GET megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
200 OK 590 B URL GET megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash ed3d11830b3e136b384f2a0b8082f235
3b75f2a64d528165f108d62e8c30d464b76945d7
1aef6752088fe69a166d3a84375431e1041dde8fa3f9ccbde26accb220feb4a5
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: image/png
content-length: 590
last-modified: Thu, 13 Feb 2025 17:42:00 GMT
vary: Accept-Encoding
etag: "67ae2ee8-24e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/custom.css
200 OK 8.9 kB URL GET megaup.net/themes/spirit/assets/frontend/css/custom.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash 68443327ebd1d8f35857bbb29d3ce6df
d34e37d8cebc246854f05dde78abc32b5ad5d9fe
98cf7514d65d87963ee938b6f83493b4429f8005a5f6814ba226a7b89c80aa45
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 19:56:14 GMT
vary: Accept-Encoding
etag: W/"67abab5e-22e8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET entwithoughtsu.com/NFVkcm4bagcBU20BAAU7BQ89MytQJD40N3UEVigAYRQANA9ZFEIGB1BoU0RfBW1SVB5dMVlDSEchBQYbR2hVVAdaMwtPSEJoVVxdAHtXREABcxFPXxIhFBMJCWRCAhpAOVlDWQFlVktcDGxcQloB
204 No Content 0 B URL GET entwithoughtsu.com/NFVkcm4bagcBU20BAAU7BQ89MytQJD40N3UEVigAYRQANA9ZFEIGB1BoU0RfBW1SVB5dMVlDSEchBQYbR2hVVAdaMwtPSEJoVVxdAHtXREABcxFPXxIhFBMJCWRCAhpAOVlDWQFlVktcDGxcQloB
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /NFVkcm4bagcBU20BAAU7BQ89MytQJD40N3UEVigAYRQANA9ZFEIGB1BoU0RfBW1SVB5dMVlDSEchBQYbR2hVVAdaMwtPSEJoVVxdAHtXREABcxFPXxIhFBMJCWRCAhpAOVlDWQFlVktcDGxcQloB HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lGy1Ir4p5KxjLuw%2F6CVPQyh5gjbqjGUmvtSF5qumer3t3oEWef0vn7aBYlmDQdLw%2BRNpdfTW6PxQSe6yYDbHdFO2bfyvERhRv8DAW5lhEpo%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 951ee7d54d5a1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500
200 OK 346 kB URL GET www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (6004)
Size 346 kB (345487 bytes)
Hash 86f4f829652e5ef28d33eab9eca7fee2
07146444d5816655b72f8af4b22f29d2038e1e98
c07a6d7cb5c56347428f22568ca2c1bfb92184f26bc037f04fbb449f8d0aa504
GET /gtag/js?id=G-Z9TE2LW16Q&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 00:28:18 GMT
expires: Thu, 19 Jun 2025 00:28:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 120914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css
200 OK 77 kB URL GET megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash 9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-12c7a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
200 OK 59 kB URL GET megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (58929), with CRLF line terminators
Hash 879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-e6ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/sw.js
200 OK 103 kB IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 103 kB (103036 bytes)
Hash 9ee51131e416458b88d6da4e6e6959ca
a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 22:15:30 GMT
vary: Accept-Encoding
etag: W/"63a23402-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
200 OK 19 kB URL GET fonts.gstatic.com/s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 19276, version 1.0
Hash 266d9ceb5c3c51971e2a9e13b7ec5883
091a3b35321cb3e7b11034a091964e795c4b74ac
f93e2585efd0318f328e3431482382c66dfe89ac387060e88116cdd18a18b933
GET /s/opensans/v43/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 17:13:40 GMT
expires: Fri, 12 Jun 2026 17:13:40 GMT
cache-control: public, max-age=31536000
age: 544477
