080015cc62"
last-modified: Thu, 04 May 2023 08:04:59 GMT
x-amz-id-2: HhOzSE6LyNLxApw1wgcMqiZqKwjUlVXympV2psRgdaU9SCXm5DkVygbp7lSjH9tI0y2f4hDwPAo=
x-amz-request-id: EMM43EHB4TQGAVJG
cf-cache-status: HIT
age: 110850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwON54zMOtM9cnjXjN757wTOMx%2F4ZIg2H44pDfZmWtc1tzU%2FIxUQHJGL1kTEzRM68A4EkQUARHu%2Bz1%2BXHya17fqqjU1koXKIqIqUerktkqTEGUa2iWObyNtTj5s2BWckFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b2dda3b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
Fingerprint3B:2C:BC:39:64:F4:D4:D0:E1:70:EB:66:ED:61:AD:94:83:40:3A:DB
ValidityWed, 23 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 17:52:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 45526
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj4LJ%2F0%2F07ZD4scq%2B8It7%2F5RuljSsiFQLxXMv6%2Fc%2BRQGrAU8XIiE%2FKTXWr%2FYrA5fzH%2F%2FT6%2B0z6Fgz3KJFtny0wmGwH8Zn0eQcbfgBENHF%2BFQZNynlx%2BePnGeDBceBb%2FB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c2ad6b58ebefac0-OSL
Content-Encoding: br
cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
104.26.2.51200 OK 21 kB URL GET HTTP/2 cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 104.26.2.51:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint44:46:5A:F0:A0:B0:25:70:06:3F:E4:EB:02:D5:A2:67:7A:E3:7D:0E
ValidityWed, 19 Apr 2023 12:34:16 GMT - Tue, 18 Jul 2023 12:34:15 GMT
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 79cea47591e18d8c6429265f01291bd5
b5415851db8c001413f74c738208a73caad1fd56
556db985798c276c08309eec981a0272ce7ab0cb13bda90a7baec1124787c840
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"ff70d9f9fae24229f0d0a396a41b49da"
last-modified: Thu, 04 May 2023 11:04:59 GMT
x-amz-id-2: TtrD3RQ9oUFwIK+geFimuyZ5kFCm38ESxEUZPzVrXN4bOUKC3ZrIaQ2XSdD7wwvjG3xUQl1qxXk=
x-amz-request-id: EMM33KCCWV1526KF
cache-control: max-age=86400
cf-cache-status: HIT
age: 2778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU7ys1OafEeicU9mNAjeyGmMQBmyFtXoihnWpVICZEVTJp43O43vziF47%2FArdtY77tjNv8ua8Fcg6cJopDeGnwuiL3rFyNzafCO%2F%2BNU6xb%2FphVlKsayW3l%2Fevv%2FUF7WHFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b2cd9bb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:42 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b73a9ab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
4.adsco.re/
162.252.214.5 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 17:52:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
engine.4dsply.com/Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=89130&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=981&res=1280x1024&curl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&kw=demslay%2Ckny%2Cthc%2Cusa%2Cnswtch%2Cnsp%2Cupdate153%2Cziperto%2Crar%2Cdownload%2Cfile%2Cupload%2Cmp3%2Cavi%2Czip
104.16.158.17 1.0 kB URL GET engine.4dsply.com/Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=89130&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=981&res=1280x1024&curl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&kw=demslay%2Ckny%2Cthc%2Cusa%2Cnswtch%2Cnsp%2Cupdate153%2Cziperto%2Crar%2Cdownload%2Cfile%2Cupload%2Cmp3%2Cavi%2Czip
IP 104.16.158.17:0
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subject4dsply.com
Fingerprint31:FD:E2:5E:52:27:E7:39:C7:DB:EA:A6:84:8F:4E:0E:48:82:BF:5C
ValiditySat, 01 Apr 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (2031), with no line terminators
Hash 1b8e7597aa682e67fa5418352d3436de
00dd74717d8bbd6286cd6f22eb80bc4dc2681909
308172d0055a368233b45591b604479bf13ba2fbfe8058586fb8ef5a9a9e4a3c
GET /Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=89130&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=981&res=1280x1024&curl=https%3A%2F%2Fmegaup.net%2F3fujo%2FDEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar&kw=demslay%2Ckny%2Cthc%2Cusa%2Cnswtch%2Cnsp%2Cupdate153%2Cziperto%2Crar%2Cdownload%2Cfile%2Cupload%2Cmp3%2Cavi%2Czip HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:43 GMT
content-type: application/json; charset=utf-8
cf-ray: 7c2ad6c01818b50b-OSL
access-control-allow-origin: *
cache-control: private, no-transform
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="CAO PSA OUR IND"
set-cookie: IKSR={}; path=/; SameSite=None; secure
__INF_CC=; expires=Tue, 25-Apr-2023 17:52:43 GMT; path=/
INF_DFL8=false; path=/; SameSite=None; secure
IUID=44597aff-1052-4b10-9824-93abc8e02058; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure
ISSH=6B0F8C; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
CHN=#[]; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Fri, 05-May-2023 21:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{"22494":[{"SId":"6B0F8C","D":"23/5/5T10:52:43"}]}; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[22494]; expires=Thu, 05-May-2033 17:52:43 GMT; path=/; SameSite=None; secure; HttpOnly
x-adscore-status: null
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
static.serve-servee.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
172.64.131.18200 OK 6.3 kB URL GET HTTP/2 static.serve-servee.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
IP 172.64.131.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:F4:6D:CB:77:34:5B:81:93:D5:4D:A0:AC:62:B8:EA:AB:A6:7E:14
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 93e3c260245c2a1ad4b63df4c0ebf5a3
2ccb84898f62cf17a23c5841a8f29910364e2ee5
7f191166957890d1faa9d85dd48ee615b59556b1cba4b4847920db9d05ea8fc6
GET /n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:44 GMT
content-type: image/jpeg
content-length: 6311
last-modified: Fri, 07 Apr 2023 23:14:18 GMT
accept-ranges: bytes
etag: "6430a3ca-18a7"
cache-control: max-age=86400
x-hw: 1683309164.cds298.lo4.h2,1683309164.cds201.lo4.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C46wgabbV43KEYH4aykUuQ0bv5ZT%2FJh63uX9S%2FlsV1%2B0HuuwpJsskFZ0zXqy3t9ZX%2BRyizetnw55S6yZH%2BEOtO9xm17w0TzRTOZTFoW%2Fg3N%2BJbxEsjFWZIZeHvyJysB6k78JOtMJBvtOHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6c35c924167-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=1&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&demand=unifiedPb&ts=1683309178826
3.228.155.150200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&demand=unifiedPb&ts=1683309178826
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v2/b/?idx=1&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&demand=unifiedPb&ts=1683309178826 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:44 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186 27 kB IP 104.17.166.186:0
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint41:E8:B6:73:76:84:BF:F4:F7:36:CE:88:E3:48:7B:FF:4E:47:4A:43
ValidityFri, 16 Sep 2022 00:00:00 GMT - Fri, 29 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash 7f8aa1f2bc14e58093cbed973afa8141
88c27b380b4c903e6115b8625991a011182baa13
e36f1580b12ec6922cff8b0e0fe1d4f4105b42a30d20c0888f50cf195d74f6e3
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Alt-Used: c.adsco.re
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 05 Jun 2023 17:52:41 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 1978188
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b63940b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.adsco.re/
104.17.166.186 27 kB IP 104.17.166.186:0
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint41:E8:B6:73:76:84:BF:F4:F7:36:CE:88:E3:48:7B:FF:4E:47:4A:43
ValidityFri, 16 Sep 2022 00:00:00 GMT - Fri, 29 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash 7f8aa1f2bc14e58093cbed973afa8141
88c27b380b4c903e6115b8625991a011182baa13
e36f1580b12ec6922cff8b0e0fe1d4f4105b42a30d20c0888f50cf195d74f6e3
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: c.adsco.re
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:42 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 05 Jun 2023 17:52:42 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 1978189
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b71a74b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
static.serve-servee.com/n337/ad/192x192_KqUUC9O6MHw77v2oLGCJ.jpeg
172.64.131.18200 OK 6.9 kB URL GET HTTP/3 static.serve-servee.com/n337/ad/192x192_KqUUC9O6MHw77v2oLGCJ.jpeg
IP 172.64.131.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:F4:6D:CB:77:34:5B:81:93:D5:4D:A0:AC:62:B8:EA:AB:A6:7E:14
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 316081929473623da65ba578c61180c3
c8e70eecd0c9e1b8d4e1d092f7ef3be02eaff65a
623137639eccb4f0279e1baf130284dc3875fcb52b935bc01fb34140c6192761
GET /n337/ad/192x192_KqUUC9O6MHw77v2oLGCJ.jpeg HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: static.serve-servee.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:47 GMT
content-type: image/jpeg
content-length: 6883
last-modified: Fri, 07 Apr 2023 23:12:25 GMT
accept-ranges: bytes
etag: "6430a359-1ae3"
cache-control: max-age=86400
x-hw: 1683309167.cds224.lo4.h2,1683309167.cds229.lo4.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWUe0QhcSXGiUnhVKaTUdYNGuaYc8iudM2rSJojDsxcuO1fsHhPxJldjJD%2Bu%2BjLJ8JTrVjGpoVcgFgbnZEIPR2eECwtc4hWWyKG0zESiFnyKZ9ap%2B4Zg31g8A6wTWLQfX%2F0UAkEP1IW7Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6db3de94970-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 96 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32341)
Hash 8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
xml.serve-servee.com/thumbnail?i=vmguufoRhKY_0&p=1683309161.220815&imgt=icon
172.64.131.18302 Found 6.9 kB URL GET HTTP/3 xml.serve-servee.com/thumbnail?i=vmguufoRhKY_0&p=1683309161.220815&imgt=icon
IP 172.64.131.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:F4:6D:CB:77:34:5B:81:93:D5:4D:A0:AC:62:B8:EA:AB:A6:7E:14
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=vmguufoRhKY_0&p=1683309161.220815&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: xml.serve-servee.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 05 May 2023 17:52:47 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/192x192_KqUUC9O6MHw77v2oLGCJ.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBQhahit5iE1tQcimXn7OsXXc2wrFUogXY%2BTSClUojhpSGpSBVShbOVxukHxHoUVl23DdHIzjNMbZ5qq0GLEfhxJ5rWVOSqObtfV6SzdM2nep8HNZwVu9BJPjDQKJ4BhTJFQCM%2BwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6da3cb14970-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
last-modified: Fri, 05 May 2023 17:04:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALQgi%2FxHdvCSQD%2FNgwHLTB5IZqAA8Mt27eZ2Z9%2BEl24SSAgwl8EGeCH%2FwxAATtd9oo5veNVStN%2FlUsO0GJoCbI0QrmiZHMchNoYQa1DvkaEmF3EhD3rGt9W9Q5pUGM%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b0e8f6768c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 27 B IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 30a4b8b7b21d1968bf87a19aefa7894a
39adab57486ebd8b8e0c97a2dfb6a9ea8dea3aee
f862c719fbc2e0e2a810593c1731caaf33e582b23c23e615a57cf78ef7356833
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/plain
set-cookie: csu=1138556634951957@1@1683309161; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15mJIiahaYFwMcwN3ZOQiFf1R2T8j7IB4L6yla8EJhMluwfTWRJSWorV14zUArIxf9PTHnxD6GSztBDhjomfUJDa9R2HbRW3lei%2FfPlTgOK6kDglyPz9roHsl70gi1jk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6b0e905768c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
workhovdiminatedi.info/Z2VmdDdIWgUHCigwAhVlMSQsF2APVD8lXx48VT5dJi0wB1EgPEAAXgNYXkYCXlRXUkcOAVtHBUEWEhVDEhZbRgdXUkAdWQEKW0YREVhWWg5JVEhBERJYV1JDFwQBSQZBFRIAW1pUUEwEVFVfRQBTV1VA
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/Z2VmdDdIWgUHCigwAhVlMSQsF2APVD8lXx48VT5dJi0wB1EgPEAAXgNYXkYCXlRXUkcOAVtHBUEWEhVDEhZbRgdXUkAdWQEKW0YREVhWWg5JVEhBERJYV1JDFwQBSQZBFRIAW1pUUEwEVFVfRQBTV1VA
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z2VmdDdIWgUHCigwAhVlMSQsF2APVD8lXx48VT5dJi0wB1EgPEAAXgNYXkYCXlRXUkcOAVtHBUEWEhVDEhZbRgdXUkAdWQEKW0YREVhWWg5JVEhBERJYV1JDFwQBSQZBFRIAW1pUUEwEVFVfRQBTV1VA HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAjNg2gEZqZ4rXVih%2BSt5SMdIppvy8dGWji1Chk4wCuJo1TnQZdyMV5uTiee%2FK%2Fi1Uo59lgFJvbgs%2Fno2%2Bbw5Qhec53wXVFNKJjwKtegH6wcka5cw2dLZXiWVpwlTRD68KoitHlc%2F9c4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa4ff01c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
91.209.70.182200 OK 21 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
91.209.70.182200 OK 23 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash f8398a4ad2442f1943b62d93f89249b6
280150fc79d01a95808b1c16ca8749e8d8cda85e
7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
nativiser-prebid.smart-hub.io/pbjs
0.0.0.0 0 B URL POST nativiser-prebid.smart-hub.io/pbjs
IP 0.0.0.0:0
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoDaddy.com, Inc.