last-modified: Wed, 28 May 2025 17:52:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET larlymckense.com/S3ZpbEQqFAoBeypLC0oxORpUSXYNU1sqIHgZDlQwek5aBXU9FA5CJycZHAgiORkHGGolEx1Jdg0vC1wCMiAuBwkHHh4VEiMFBiopJxM+NAYPFC9VDgYnKBQAej8aKj4GPy4GAig5DhsmEQ4OAgYsMxE4MygcLQsrfjovXAAGIiwODnsdWC8ACSMxXicuODgPDS0wOBQGPA5RPXcCPyoVChsvLFQmBiRZSXYNIChcNwolLCICGCM7JRY/PCcuCjs0KC1zDAwOKgAmJCgpKDM0CjogJiE8D3YMDAYiBQ8vKw8SPxAlGx4zIVhVMxoYGTYXJT8eDxI/ECcEaThAMV0wICc7NgkTLiwnHSdHIg8uCQ4+XXwxNCEqJQcYKy4dDhIPDQIvGz49IyAzPVQDGBgkXB4nGgwPEQEaPjpxICcuPRQJHCQ0CSwvMTYBCiU+Kjx6Li4+FAwYEShiIQUGAjR2JSMNDwAOXQA0CDkn
200 OK 3.1 kB URL GET larlymckense.com/S3ZpbEQqFAoBeypLC0oxORpUSXYNU1sqIHgZDlQwek5aBXU9FA5CJycZHAgiORkHGGolEx1Jdg0vC1wCMiAuBwkHHh4VEiMFBiopJxM+NAYPFC9VDgYnKBQAej8aKj4GPy4GAig5DhsmEQ4OAgYsMxE4MygcLQsrfjovXAAGIiwODnsdWC8ACSMxXicuODgPDS0wOBQGPA5RPXcCPyoVChsvLFQmBiRZSXYNIChcNwolLCICGCM7JRY/PCcuCjs0KC1zDAwOKgAmJCgpKDM0CjogJiE8D3YMDAYiBQ8vKw8SPxAlGx4zIVhVMxoYGTYXJT8eDxI/ECcEaThAMV0wICc7NgkTLiwnHSdHIg8uCQ4+XXwxNCEqJQcYKy4dDhIPDQIvGz49IyAzPVQDGBgkXB4nGgwPEQEaPjpxICcuPRQJHCQ0CSwvMTYBCiU+Kjx6Li4+FAwYEShiIQUGAjR2JSMNDwAOXQA0CDkn
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerAmazon
Subjectlarlymckense.com
Fingerprint95:66:51:3E:9D:AE:BA:98:04:95:36:A7:38:19:9D:BA:03:91:43:97
ValidityWed, 11 Jun 2025 00:00:00 GMT - Fri, 10 Jul 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3063), with no line terminators
Hash 1da12c3750d8f1cdee302c0ba3a6d4d9
04d6a9ade64a194b405b2b95b2b491d3a4087df3
04d00c169782cfa1b0120cb4d27323c924a782c515506c24604ddcc27d7f5eee
GET /S3ZpbEQqFAoBeypLC0oxORpUSXYNU1sqIHgZDlQwek5aBXU9FA5CJycZHAgiORkHGGolEx1Jdg0vC1wCMiAuBwkHHh4VEiMFBiopJxM+NAYPFC9VDgYnKBQAej8aKj4GPy4GAig5DhsmEQ4OAgYsMxE4MygcLQsrfjovXAAGIiwODnsdWC8ACSMxXicuODgPDS0wOBQGPA5RPXcCPyoVChsvLFQmBiRZSXYNIChcNwolLCICGCM7JRY/PCcuCjs0KC1zDAwOKgAmJCgpKDM0CjogJiE8D3YMDAYiBQ8vKw8SPxAlGx4zIVhVMxoYGTYXJT8eDxI/ECcEaThAMV0wICc7NgkTLiwnHSdHIg8uCQ4+XXwxNCEqJQcYKy4dDhIPDQIvGz49IyAzPVQDGBgkXB4nGgwPEQEaPjpxICcuPRQJHCQ0CSwvMTYBCiU+Kjx6Li4+FAwYEShiIQUGAjR2JSMNDwAOXQA0CDkn HTTP/1.1
Host: larlymckense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1210
date: Thu, 19 Jun 2025 00:28:18 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=mgWkbw4WWEV6qftPw9rfKA3MBZgs05gIANl6Crob8JU4hIWZU3UMWJyy2anrcg4MUbBkXNeKJx41mu5fn233FieDZyy5Jgte47tq//QEQifrLAg2ftYmhEGeBjao; Expires=Thu, 26 Jun 2025 00:28:18 GMT; Path=/
AWSALBCORS=mgWkbw4WWEV6qftPw9rfKA3MBZgs05gIANl6Crob8JU4hIWZU3UMWJyy2anrcg4MUbBkXNeKJx41mu5fn233FieDZyy5Jgte47tq//QEQifrLAg2ftYmhEGeBjao; Expires=Thu, 26 Jun 2025 00:28:18 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8b440cccbe8a332306f650e1ec8894ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: 9x9B4efubqFBo9mBcb5Yq7GpBgsdBDzzKzx2zgPSQPUfcERxmv-7PA==
X-Firefox-Spdy: h2
GET rnmop.com/ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516
0 B URL GET rnmop.com/ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET img.vmmcdn.com/get/1684855/238426_icon.png
200 OK 59 kB URL GET img.vmmcdn.com/get/1684855/238426_icon.png
IP
ASN #24940 Hetzner Online GmbH
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerLet's Encrypt
Subjectimg.vmmcdn.com
Fingerprint50:0A:70:84:3B:79:B2:54:89:65:50:AD:82:21:EF:21:3E:AB:58:98
ValidityMon, 16 Jun 2025 16:28:40 GMT - Sun, 14 Sep 2025 16:28:39 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 669eb036e71ef2df4b1a7d3fa9e5ebb7
6a8686b1ce7276b8c6732245e340dbe38b30eb04
89edf6961767b760b3ff755a803457eee41b5f2df863cdeca95165bf4a126732