Subject*.smart-hub.io
Fingerprint03:66:24:78:C7:E7:67:6E:9C:7D:BF:51:11:F9:1F:E8:24:B8:35:DC
ValidityThu, 29 Sep 2022 07:40:18 GMT - Thu, 05 Oct 2023 07:12:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pbjs HTTP/1.1
Host: nativiser-prebid.smart-hub.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 484
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 3.7 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (3795), with no line terminators
Hash 984d21bc996f9907b59b8e80308d1d33
6d00958737d36f4d07a0920a303d230dad004a43
94ca9c89c3f698aa1a6247d089d9d866002358183a4e8376eba5452cb5182f1f
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 118 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Size 118 kB (117787 bytes)
Hash 26bfa8a47d74b90e1fc4632710026e85
2993c7f968fb5e5be8d256d5c7271fe64c87326d
69c6352bd7a8de550563a81b40dab2234fa30ff0ae9e90a8b5c896dea033ca3b
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963
3.228.155.150200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 339 B URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (375), with no line terminators
Hash e60adfdae6f5cf19011dbe4154390a71
e91fc65490f58b7072d25b8edeed4b213e72ad96
0633957c46201ad0d4143ecfcb0c12d9c400a8edadb2670026573d8f8c2ba2f2
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 26 B IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 556408dd7808f2bd512cdedb5f5c1721
600890b74919fbfd6abe5e3f9cfa299f6dfd404b
5b39cc07d37ed9011615ee2829944958961ffed0751fd37283b179971b81f051
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/plain
set-cookie: csu=619832100362714@1@1683309161; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHHp2zCvShbIkilr%2B72HCA%2FmmBvPTfXgSY0vK7GWPlg9XCL3Oa6WO7lmlyAotWAEuaKeFqXaXOYYKFjnsqtGuYfEtoZ8BV02Lfm50glz9VpmqlQTjr3PUUCDNmkMtyYX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6b0e914768c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 5.3 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (5466), with no line terminators
Hash 84f8554400d04b9a321a8f255455db13
2769a1ca8116367636343875b340505939ceff71
43958ee1d314b9876d5cd635dfd55f2b14aaacb83ee73ee276c1a96120d6dfd0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 8.9 kB URL GET HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (9015), with no line terminators
Hash 80d5abc1a138e0bd813ef3c0175406a8
4f81606ecb7eb2a0d950a56c4feb97bc5e2833f6
f96c1b2b44a8462c6ac4b47fa8e79da5c929f610c49abfc0e9ac38e070d5b724
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
143.204.55.67200 OK 75 kB URL GET HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 143.204.55.67:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 21906
last-modified: Thu, 04 May 2023 11:04:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Fri, 05 May 2023 11:05:03 GMT
etag: "ff70d9f9fae24229f0d0a396a41b49da"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MgLgqnNbi7RuCiVhPZJpnB_SfJMs8qtwTylfCGfX_kWgn5MDu7fyHw==
age: 24457
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/a3NMakcKES8HeApOLkwyGR9xT3UtVn4sIwYeNgEhD0t+HSYSHWIJKwQGKAw1BB04RCkOB2lYARI+fFJyMTYgOw4tEA8OLAgeFDwrTkEOKB8YOhkiID05GQULIUMCExY6RykMBi0gARA3Gz8aCQoOHictDxMyNjx0IjkdAxE4OhpfHQlCFQIQBx94LBReFw4EFiMSGVoSIR8kExIcNmlYATMJJDwGL0oZIy9TIQcrcwIlJF4gMwoCMxYzB30PLw8mLisBTkEKLxUTRw0HKCA5IR0FDUIZJA1bKn8iATFGH1kkOzx/Ug8KFCMHJSo1aVgBOAsGGQYqRwU8DyoXKhJqKTEpHQoEKw0JLjM0IyYOBQAIDCAHJikrCU5BDiIBMUYaOR0nMh9TJCULND0DHDlpWAUoNjxfAT8cCTwWTRk/BSkbTjQAECQ9Jz00MREiAnQxOg
54.230.111.38200 OK 3.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/a3NMakcKES8HeApOLkwyGR9xT3UtVn4sIwYeNgEhD0t+HSYSHWIJKwQGKAw1BB04RCkOB2lYARI+fFJyMTYgOw4tEA8OLAgeFDwrTkEOKB8YOhkiID05GQULIUMCExY6RykMBi0gARA3Gz8aCQoOHictDxMyNjx0IjkdAxE4OhpfHQlCFQIQBx94LBReFw4EFiMSGVoSIR8kExIcNmlYATMJJDwGL0oZIy9TIQcrcwIlJF4gMwoCMxYzB30PLw8mLisBTkEKLxUTRw0HKCA5IR0FDUIZJA1bKn8iATFGH1kkOzx/Ug8KFCMHJSo1aVgBOAsGGQYqRwU8DyoXKhJqKTEpHQoEKw0JLjM0IyYOBQAIDCAHJikrCU5BDiIBMUYaOR0nMh9TJCULND0DHDlpWAUoNjxfAT8cCTwWTRk/BSkbTjQAECQ9Jz00MREiAnQxOg
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3053), with no line terminators
Hash 7912db08bd6b59cf4b1fc1fe5d5b405d
6698f62b33ac55ff4743a0d81e15af9bb49d0ecc
0c1d1f5368d37aa48881b8b02e1b9b02b1b086d8832ef1ecb7d9c8e98a1fb1fd
GET /a3NMakcKES8HeApOLkwyGR9xT3UtVn4sIwYeNgEhD0t+HSYSHWIJKwQGKAw1BB04RCkOB2lYARI+fFJyMTYgOw4tEA8OLAgeFDwrTkEOKB8YOhkiID05GQULIUMCExY6RykMBi0gARA3Gz8aCQoOHictDxMyNjx0IjkdAxE4OhpfHQlCFQIQBx94LBReFw4EFiMSGVoSIR8kExIcNmlYATMJJDwGL0oZIy9TIQcrcwIlJF4gMwoCMxYzB30PLw8mLisBTkEKLxUTRw0HKCA5IR0FDUIZJA1bKn8iATFGH1kkOzx/Ug8KFCMHJSo1aVgBOAsGGQYqRwU8DyoXKhJqKTEpHQoEKw0JLjM0IyYOBQAIDCAHJikrCU5BDiIBMUYaOR0nMh9TJCULND0DHDlpWAUoNjxfAT8cCTwWTRk/BSkbTjQAECQ9Jz00MREiAnQxOg HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n4000h5FX2cSncBpJxri1ydIqeBxJ5QpqdQmrZQ5Xkkvgh35vzEfrA==
X-Firefox-Spdy: h2
xml.serve-servee.com/thumbnail?i=jABdK9RQwDw_0&p=1683309161.220815&imgt=icon
172.64.131.18302 Found 6.3 kB URL GET HTTP/2 xml.serve-servee.com/thumbnail?i=jABdK9RQwDw_0&p=1683309161.220815&imgt=icon
IP 172.64.131.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:F4:6D:CB:77:34:5B:81:93:D5:4D:A0:AC:62:B8:EA:AB:A6:7E:14
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=jABdK9RQwDw_0&p=1683309161.220815&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 05 May 2023 17:52:44 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZBmL6uKuJHhp1nW%2BE6fM2BLMgfh98mqse0%2FBJjDx%2FfRCMHnsDJJsQ1QEfONLIrH5DEJVFNo8IBwIk7RFaqePE9Ney62RdmdWq8pu3nwQLlX3gx5gfH3Ms3mfHwHDX76a%2Fx9dHegQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6c24ada4167-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 4.2 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (4394), with no line terminators
Hash 07d7abfc2a0b542f84b84f090361b81f
ba07801dd09cbaaf882acc40f96449ea5edb878a
57c815c1f2e67478932fca8e2311f7b9308ec3fdea93379ca7b61559fc67caaa
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
91.209.70.182200 OK 53 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 70 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (768)
Hash 737f853e9fd6a31d62f5028e88663c9f
cf144f2ab49f53a69fbfe10d3588fc23437d2736
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