GET /get/1684855/238426_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 19 Jun 2025 00:28:25 GMT
content-type: image/png
content-length: 59035
last-modified: Sun, 18 Dec 2022 10:47:54 GMT
cache-control: public, max-age=604800
etag: "639eefda-e69b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
200 OK 54 kB URL GET megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
Hash 8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-d271"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/typed.min.js
200 OK 3.9 kB URL GET megaup.net/themes/spirit/assets/frontend/js/typed.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3949), with no line terminators
Hash 2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f6d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Hash 5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 15:48:00 GMT
expires: Fri, 12 Jun 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 549617
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
200 OK 490 kB URL GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size 490 kB (489877 bytes)
Hash 143709384b79b0eb4b7ee6a6010d8c92
57e462dce3522509c8aa0f81cd211045d829d0f4
0a2331cbf6b7cd787d861f3f4ee8eb5563b4ae545c0b9b245efef8cf64bb4e3f
GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 152089
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 3bd19ecae9d202e55626096b4934d62e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: 69zpM3wgVO5AurhvF5kWLyyHTbtzC8oEK5fycXqO5lW9LThf7f8Pww==
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPaXld3y7Cp59GSRAOHxvAsvFRpEggTr3ICh7rL4HGwfNpSGMVot63vVI0AxdtwlhoBkp0ZFg
302 Found 0 B URL GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPaXld3y7Cp59GSRAOHxvAsvFRpEggTr3ICh7rL4HGwfNpSGMVot63vVI0AxdtwlhoBkp0ZFg
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint09:73:D4:56:AF:03:7E:40:3B:60:95:56:66:8D:E9:27:E0:DA:EC:DA
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPaXld3y7Cp59GSRAOHxvAsvFRpEggTr3ICh7rL4HGwfNpSGMVot63vVI0AxdtwlhoBkp0ZFg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:9LDW4D88Y3MGj7q6ZfG__99lM56tvQ:pl3IsAAn7bGIymco;Path=/;Expires=Sat, 19-Jun-2027 00:28:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNHilXAFlVRWBHhujlwbal0qw3IW6V7uZQOuhU7IhQsx5AAiLLFF6hrRf8xJjntlog6a4HbFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1858561000%3A1750292898990039
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-MbkH_5Q2a2eDYvKAR99Vvw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 415
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET xml.panel-bid.com/thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon
302 Found 30 kB URL GET xml.panel-bid.com/thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerLet's Encrypt
Subjectpanel-bid.com
FingerprintE3:8B:77:56:FF:1B:46:13:80:AD:CD:2D:00:56:B7:8F:BD:E7:D2:31
ValidityWed, 28 May 2025 08:01:09 GMT - Tue, 26 Aug 2025 08:01:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon HTTP/1.1
Host: xml.panel-bid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 19 Jun 2025 00:28:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.panel-bid.com/n337/ad/250x250_Q9KZuyHG.png
GET megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
200 OK 6.0 kB URL GET megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators
Hash c9e3a210d83398f301b3a7049c259676
8e227bb40fe120841829a7fef0ffeb091d179a91
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-178c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/scripts.js
200 OK 115 kB URL GET megaup.net/themes/spirit/assets/frontend/js/scripts.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
Size 115 kB (114862 bytes)
Hash ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1c0ae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET entwithoughtsu.com/OVRMMHcWay9DSm0cBlsVbRp6YhtjNQ4DIXwBfWE1X2QCZC9eFWpEHl1pdAdBCmV0FgdQMHECTh8nOFEDTCdxAVFQOipfSh8icQFZCXp6AFkNcjkNRh8gPFEQBGVqQANNOHEBQAxkfglFAW10AE8L
204 No Content 0 B URL GET entwithoughtsu.com/OVRMMHcWay9DSm0cBlsVbRp6YhtjNQ4DIXwBfWE1X2QCZC9eFWpEHl1pdAdBCmV0FgdQMHECTh8nOFEDTCdxAVFQOipfSh8icQFZCXp6AFkNcjkNRh8gPFEQBGVqQANNOHEBQAxkfglFAW10AE8L
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /OVRMMHcWay9DSm0cBlsVbRp6YhtjNQ4DIXwBfWE1X2QCZC9eFWpEHl1pdAdBCmV0FgdQMHECTh8nOFEDTCdxAVFQOipfSh8icQFZCXp6AFkNcjkNRh8gPFEQBGVqQANNOHEBQAxkfglFAW10AE8L HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=946ZhQG6MQhAvaaWoBVTUkVEybRYT1lkJxBKlXY9xAPkrsL4rmBXBo2ll0XVD1uyn%2BqUyqJNOmlHrcO8UHNKIREp8u1n1np6YJiAmHnjdR4%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 951ee7d59d761c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:T_4Ph00BSgc0KwfcH9ta7MhwEJbv-w:7hzSDEqyqcP4W6KA; Expires=Sat, 19-Jun-2027 00:28:18 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:18 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPaXld3y7Cp59GSRAOHxvAsvFRpEggTr3ICh7rL4HGwfNpSGMVot63vVI0AxdtwlhoBkp0ZFg
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-kEyHUIqd6c7wyJN4hEXyCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiMHB6IcWc3z9MtZqIX91OxJ84HQIYRq9g4PyasyK-NL0bl9j4qKgAj-haBtIeOa6LhbnWDxWA
302 Found 0 B URL GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiMHB6IcWc3z9MtZqIX91OxJ84HQIYRq9g4PyasyK-NL0bl9j4qKgAj-haBtIeOa6LhbnWDxWA
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiMHB6IcWc3z9MtZqIX91OxJ84HQIYRq9g4PyasyK-NL0bl9j4qKgAj-haBtIeOa6LhbnWDxWA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Out3FkW77IDqLyjWKpu4peeqwKYmFA:5vkLA1tPGo5OTGTZ;Path=/;Expires=Sat, 19-Jun-2027 00:28:18 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:18 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPEPq52pfS0w3RJ0sFs32pDfHYz2-LZYe4qFn1ch6q_UBBCN8Hbj9WYpdDQPoMvCzfpqqVRtg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966822602%3A1750292898846846
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-mX7eTEX2ghJOQZjKDEkfaQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPEPq52pfS0w3RJ0sFs32pDfHYz2-LZYe4qFn1ch6q_UBBCN8Hbj9WYpdDQPoMvCzfpqqVRtg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966822602%3A1750292898846846
403 Forbidden 0 B URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPEPq52pfS0w3RJ0sFs32pDfHYz2-LZYe4qFn1ch6q_UBBCN8Hbj9WYpdDQPoMvCzfpqqVRtg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966822602%3A1750292898846846
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiPEPq52pfS0w3RJ0sFs32pDfHYz2-LZYe4qFn1ch6q_UBBCN8Hbj9WYpdDQPoMvCzfpqqVRtg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966822602%3A1750292898846846 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:18 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-9pXTIc746QiCvxtB9N_NEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.EgAwAlBY3zc.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
200 OK 739 B URL GET megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash a19cdfde4cca33ccafc0b8bfd518bebb
df1830e07033d0ae31288f62892121778fc7c765