workhovdiminatedi.info/TmY3d0hhWVQEdS8uXwQsJChuJA4iJHUhMAwwYkMKGzMOLhkfPxEDISpbDkNxdlADUTgnAgpGcGgVQxY8OxUKRm4nCFEYdWgQCkZmfkgFWXtoEwpGbjoWVhB1f0BHAzwiWwZBcH1VB055eVIFQ3A
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/TmY3d0hhWVQEdS8uXwQsJChuJA4iJHUhMAwwYkMKGzMOLhkfPxEDISpbDkNxdlADUTgnAgpGcGgVQxY8OxUKRm4nCFEYdWgQCkZmfkgFWXtoEwpGbjoWVhB1f0BHAzwiWwZBcH1VB055eVIFQ3A
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TmY3d0hhWVQEdS8uXwQsJChuJA4iJHUhMAwwYkMKGzMOLhkfPxEDISpbDkNxdlADUTgnAgpGcGgVQxY8OxUKRm4nCFEYdWgQCkZmfkgFWXtoEwpGbjoWVhB1f0BHAzwiWwZBcH1VB055eVIFQ3A HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMXfSIN5WhPjjuetc6i0dRH4rRT5uaUrwK1Bcp%2FpwYPD0SSTtTgtzw3gSi5q4BrnbRniUjOxGS0t4w1lzFpYHstCE2qigldJUJRtkqJq7dJqaqp%2B%2BVsSrx6xkHdrlBKcO0qtShSnhgHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa78161c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 1.2 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash e95c130b43ef6c32b9c9459aff5706c1
51b8b0d3ae3eabd9c31e65098acfa9ba18e9bb30
6c3dde0843949903d807800c8d6706e357fd762d29885946bacac881d4abfb35
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:41 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 2.5 kB URL GET HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2582), with no line terminators
Hash a695bcdeef4ab1f27d01d2175ab9ddcd
442e6298bf7092455528a2b81e721aaf7a72ef09
ac92521ad4d3d0191d63ce8dda671b9e78c7c7e1d5f0b3fb2cf5424461f3f315
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 9.3 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (9459), with no line terminators
Hash e703222aaa30359454a64b070b20b7a5
bbe0de722f2f9eb912ba3fc0d960e35b3ef58b4e
917390ec2f9d9d63aaa67ee2078e601f84538945732e4a89d3be346728f80fca
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
91.209.70.182200 OK 2.8 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (3129), with no line terminators
Hash 51c9993916aaff91429614ae79394a6b
51383b05a8ada15406d7eff96fc706c47cfb581b
7c418339961aab6dec877ed3760307367e9deea17a1fbd175e611c215e48634f
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 5.4 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (6528), with no line terminators
Hash 86379ef62388dc773f0c909c8678823c
5eff5eeda891aeb71ef023ab40006f5e9be33642
4152201489950049e566388267c82b03eda1810018354b17055593f250d1e658
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/UXB5SzkwEhomBjBNG21MIxxEbgsXVUsNXTwdAyBfNUhLPFgoHlcoVT4FHS1LPh4NZVc0BFx5f2IRIQJBMicSAHEHSCEdUWESLx5BACgsOHMDQUgbfhQ5HAlBPSAhLHxkOwMFagI2Hn1wBD1IB2phRywNWjU1ARJ0ACVBDXxgSC4dfGkoITNzBCc/GWgXIQ0eazkTPAh/ABYhLEoQMit+aAc2Cj1rKUk7H38lMz4aVQgnPyh6HEABKWg9QCAJQSY7Pw53CzUsJHEdHEAvbyY5Ax9/JTMoPF0cJxMGeAAmOwNoORgsHAg6Ji8JcBIyFSh9H0ENEWgmXT8JbhccPQ18Hyo9M00VNjhzfhIYKw91YBg9Cn9oKi08WhwhOG1TIh8XOwQ+ACkJeDJJSBhqIzQ9D3Aw
54.230.111.38200 OK 3.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/UXB5SzkwEhomBjBNG21MIxxEbgsXVUsNXTwdAyBfNUhLPFgoHlcoVT4FHS1LPh4NZVc0BFx5f2IRIQJBMicSAHEHSCEdUWESLx5BACgsOHMDQUgbfhQ5HAlBPSAhLHxkOwMFagI2Hn1wBD1IB2phRywNWjU1ARJ0ACVBDXxgSC4dfGkoITNzBCc/GWgXIQ0eazkTPAh/ABYhLEoQMit+aAc2Cj1rKUk7H38lMz4aVQgnPyh6HEABKWg9QCAJQSY7Pw53CzUsJHEdHEAvbyY5Ax9/JTMoPF0cJxMGeAAmOwNoORgsHAg6Ji8JcBIyFSh9H0ENEWgmXT8JbhccPQ18Hyo9M00VNjhzfhIYKw91YBg9Cn9oKi08WhwhOG1TIh8XOwQ+ACkJeDJJSBhqIzQ9D3Aw
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash e50d0ee0cc809da3754bc2784088b283
a05609129a2fb434fef6a0bc29a2a0e5a1f547dc
399417899f060fc22dd94bd046f40a752d138277b482802bd8110418812aad51
GET /UXB5SzkwEhomBjBNG21MIxxEbgsXVUsNXTwdAyBfNUhLPFgoHlcoVT4FHS1LPh4NZVc0BFx5f2IRIQJBMicSAHEHSCEdUWESLx5BACgsOHMDQUgbfhQ5HAlBPSAhLHxkOwMFagI2Hn1wBD1IB2phRywNWjU1ARJ0ACVBDXxgSC4dfGkoITNzBCc/GWgXIQ0eazkTPAh/ABYhLEoQMit+aAc2Cj1rKUk7H38lMz4aVQgnPyh6HEABKWg9QCAJQSY7Pw53CzUsJHEdHEAvbyY5Ax9/JTMoPF0cJxMGeAAmOwNoORgsHAg6Ji8JcBIyFSh9H0ENEWgmXT8JbhccPQ18Hyo9M00VNjhzfhIYKw91YBg9Cn9oKi08WhwhOG1TIh8XOwQ+ACkJeDJJSBhqIzQ9D3Aw HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1164
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P3jT-2BsWG1BnIWAgiCOI1ToON7zDEA4ELGS86ROmEnaAOtktgrlxQ==
X-Firefox-Spdy: h2
workhovdiminatedi.info/dmJBU1FZXSIgbDhSDwQHRjsCMDxPDiUkZEc7Fh1jNwwbPTNFL2cnOBJfdmVgR1p3dSEfBnxidwUWICckBV9wdTgYBC5udwBfcH1iQkxyYX9ERDRuYFAWMTI2S1NnIyUCDnxiZ05RcmNoR1V1YWBP
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/dmJBU1FZXSIgbDhSDwQHRjsCMDxPDiUkZEc7Fh1jNwwbPTNFL2cnOBJfdmVgR1p3dSEfBnxidwUWICckBV9wdTgYBC5udwBfcH1iQkxyYX9ERDRuYFAWMTI2S1NnIyUCDnxiZ05RcmNoR1V1YWBP
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmJBU1FZXSIgbDhSDwQHRjsCMDxPDiUkZEc7Fh1jNwwbPTNFL2cnOBJfdmVgR1p3dSEfBnxidwUWICckBV9wdTgYBC5udwBfcH1iQkxyYX9ERDRuYFAWMTI2S1NnIyUCDnxiZ05RcmNoR1V1YWBP HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJkSGnqcG8g2ctArwEnRUJQJ3Y2P2hheiOUQs%2BRiUW6SNa%2BJaBTkDNY2neX5aOWgvXf7X76encvwkSwkIweo1genpC4vIveZ9xyzsA5VPuzOqGRPkVskR%2BaVCmejnAeKoI%2B5Aa%2Fx%2F3Oe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa4fe71c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEj5bvL5cARA49z-LZ4KdxW3iKnVlMMZ9VoKrxz3OPDafDIxOdoCYFs2QjfeRLd042b78_L
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Jh1QhP5UV7L-V1llrFOcpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:0acShV-BgHj00_kf1OvXkZegncR-sg:pZ87CWxKblXIMNz2; Expires=Sun, 04-May-2025 17:52:41 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 80 kB IP 104.17.166.186:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.adsco.re
Fingerprint41:E8:B6:73:76:84:BF:F4:F7:36:CE:88:E3:48:7B:FF:4E:47:4A:43
ValidityFri, 16 Sep 2022 00:00:00 GMT - Fri, 29 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash 70c3efa6f7778c31dd969a62b9836db7
42c5ecc44c26f6e121b11711cc72cab20390b128
4dfbe54cd0d883df19cb2fead29e32505dd6ae88afa3f41671c577fecc092b2e
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Alt-Used: c.adsco.re
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 05 Jun 2023 17:52:41 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 1978188
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b63940b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.exdynsrv.com/ad-provider.js
205.185.216.42200 OK 88 kB URL GET HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP 205.185.216.42:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint54:0A:66:69:27:EA:63:01:A0:42:9B:75:C5:75:97:C3:19:3C:EC:0F
ValidityMon, 27 Feb 2023 07:27:23 GMT - Sun, 28 May 2023 07:27:22 GMT
File type ASCII text, with very long lines (54191)
Hash 678829220dd6d086dd8f3b3b81ad9c09
5edd88b11d181710b873d5701fc9d19a6bd06f2c
f2e8e0e40ecf4ae40484258a63f79356229e5e6b2a901f469a506115c112bfc8
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 17:52:40 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 28967
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"5edd88b11d181710b873d5701fc"
X-HW: 1683309160.dop205.sk1.t,1683309160.cds016.sk1.shn,1683309160.dop205.sk1.t,1683309160.cds246.sk1.c
Access-Control-Allow-Origin: *, *
accounts.google.com/v3/signin/identifier?dsh=S872758899%3A1683309161148342&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEyMUcps_qqzjEgGx48o--lLLn8U4tsJEQ1rC2OAjhNuUwg93p9PIlrc6iWrDz-mDwKJ3Jl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S872758899%3A1683309161148342&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEyMUcps_qqzjEgGx48o--lLLn8U4tsJEQ1rC2OAjhNuUwg93p9PIlrc6iWrDz-mDwKJ3Jl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S872758899%3A1683309161148342&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEyMUcps_qqzjEgGx48o--lLLn8U4tsJEQ1rC2OAjhNuUwg93p9PIlrc6iWrDz-mDwKJ3Jl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Alt-Used: accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-E0yVqxWQtYYuCuKeJ-ufTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
kultingecauyuksehinkitw.info/YnpTdEMDGDAZfANHMVI2EBZuUXEkX2EyJw8XKR8lBkJhAyIbFH0XLw0PNxIxDRQnWi0HDnZGBQstBgQPLwACQgkxLAU3OlIQHwN3Lxg9DHcjHStRcSQzFxwgNRM/RxM0LBwwEBUZBEUgMj0QMmZQPBInDREqYxgSODIjABtTL2A4GzssBiAgEh40PRAtOWcEBwU4dkYFMhAnFxtQKzQ4KDQjHx0aFCgFOXMAPmYnADYrPzkVEiMdJzcXOws+MDgyICMBDxY6OTQrPDU8KCg8NC4zKBMZEBIxPCUREiw3Ciw0NzgCNnsHKzgjAQ8RZyQROzIUPDdVOTsEMztIfkABID5nAggkEjESCwU0EiURDR89BwAgPTsCJjM0ADkHBQ8FIjAKGGAYciAtO0MZMzcAOAsGTHUeMA0UI0k1BAAHEhQKGQUmKS5PKQ
54.230.111.38200 OK 3.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/YnpTdEMDGDAZfANHMVI2EBZuUXEkX2EyJw8XKR8lBkJhAyIbFH0XLw0PNxIxDRQnWi0HDnZGBQstBgQPLwACQgkxLAU3OlIQHwN3Lxg9DHcjHStRcSQzFxwgNRM/RxM0LBwwEBUZBEUgMj0QMmZQPBInDREqYxgSODIjABtTL2A4GzssBiAgEh40PRAtOWcEBwU4dkYFMhAnFxtQKzQ4KDQjHx0aFCgFOXMAPmYnADYrPzkVEiMdJzcXOws+MDgyICMBDxY6OTQrPDU8KCg8NC4zKBMZEBIxPCUREiw3Ciw0NzgCNnsHKzgjAQ8RZyQROzIUPDdVOTsEMztIfkABID5nAggkEjESCwU0EiURDR89BwAgPTsCJjM0ADkHBQ8FIjAKGGAYciAtO0MZMzcAOAsGTHUeMA0UI0k1BAAHEhQKGQUmKS5PKQ
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 5571a0fb08f00dcf6eef5c59b046a887
0f0e030142a7b83308731a55c7497066727dcfca
a6dc6ef44752272785a204184196cd520b07a928c072f4d92109bf93704f20e2
GET /YnpTdEMDGDAZfANHMVI2EBZuUXEkX2EyJw8XKR8lBkJhAyIbFH0XLw0PNxIxDRQnWi0HDnZGBQstBgQPLwACQgkxLAU3OlIQHwN3Lxg9DHcjHStRcSQzFxwgNRM/RxM0LBwwEBUZBEUgMj0QMmZQPBInDREqYxgSODIjABtTL2A4GzssBiAgEh40PRAtOWcEBwU4dkYFMhAnFxtQKzQ4KDQjHx0aFCgFOXMAPmYnADYrPzkVEiMdJzcXOws+MDgyICMBDxY6OTQrPDU8KCg8NC4zKBMZEBIxPCUREiw3Ciw0NzgCNnsHKzgjAQ8RZyQROzIUPDdVOTsEMztIfkABID5nAggkEjESCwU0EiURDR89BwAgPTsCJjM0ADkHBQ8FIjAKGGAYciAtO0MZMzcAOAsGTHUeMA0UI0k1BAAHEhQKGQUmKS5PKQ HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -NVC85e9WqtEoeBrO8aR5IXorGULe7UO9x6JbsO-Xq0YpMjsHGe_qw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 1.0 kB URL GET HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1052), with no line terminators
Hash a6496a71738d7a150a3e065ee0e12fe3
5312d1558e59026ae5f14cb04f8bc87248f23826
7700f942a6370cef00334962637f3de505a110832c554efdaab8aa645b10359d
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
91.209.70.182200 OK 28 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 8568ee885222fb5ef651a99221bfd347
0dc1b30d1a58c3cdafab8b38da04f3fc2462ee46
3b35d09fae892be2b76a67f47bbbcbe289b05a2850e02295f70f9c2e537d927a
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 15 kB URL GET HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1288)
Hash d31e0426a59b32581835680633809ea3
98caf983b9349fcf2a32d6512f998ea9a557a90e
c7fe89a030ea54a29616f0a473366e07d109dfb775f2afa050c2de82e3606fba
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963
3.228.155.150200 OK 2.8 kB URL GET HTTP/2 api.purpleads.io/x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (2954), with no line terminators
Hash 559c6102a734a0f0108d29a6cb8a99d9
09e884c8e399e2a37b23a1b0a9cae044ee08d780
5b1ecd1b54a929ad752ad5c8e3f6bdf25926f618873178dfc64aaaefe324fd8d
GET /x/v2/b/?idx=0&pid=086d2209a874400b8d96e74ee2cc391b&sizes=[[300,250]]&slotid=3531e5d7-c97d-41ae-a4a1-a7e6dc511445&ts=1683309174963 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.4
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzNmdWpvL0RFTVNMQVktS05ZLVRIQy0oVVNBKS1OU3dUY0gtTlNQLVVwZGF0ZTE1My1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
set-cookie: pa-user-id=0db0364d-bddb-4420-b5a6-51c8cdab5617; Domain=.purpleads.io; Path=/
pa-user-id: 0db0364d-bddb-4420-b5a6-51c8cdab5617
etag: W/"b0c-Q11/hGlyYX4oVTPHgYH+VvyFWns"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1683309175692
3.228.155.150200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/init?ts=1683309175692
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/init?ts=1683309175692 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
access-control-allow-headers: authorization,content-type,pa-user-id,x-purpleads-version,x-request-url
access-control-max-age: 86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 8.7 kB URL GET HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type assembler source, ASCII text, with very long lines (9188), with no line terminators
Hash e6aa00105765c90499065e7b4953475e
c214db0a0c9ceda57bef567789961817554e01c9
33af7cdbf9e003d6a268f344b7d9fd8fc39d19b0a412b9eaa4487d509a4a54b1
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 56 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash b85ba9fdc07788f5208002e4588c1e2a
f4a5b283e901f573f1237b6a096da4c295e8a65b
f809de94a782db6c7c5bc85db8bc8f6b05b1a473f736080b3ea8377fd6ed35cc
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 25 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash 6d74ec0b03e02825fef8093d64629489