a347474d3c97d5440c2f06c86c314eb1e9c2a20e2b84e8367d57743fe77a8115
GET /themes/spirit/assets/frontend/css/mu-waiting-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Mon, 17 Feb 2025 00:39:28 GMT
vary: Accept-Encoding
etag: W/"67b28540-2e3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET theharityhild.buzz/NjNTS3dNESA8KENBP2lNFFsnPwdFCXxkGlNUMj4HGF02P1hFRH0hBBQfcTgaUBFpelsUQD49VQwRZ2VEFB9xPxZRbDovVQwRa3hFAABgaVsUQCYpKF9XYWlNFFVreERVA2cpWgBWYylaAlcxe1oPB2t8WlAFNi4SVVYwKBRVVnE2
0 B URL GET theharityhild.buzz/NjNTS3dNESA8KENBP2lNFFsnPwdFCXxkGlNUMj4HGF02P1hFRH0hBBQfcTgaUBFpelsUQD49VQwRZ2VEFB9xPxZRbDovVQwRa3hFAABgaVsUQCYpKF9XYWlNFFVreERVA2cpWgBWYylaAlcxe1oPB2t8WlAFNi4SVVYwKBRVVnE2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NjNTS3dNESA8KENBP2lNFFsnPwdFCXxkGlNUMj4HGF02P1hFRH0hBBQfcTgaUBFpelsUQD49VQwRZ2VEFB9xPxZRbDovVQwRa3hFAABgaVsUQCYpKF9XYWlNFFVreERVA2cpWgBWYylaAlcxe1oPB2t8WlAFNi4SVVYwKBRVVnE2 HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET ukankingwithea.com/
200 OK 27 B IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type ASCII text, with no line terminators
Hash 1f4d5de6fa78cbcf0f9be84da807a35d
d335efc092e4b008076bf490615a0fad00b014ba
a4fc8b75592234cec056d25cc92a129160a2d18a87eff498aef7ac2aff1530e2
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mNlsmqFTRUjNe8tsgXPrLQzixUFXSi6RM6DuOvP%2FwP21gcqQT5oVYbIkv%2Bp5VZ31%2FhFBSXVeumaVrUnFOMoKXDgjwSeGbBayzv1cMYquqKs%3D"}]}
content-encoding: br
set-cookie: csu=1940282796646236@1@1750292898; SameSite=None; Secure; Max-Age=31104000
cf-ray: 951ee7d90af056aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/socicon.css
200 OK 9.8 kB URL GET megaup.net/themes/spirit/assets/frontend/css/socicon.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 910a42ce112991b31b30a735f1006a5f
6c8b4769270f1c86bb1c7a6b54325465395ba614
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-266e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
200 OK 39 kB URL GET fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT
File type ASCII text, with very long lines (1572)
Hash 0812d3cfd3d7800435f05536b513ecfd
e70839be86f9de0d31aa6b5f0903da7c1fc7c286
00e20cfbdec23113781e1620e51b3e336b15acd9a3c026a184390736b26dab70
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jun 2025 00:28:17 GMT
date: Thu, 19 Jun 2025 00:28:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Hash 5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 15:48:00 GMT
expires: Fri, 12 Jun 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 549617
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
200 OK 4.3 kB URL GET megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Hash ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: font/woff2
content-length: 4292
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-10c4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET tomlldahehun.org/floater?cs=bTlBd0ZYDHhGdlULdEV%2BXAhwQHM&abt=0&red=1&sm=83&k=scum%20rune%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_45y2=1750292899120&crc=1
200 OK 6.8 kB URL GET tomlldahehun.org/floater?cs=bTlBd0ZYDHhGdlULdEV%2BXAhwQHM&abt=0&red=1&sm=83&k=scum%20rune%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_45y2=1750292899120&crc=1
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerAmazon
Subjecttomlldahehun.org
Fingerprint6B:F0:7B:63:2B:19:E1:74:83:15:1A:BF:1B:B4:E6:71:68:14:57:3D
ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT
File type ASCII text, with very long lines (6771), with no line terminators