de746f1c7aeb0927541e1d55bdea4672bb47aa73
5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1683309175692
3.228.155.150200 OK 87 B URL GET HTTP/2 api.purpleads.io/x/init?ts=1683309175692
IP 3.228.155.150:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 7633438837aa9c063e690ccc7dbb4926
00dd73d83cf36199c8b9b59fd7dce76973f8a9f7
0c7295e170a5285d7e9e51c4ee4a324207d39de17986a7292f83104fbde57e3b
GET /x/init?ts=1683309175692 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.4
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzNmdWpvL0RFTVNMQVktS05ZLVRIQy0oVVNBKS1OU3dUY0gtTlNQLVVwZGF0ZTE1My1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
pa-user-id: 0db0364d-bddb-4420-b5a6-51c8cdab5617
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 103 kB IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103036 bytes)
Hash 9ee51131e416458b88d6da4e6e6959ca
a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
78.46.33.196200 OK 12 kB URL GET HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 78.46.33.196:443
ASN #24940 Hetzner Online GmbH
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash c6da9b1e7dd1165c9bdf6bfb097ced27
a0fadf6a721d40876d866783f84038e51b5a21df
b1deef4c4b4986ccfe3c6036398a67955b34f5cda8ef5c0d6f3618894de94160
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint96:EA:93:42:16:A6:B8:80:16:85:0B:B3:67:3A:BA:43:A8:41:32:23
ValidityMon, 03 Apr 2023 08:25:08 GMT - Mon, 26 Jun 2023 08:25:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHvUcFlA92zs8bQMaoR4xKa_-XOyxC5sbmuUnI5gSU8g5-v9heBgHo1qixzwK2vglDJ_8Hq
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-fY0dpx5VxGYdY_YxQyNNHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:iRl8oWK5RD4UBW0NrCWqhmKWK0Vrrg:4fgcv2c943ZIbAg9; Expires=Sun, 04-May-2025 17:52:41 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 2.7 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (3023), with no line terminators
Hash 9adec578563e5d2ce244e42529bd6a0c
2d9d05a9914fff69e279803400fa089638ad30ea
f9247eaf086df740e94ede1041b462994eb50899b273c70572a72f09048d1ce6
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8ihfYUP3KY7/9VlA8wEx21i9FUGGFOryZrCym0vSruiiF2gEx/p3YMfToYJPUkFyThPPh8YkufNtel++P9L59MVRLAXNr8MpmXjXTPbvUzBBhlDDPlVXMW6ugBI0Y0LHwvUoAHGLVitWo2oSD9/J8P0MGlAZcNMb19ECB0keDy6609TV3IFY9KdZzly6lbuWEbtmix078bxpXJIjnqf43oImbuvIgt8Y5HjjXy+fPeydv9CtiCgyb7nviWi0W7+uWcy65lBbTBEKKn5fFfwHMwndnZgEAAA==
95.211.229.247200 OK 0 B URL GET HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8ihfYUP3KY7/9VlA8wEx21i9FUGGFOryZrCym0vSruiiF2gEx/p3YMfToYJPUkFyThPPh8YkufNtel++P9L59MVRLAXNr8MpmXjXTPbvUzBBhlDDPlVXMW6ugBI0Y0LHwvUoAHGLVitWo2oSD9/J8P0MGlAZcNMb19ECB0keDy6609TV3IFY9KdZzly6lbuWEbtmix078bxpXJIjnqf43oImbuvIgt8Y5HjjXy+fPeydv9CtiCgyb7nviWi0W7+uWcy65lBbTBEKKn5fFfwHMwndnZgEAAA==
IP 95.211.229.247:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectexdynsrv.com
Fingerprint54:0A:66:69:27:EA:63:01:A0:42:9B:75:C5:75:97:C3:19:3C:EC:0F
ValidityMon, 27 Feb 2023 07:27:23 GMT - Sun, 28 May 2023 07:27:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8ihfYUP3KY7/9VlA8wEx21i9FUGGFOryZrCym0vSruiiF2gEx/p3YMfToYJPUkFyThPPh8YkufNtel++P9L59MVRLAXNr8MpmXjXTPbvUzBBhlDDPlVXMW6ugBI0Y0LHwvUoAHGLVitWo2oSD9/J8P0MGlAZcNMb19ECB0keDy6609TV3IFY9KdZzly6lbuWEbtmix078bxpXJIjnqf43oImbuvIgt8Y5HjjXy+fPeydv9CtiCgyb7nviWi0W7+uWcy65lBbTBEKKn5fFfwHMwndnZgEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264554268a80d44.34618119406163938%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 05 May 2023 17:52:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sun, 04 May 2025 17:52:40 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL GET HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerDigiCert Inc
Subject*.facebook.com
Fingerprint9B:19:49:BA:96:1D:82:D8:4A:07:27:B8:64:EF:0F:BC:AB:26:CA:13
ValiditySun, 12 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nZH9w492JnTK/5DIC7z2oTIHKRJxegc+ob4Vuw4p6yh7B/h7R2A+3Cpnp0jAzncbVRXvJfTkeXJZAs/gKe5jfQ==
date: Fri, 05 May 2023 17:52:41 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
91.209.70.182200 OK 48 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 6678bbbf8814eac6d7f987ad2a32111a
aa9021d4f27c58d5ffe5a8545c20b47232d7d0cb
9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.84.158204 No Content 0 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.84.158:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint86:27:A6:73:5B:D6:49:31:AD:38:AE:5D:D8:43:D7:59:83:60:76:B4
ValidityThu, 13 Apr 2023 07:33:05 GMT - Wed, 12 Jul 2023 07:33:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Fri, 05 May 2023 17:52:46 GMT
server: envoy
x-envoy-upstream-service-time: 1
vary: Accept-Encoding
X-Firefox-Spdy: h2
workhovdiminatedi.info/popunder.gif
188.114.97.1200 OK 35 B URL GET HTTP/3 workhovdiminatedi.info/popunder.gif
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Alt-Used: workhovdiminatedi.info
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 5565
last-modified: Fri, 05 May 2023 16:19:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXllb6pIGTQ8jKwQscey6NLoOwtqsvXyLxejJsG63dTyO9CTS0O87hcum%2FDIaNHm4UuWR2ZV3xDh6uZgs0JY%2FU1hqo%2FxrnpRkr0t8UNmCuk1g8L3O%2Bf8HgjhqkTRbC03juo%2BOZPXYK%2FR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6af8c8bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL POST HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:443
ASN #204995 Rtb House S.A.
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerDigiCert Inc
Subject*.creativecdn.com
Fingerprint6B:A3:B1:F5:24:52:3A:1A:F6:71:8D:4B:42:5A:14:D1:C1:60:0B:5C
ValidityWed, 29 Mar 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 795
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:41 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 36 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 18 kB URL GET HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1560073361%3A1683309161161437&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFB5nGfDyeFj0fgV8mX9ISldGxbSdMPn7U7JxVgZarH7ZhXO9WIu_jVjdU7wt2G9DDa26xh&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1560073361%3A1683309161161437&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFB5nGfDyeFj0fgV8mX9ISldGxbSdMPn7U7JxVgZarH7ZhXO9WIu_jVjdU7wt2G9DDa26xh&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-1560073361%3A1683309161161437&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFB5nGfDyeFj0fgV8mX9ISldGxbSdMPn7U7JxVgZarH7ZhXO9WIu_jVjdU7wt2G9DDa26xh&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Alt-Used: accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 May 2023 17:52:41 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-l7BiUsDTymGUTWhgZP56Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 14 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash 5c6cc304ddf594371c91e46020c2dec5
5b8d133530fe6092bcd642ab20c028dd869ab45d
cb11ef787fc18b87a0420239ee788379f6218b79ac81fa012ecad676ae1cb144
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/420322/300x250?region=eu-central-1
78.46.33.196200 OK 60 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/420322/300x250?region=eu-central-1
IP 78.46.33.196:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1811811?size=300x250
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash fe2034d23216cb6aea1d2623dbb25dfc
4718e9f9d14e29f00f68c9324a7cf56011acd8bf
e3bb549fadec06d0e7327e487fec5c326c0ce387993fe58807aac5118af09e90
GET /a-ads-banners/420322/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:40 GMT
content-type: image/png
content-length: 60545
x-amz-id-2: W09CpTegvw3VZAbgCrt7LCAcODkgKsvHGquuOr88LeOF2euoWdrJopVc5MHCYNnsQhu33+ksnL4=
x-amz-request-id: 05Y7FV5RB0SY6BNK
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 01:47:23 GMT
etag: "fe2034d23216cb6aea1d2623dbb25dfc"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: jFIfFbrcryROUYbjyxS2TaL7m4FSmpZV
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
last-modified: Fri, 05 May 2023 17:04:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osrRBsE1Q0fKtiJ14f%2FAvMMoVH5Mt38lH%2B3Ted%2FVDEkbKmgFTGOEiScRUPknmPa9iSJRfRaQJFnuo%2BEa5fd56LTH32ChnvSJX7V%2BsfaM2rrZER5y8JdFAhoIworXLSsa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b10944768c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 483 B URL GET HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
Fingerprint3B:2C:BC:39:64:F4:D4:D0:E1:70:EB:66:ED:61:AD:94:83:40:3A:DB
ValidityWed, 23 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (492), with no line terminators
Hash 2a749c25eb729c091a68422e74f93ddb
1c98aeec964fa1306305bb92cb5dde71829b3c88
bc2070fa410e14f5f8fbacd390fdacfc2e31ad7bc3aedcff9b1f066d4b1709c1
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 May 2023 17:52:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1553705
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN6wGSUoDmgUEi8%2BCZYCUjC%2FHfL4th9GK7oqlDwZfkwp%2FJV3xgHVIAyJI%2FRXliIboC4C5%2BSzlWZiZGXMPZO4h6uR8KXpFmqlPKYaL0Uy9%2F%2FUrgCxM3eOJ6vWPoNdOh6u"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7c2ad6b43bc20b59-OSL
Content-Encoding: br
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 971 B URL GET HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1068), with no line terminators
Hash 089e1431cd0ddbbacc07175c48de0f15
65898769225f99ca698658bd7a4c3aa623dc82d4
dcd0212b5e453a6411aeef7b4302e0be890be6462d8197cac028f185c2f174fb
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/Y3BUbm0CEjcDUgJNNkgYERxpS18lVWYoCQ4dLgULB0hmGQwaHnoNAQwFMAgfDB4gQAMGBHFcK1E9ZzgkMRs8PyoKKTMKXQATGCYZFDEBLBUHQz84JRkDJCQGLTkEAFkaJT5fWSs4EjwnUUQtIwEHOTEpLAglPB0bBkJhOSoaBGMLPzYlGC0/UjJlI1UtGTA3PidAOyIrOiQdPQoXJmUjVClDAgsqCTkiJCtbJTY2PCwyOBpZOkM7KjU3MmcLPzk3FwMjVTEsBQUoNGUiOCsAZiMsFzQSXS9bNj83JjpDOyovGUU+C14pNTEmVA4xZRYZBzg8OyggXScaJxsqHCoDMUQVBTtXFGcJLjY4JFwhDx8cIj4iHgdfL1UxHAUuMTcOXA8IKh0LPEUaJwEDE00iVhcCOGQ0VAEi
54.230.111.38200 OK 3.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/Y3BUbm0CEjcDUgJNNkgYERxpS18lVWYoCQ4dLgULB0hmGQwaHnoNAQwFMAgfDB4gQAMGBHFcK1E9ZzgkMRs8PyoKKTMKXQATGCYZFDEBLBUHQz84JRkDJCQGLTkEAFkaJT5fWSs4EjwnUUQtIwEHOTEpLAglPB0bBkJhOSoaBGMLPzYlGC0/UjJlI1UtGTA3PidAOyIrOiQdPQoXJmUjVClDAgsqCTkiJCtbJTY2PCwyOBpZOkM7KjU3MmcLPzk3FwMjVTEsBQUoNGUiOCsAZiMsFzQSXS9bNj83JjpDOyovGUU+C14pNTEmVA4xZRYZBzg8OyggXScaJxsqHCoDMUQVBTtXFGcJLjY4JFwhDx8cIj4iHgdfL1UxHAUuMTcOXA8IKh0LPEUaJwEDE00iVhcCOGQ0VAEi
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 79e788e7afffe0d4a69a50c0c58ffe3a
9da4abc24e63434827918b69922b339d47588aaa
925ba5f3977c637f9ae2c36c067495b482d1a721b8b4f2a8795521797d554125
GET /Y3BUbm0CEjcDUgJNNkgYERxpS18lVWYoCQ4dLgULB0hmGQwaHnoNAQwFMAgfDB4gQAMGBHFcK1E9ZzgkMRs8PyoKKTMKXQATGCYZFDEBLBUHQz84JRkDJCQGLTkEAFkaJT5fWSs4EjwnUUQtIwEHOTEpLAglPB0bBkJhOSoaBGMLPzYlGC0/UjJlI1UtGTA3PidAOyIrOiQdPQoXJmUjVClDAgsqCTkiJCtbJTY2PCwyOBpZOkM7KjU3MmcLPzk3FwMjVTEsBQUoNGUiOCsAZiMsFzQSXS9bNj83JjpDOyovGUU+C14pNTEmVA4xZRYZBzg8OyggXScaJxsqHCoDMUQVBTtXFGcJLjY4JFwhDx8cIj4iHgdfL1UxHAUuMTcOXA8IKh0LPEUaJwEDE00iVhcCOGQ0VAEi HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1170
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -hwAGRwOZDZcR4oQ-4A-w94vP4KiQ-94Kva6GkpGBVrB7mlnexpc6w==
X-Firefox-Spdy: h2
workhovdiminatedi.info/dGdpNGVbWApHWBY/L1o3Mz0LZVRBHT9YVDYxWnoDIyInZwEiLk9ADBBaUQNTR1ZREhUdA1QGXFIUHVURARRUBUMdCQ9bWFIRVAVLRElfBEtHQRwJVFITGVUCSVZPRBEAC1QFU0xUWgRcRVBdBlFF
188.114.97.1204 No Content 0 B URL GET HTTP/2 workhovdiminatedi.info/dGdpNGVbWApHWBY/L1o3Mz0LZVRBHT9YVDYxWnoDIyInZwEiLk9ADBBaUQNTR1ZREhUdA1QGXFIUHVURARRUBUMdCQ9bWFIRVAVLRElfBEtHQRwJVFITGVUCSVZPRBEAC1QFU0xUWgRcRVBdBlFF
IP 188.114.97.1:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjectworkhovdiminatedi.info
Fingerprint24:21:C6:9C:11:74:7D:7D:73:8F:98:35:FA:68:4E:DE:1A:86:04:CB
ValidityThu, 27 Apr 2023 07:34:32 GMT - Wed, 26 Jul 2023 07:34:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dGdpNGVbWApHWBY/L1o3Mz0LZVRBHT9YVDYxWnoDIyInZwEiLk9ADBBaUQNTR1ZREhUdA1QGXFIUHVURARRUBUMdCQ9bWFIRVAVLRElfBEtHQRwJVFITGVUCSVZPRBEAC1QFU0xUWgRcRVBdBlFF HTTP/1.1
Host: workhovdiminatedi.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 05 May 2023 17:52:40 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYuKwU6MtI0kdF%2BlZl%2Br3%2BTFuKG4AGmO%2Fl16TJgMTNQVj0l2Kl5uziBCbCYkQUs2G2kAEHKiN%2FUizlMGkXOR6G2z%2B%2FSGzlTvD%2BqNLr%2FlB1saQSiHdaTTPerRRrDeoza9%2FR7T%2FUzggEpR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6aa5ff81c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 27 B IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b13e328e7c9cfa45a0e0755d4a80b984