Hash 279698e2b761a44fe6298372f499098c
6dfe281ab4d21fca6267fee27e64728e41aa62c6
dfd7eb39ed0b7dc8625b3c3e0b67fc8e52fb2d820fe9e4f50b555dac024909b0
GET /floater?cs=bTlBd0ZYDHhGdlULdEV%2BXAhwQHM&abt=0&red=1&sm=83&k=scum%20rune%20part1&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_45y2=1750292899120&crc=1 HTTP/1.1
Host: tomlldahehun.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 4508
date: Thu, 19 Jun 2025 00:28:19 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=uv/fZGOVploCr7QWAlU8AC0eLLmYVlaWvueLWsghEzI3J7sI/m1Racmc0dl1pRj+f0DRC43GnZOyeAME6Y0Mg3NJZvNwooH57UZKEee34v/EpaoBOFlws5BF+aOy; Expires=Thu, 26 Jun 2025 00:28:19 GMT; Path=/
AWSALBCORS=uv/fZGOVploCr7QWAlU8AC0eLLmYVlaWvueLWsghEzI3J7sI/m1Racmc0dl1pRj+f0DRC43GnZOyeAME6Y0Mg3NJZvNwooH57UZKEee34v/EpaoBOFlws5BF+aOy; Expires=Thu, 26 Jun 2025 00:28:19 GMT; Path=/; SameSite=None
csu=92669fed-1f88-45c5-9cda-3a090f4035be
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Co1E90eFbYQ2x63ekp4U7gblf5E4gEjDti7C3tt2yUb0TE0rjNmW5Q==
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/img/background.jpg
200 OK 86 kB URL GET megaup.net/themes/spirit/assets/frontend/img/background.jpg
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3
Hash 1b0874b56457a14258e3bd22805266c6
26ff3d095376d43cb78388e700707cdaf6ac75eb
5c5e0d52eb281e1ceae07f53c931982e8e014b9a535df9c98246157167e29285
GET /themes/spirit/assets/frontend/img/background.jpg HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: image/jpeg
content-length: 86513
last-modified: Tue, 11 Feb 2025 07:35:38 GMT
vary: Accept-Encoding
etag: "67aafdca-151f1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET entwithoughtsu.com/S01COGtkciFLVh19BFQ5eh8rXC0zfxh/UjEYCm4YESMAbQgMCGRMAi9wegpecnxzHhsiKX8LWW0+NlkfPj5/Clt7emRRBS0ifwpNPXByFlJlf2wOTT5wcx4fOywlBVptPTZMB3Z8dQ1beXRwAFJzfXQP
204 No Content 0 B URL GET entwithoughtsu.com/S01COGtkciFLVh19BFQ5eh8rXC0zfxh/UjEYCm4YESMAbQgMCGRMAi9wegpecnxzHhsiKX8LWW0+NlkfPj5/Clt7emRRBS0ifwpNPXByFlJlf2wOTT5wcx4fOywlBVptPTZMB3Z8dQ1beXRwAFJzfXQP
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /S01COGtkciFLVh19BFQ5eh8rXC0zfxh/UjEYCm4YESMAbQgMCGRMAi9wegpecnxzHhsiKX8LWW0+NlkfPj5/Clt7emRRBS0ifwpNPXByFlJlf2wOTT5wcx4fOywlBVptPTZMB3Z8dQ1beXRwAFJzfXQP HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hHAwD5UCOolrvzj72zDrMMNk0nSJjAGkXKQh6j04xVmciyFY3157dKKeaE4nAwdFGaxi6y7evosO%2FmgWlxVImKqG%2Fa%2BnaCnq5P8jhHrdCLM%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 951ee7d55d641c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
200 OK 80 kB URL User Request GET megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
IP
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (51800)
Hash ee6e7155556f67a62ca5a52739893a1e
4000fc9a3aac9b9373e54f64d1c6da8f6d59a5bc
22f368db348af5cb50d889f2040a87cdbf78800806208e7a8285355b35e53d56
GET /bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po; expires=Fri, 20 Jun 2025 00:28:16 GMT; Max-Age=86400; path=/; domain=megaup.net; secure; HttpOnly; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
access-control-allow-origin: https://megaup.net
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
200 OK 6.0 kB URL GET megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 25cfe48e07622a00154b677afcbaeb47
23e3ae1bd04ad1d00d25d30e39815104ceeae52f
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1783"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET fonts.googleapis.com/icon?family=Material+Icons