ddf86a069eaa277c353131139a9ba7e610c0992d
bccbac8b8b5ffbf76ccd961b8925de01cbb33c03fea3eea28292b0650758c0b3
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/plain
set-cookie: csu=1434663671683766@1@1683309161; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXlYnP6unLRTTZ2beFtm8q0WC6RIdAlNqaAb2HlQtJBqX6396lod4ghir3DdWCQdg7c5YixFOnq2Tdk3Iwq6TTMBQ561ymatuqBj2Cng7ZBY0m0PQRq1UfdhnNqpSf2p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6b10945768c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 1.8 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1946), with no line terminators
Hash 28bfbd66415c5e20a0d8ce1ee03bd87c
144fa15fb0a7090117e6f4ef33d9f465241e5459
6eb7ee7937139b13785d0befc27eb61cffbae32d066959c6370829209c0c4e46
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
kultingecauyuksehinkitw.info/bTR4aUQMVhsEewwJGk8xH1hFTHYrEUovIABZAgIiCQxKHiUUWlYKKAJBHA82AloMRyoIQF1bAgRiMA0AN1o9WgMuBDk9LSxRMlgwKm0TMz01XxwQDDl1MiE9P382HgEkcCwjciFMNQ8AXlcXKy0VZjYRMztVLQ0oLlw5XwElATkvAAJhHgUgNXoqJCw6BC4QBRd5Mi4pBlAyAQUJfQAaKih2IVwROW0wPQAGbTc4fAl7OjMpO3AcARM1ejw4dj9SN1ggLFctOAY8BDYCAxRbMSsHFWcbPx0nVj0sJzhxLhEWLHI8OHY8cjY8Ci5yLTM+NQVBAhwAGSI8FTl5KyAFXVEbPBErYj0vKD8HNjEVOmIrChI0bCg4EQB1Ol03OFo9DhUqYj8LEjdsMTw0FBISGisDREUdIxRtPVAND38AXQoaTA
54.230.111.38200 OK 3.0 kB URL GET HTTP/2 kultingecauyuksehinkitw.info/bTR4aUQMVhsEewwJGk8xH1hFTHYrEUovIABZAgIiCQxKHiUUWlYKKAJBHA82AloMRyoIQF1bAgRiMA0AN1o9WgMuBDk9LSxRMlgwKm0TMz01XxwQDDl1MiE9P382HgEkcCwjciFMNQ8AXlcXKy0VZjYRMztVLQ0oLlw5XwElATkvAAJhHgUgNXoqJCw6BC4QBRd5Mi4pBlAyAQUJfQAaKih2IVwROW0wPQAGbTc4fAl7OjMpO3AcARM1ejw4dj9SN1ggLFctOAY8BDYCAxRbMSsHFWcbPx0nVj0sJzhxLhEWLHI8OHY8cjY8Ci5yLTM+NQVBAhwAGSI8FTl5KyAFXVEbPBErYj0vKD8HNjEVOmIrChI0bCg4EQB1Ol03OFo9DhUqYj8LEjdsMTw0FBISGisDREUdIxRtPVAND38AXQoaTA
IP 54.230.111.38:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerAmazon
Subjectkultingecauyuksehinkitw.info
Fingerprint92:71:EB:2A:19:25:DF:1C:2A:8F:E3:1A:92:7B:DD:8F:18:79:39:0F
ValidityThu, 27 Apr 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash dda1be4a4a0ba71b555ca9d175fa253e
1e8ba7b36b276a5f94c9e9b337f0f90509b0353b
eefab2fff88373ab9c82d52072ba0fd5ca716b55e58aa8e7a651005d5820c480
GET /bTR4aUQMVhsEewwJGk8xH1hFTHYrEUovIABZAgIiCQxKHiUUWlYKKAJBHA82AloMRyoIQF1bAgRiMA0AN1o9WgMuBDk9LSxRMlgwKm0TMz01XxwQDDl1MiE9P382HgEkcCwjciFMNQ8AXlcXKy0VZjYRMztVLQ0oLlw5XwElATkvAAJhHgUgNXoqJCw6BC4QBRd5Mi4pBlAyAQUJfQAaKih2IVwROW0wPQAGbTc4fAl7OjMpO3AcARM1ejw4dj9SN1ggLFctOAY8BDYCAxRbMSsHFWcbPx0nVj0sJzhxLhEWLHI8OHY8cjY8Ci5yLTM+NQVBAhwAGSI8FTl5KyAFXVEbPBErYj0vKD8HNjEVOmIrChI0bCg4EQB1Ol03OFo9DhUqYj8LEjdsMTw0FBISGisDREUdIxRtPVAND38AXQoaTA HTTP/1.1
Host: kultingecauyuksehinkitw.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Fri, 05 May 2023 17:52:40 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: raVSJ8fdXAtjGTzKS-rS6UhqSFruTX-bR_re4kreNFrI7vsfpP3P0Q==
X-Firefox-Spdy: h2
theharityhild.buzz/VDg2cngvGkUFJyFKWlBCdlBCBggnAhldFTFfVwcIelZTBlcnTxgYC3YUFAEVMhoMQ1R2S1sEWm4aAlxLdhQUBhkzZ18WWm4aDkFKYgsFUFR2S0MQJz1cBFBCdl4OQUs3CAIQVWJdBhBVYFxUQlVtDA5FVTIOUxcdN11VERs3XRQP
54.162.51.18502 Bad Gateway 0 B URL GET HTTP/2 theharityhild.buzz/VDg2cngvGkUFJyFKWlBCdlBCBggnAhldFTFfVwcIelZTBlcnTxgYC3YUFAEVMhoMQ1R2S1sEWm4aAlxLdhQUBhkzZ18WWm4aDkFKYgsFUFR2S0MQJz1cBFBCdl4OQUs3CAIQVWJdBhBVYFxUQlVtDA5FVTIOUxcdN11VERs3XRQP
IP 54.162.51.18:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerLet's Encrypt
Subjecttheharityhild.buzz
Fingerprint4F:3F:5B:8C:AA:6E:37:C3:45:68:90:BE:2C:8B:F0:01:D7:5F:3F:89
ValidityFri, 05 May 2023 05:15:10 GMT - Thu, 03 Aug 2023 05:15:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VDg2cngvGkUFJyFKWlBCdlBCBggnAhldFTFfVwcIelZTBlcnTxgYC3YUFAEVMhoMQ1R2S1sEWm4aAlxLdhQUBhkzZ18WWm4aDkFKYgsFUFR2S0MQJz1cBFBCdl4OQUs3CAIQVWJdBhBVYFxUQlVtDA5FVTIOUxcdN11VERs3XRQP HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 502 Bad Gateway
set-cookie: 1e0ebf8dd61e397640ae5ded04dafb5b=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
last-modified: Fri, 05 May 2023 17:04:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuYijdLrbKzbDEdipbMbCunmCT15UOu6fUUjYOM2rI7Z5qbY67rUmDOTKqXmVwOG4S9usvnHrRLnNw5Akjdvbnf%2FtGhRiDDkhYitOdGGIKE7zLkU7wERnbpzvFeUCtfo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b10943768c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2875
last-modified: Fri, 05 May 2023 17:04:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqJvIGkppv%2FIzk0a1lDYcANT0Bq8I7%2Biy7ESj7Ff%2F%2FsBoGfuUMZI7WNWG9l2GUDHcefcTHPK6WRIQtsarqQhqH%2Bz5t%2BSPCiN%2Bz%2FL7wW66R5WYY63KFRZIE3kgbzJgmer"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c2ad6b0e901768c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 26 B IP 172.64.199.35:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 95fe90fb3c1bb88b988b3ed90187022f
cac3c0e9c41d378f7969a2b86572323e4380391c
4f53c3c7320a5b7a0cf6e288aece14409a05fc8b9792da1c0e5da9f3b2cf513c
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 05 May 2023 17:52:41 GMT
content-type: text/plain
set-cookie: csu=875594649686699@1@1683309161; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nheoRdoKDDFO9owWH%2BIp0KrnsI2%2BPrlvoX3e16Sx%2FDtS9JwZStXXvmrHkIfQ3ZRZ87PdP6P%2Fht8oTb34050xLlUbwIIrnVl9TDhULNKnIedEW%2BElu2z2hY4UJVZHmn%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c2ad6b0f932768c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 8.1 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:443
Requested by https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (8281), with no line terminators
Hash fe90ec8075308aa0695b41a01faa8d7c
9ef0157a99a6efd2a8672b699dbf4225d8fa67ad
782f2530cd4df35901bcdba4dab3cd8769f7cebfcfa96cec776cbcdc10d66062
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3fujo/DEMSLAY-KNY-THC-(USA)-NSwTcH-NSP-Update153-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=6mh6q8e5vn865sg7s2jg760ga3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 05 May 2023 17:52:39 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2