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT
Hash 736c83e15fc300de505f6ce9762a9396
31c0f11ada78e92970ff42d990116d77c169c6d7
c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jun 2025 00:28:17 GMT
date: Thu, 19 Jun 2025 00:28:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/images/logo/logo.png
200 OK 5.9 kB URL GET megaup.net/themes/spirit/assets/images/logo/logo.png
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Hash fa360a47a62ae74a0a3d8c0f3e6f7f12
168c72a918b04b735f8e0f8a72223a16f0eda358
1d3a3c84dd36871d1009693761f441537117d5ee62c8e775d7d52c77d4c46de4
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: image/png
content-length: 5900
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-170c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
200 OK 70 kB URL GET megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
Hash 6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1107a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
200 OK 14 kB URL GET megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
Hash 0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-3626"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNHilXAFlVRWBHhujlwbal0qw3IW6V7uZQOuhU7IhQsx5AAiLLFF6hrRf8xJjntlog6a4HbFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1858561000%3A1750292898990039
403 Forbidden 0 B URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNHilXAFlVRWBHhujlwbal0qw3IW6V7uZQOuhU7IhQsx5AAiLLFF6hrRf8xJjntlog6a4HbFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1858561000%3A1750292898990039
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint09:73:D4:56:AF:03:7E:40:3B:60:95:56:66:8D:E9:27:E0:DA:EC:DA
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNHilXAFlVRWBHhujlwbal0qw3IW6V7uZQOuhU7IhQsx5AAiLLFF6hrRf8xJjntlog6a4HbFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1858561000%3A1750292898990039 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:19 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-xKZeli-lZOCvhVSXUOCcOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.EgAwAlBY3zc.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Hash 5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 15:48:00 GMT
expires: Fri, 12 Jun 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 549617
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
200 OK 27 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 26596, version 1.0
Hash dae1850484b86d299c31bc08aaa563cf
dca808d6d16965c40bfba4e4b3c8a819f843890d
8f80f993e523f2e6c2d097552740fd26331658da23ffad31d26edcdd3aeec370
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 17:14:01 GMT
expires: Fri, 12 Jun 2026 17:14:01 GMT
cache-control: public, max-age=31536000
age: 544456
last-modified: Wed, 28 May 2025 17:52:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ukankingwithea.com/asd100.bin
404 Not Found 159 B URL GET ukankingwithea.com/asd100.bin
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash fb9666f93e418b95fea8fdbc20e80af9
d4eefca1b299cc266a80e83c9e39c4261cb87583
c6252ea6e785c1dc0d44dab86653a7209eb507e45b70d138ce515576743b64f7
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6RW3U43MVLnjm%2FCg1ZjN49aSv0x3ffd0SQxB3Z%2FXBYNDajOS31aoHvpubj7dCE0p%2FFlv6k4iSocJnxwzc0wMBghXq0zBnd2wW9%2BuPE%2FJX5Q%3D"}]}
content-encoding: br
cf-ray: 951ee7d90af656aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST entwithoughtsu.com/OUJUYjEWfTcRDF1xOBhSfDYXNnRJADFSCHUQPyhLayk8IWMKdnIWWF1/bFAEAHNlREFQJmlRAx8xIANFTDFpUAEJd3ILX18taVABCXRkUgAKcHFVclE2IBJCHHEVRwN/Z2YkSVQuehJQVyc4T1NQJnoBXlRnZiRFUTc5AF9YKzhHAn8rcVF1dBQbBV5gdzk2f04dZEcDDzJxUXUIdWFSAwBwbFsIF3BmUgkId3FQB1AvMxYUCgY9AV5XZ2MhBw17Y1AAZndkUgkIdmJHBnp2ZVUED3ZhUAYBd2NQAwp6ZVQDHzRpUh8AbGZMBx83aVUIAXFjWgMMemZSCQ1wY0RFSSMzXwAfMiAWXQRzY1cBC3tmWwEIdGFT
204 No Content 0 B URL POST entwithoughtsu.com/OUJUYjEWfTcRDF1xOBhSfDYXNnRJADFSCHUQPyhLayk8IWMKdnIWWF1/bFAEAHNlREFQJmlRAx8xIANFTDFpUAEJd3ILX18taVABCXRkUgAKcHFVclE2IBJCHHEVRwN/Z2YkSVQuehJQVyc4T1NQJnoBXlRnZiRFUTc5AF9YKzhHAn8rcVF1dBQbBV5gdzk2f04dZEcDDzJxUXUIdWFSAwBwbFsIF3BmUgkId3FQB1AvMxYUCgY9AV5XZ2MhBw17Y1AAZndkUgkIdmJHBnp2ZVUED3ZhUAYBd2NQAwp6ZVQDHzRpUh8AbGZMBx83aVUIAXFjWgMMemZSCQ1wY0RFSSMzXwAfMiAWXQRzY1cBC3tmWwEIdGFT
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /OUJUYjEWfTcRDF1xOBhSfDYXNnRJADFSCHUQPyhLayk8IWMKdnIWWF1/bFAEAHNlREFQJmlRAx8xIANFTDFpUAEJd3ILX18taVABCXRkUgAKcHFVclE2IBJCHHEVRwN/Z2YkSVQuehJQVyc4T1NQJnoBXlRnZiRFUTc5AF9YKzhHAn8rcVF1dBQbBV5gdzk2f04dZEcDDzJxUXUIdWFSAwBwbFsIF3BmUgkId3FQB1AvMxYUCgY9AV5XZ2MhBw17Y1AAZndkUgkIdmJHBnp2ZVUED3ZhUAYBd2NQAwp6ZVQDHzRpUh8AbGZMBx83aVUIAXFjWgMMemZSCQ1wY0RFSSMzXwAfMiAWXQRzY1cBC3tmWwEIdGFT HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Thu, 19 Jun 2025 00:28:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcUki%2FWSZUWdl8zv0llGrk1PfJjo2Pe1SLr2qwhblYszmHxx0NjTpREUKn2UKzdYNoSJZ9FM%2F7YRc09VfjWmualLNlE06o1BYMkUpjJjl%2FGL5LWqf3PZ2BqWodQCv8V7a%2BsxufU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 951ee7eb8e81569f-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4580&min_rtt=721&rtt_var=2640&sent=114&recv=125&lost=0&retrans=0&sent_bytes=10547&recv_bytes=8101&delivery_rate=540296&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=e32e9f5f67d67832&ts=3553&inflight_dur=80&x=16"
GET static.panel-bid.com/n337/ad/250x250_Q9KZuyHG.png
200 OK 30 kB URL GET static.panel-bid.com/n337/ad/250x250_Q9KZuyHG.png
IP
ASN #20940 Akamai International B.V.
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerLet's Encrypt
Subjectstatic.panel-bid.com
FingerprintC6:EB:56:95:C9:7F:9C:D4:4F:E2:D6:06:17:E3:AA:2E:22:2E:C6:D1
ValidityWed, 28 May 2025 08:10:22 GMT - Tue, 26 Aug 2025 08:10:21 GMT
File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Hash 1133d3aaa0866ea57a5b44ecccd3283b
96417ace0d02687e054a2fba6c9cb197162eb0ea
62aee0fd8036247bfc2fca571d6e6328621f8639e4d939807cb555111f6bd039
GET /n337/ad/250x250_Q9KZuyHG.png HTTP/1.1
Host: static.panel-bid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 29780
Last-Modified: Tue, 11 Apr 2023 12:57:12 GMT
ETag: "64355928-7454"
Accept-Ranges: bytes
Cache-Control: max-age=2222
Expires: Thu, 19 Jun 2025 01:05:24 GMT
Date: Thu, 19 Jun 2025 00:28:22 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP
GET megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
200 OK 80 kB URL GET megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: font/woff2
content-length: 80148
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-13914"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
200 OK 103 kB URL GET megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Size 103 kB (102727 bytes)
Hash c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-19147"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/theme.css
200 OK 207 kB URL GET megaup.net/themes/spirit/assets/frontend/css/theme.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type assembler source, ASCII text, with CRLF line terminators
Size 207 kB (206626 bytes)
Hash 06cc8983a538a05dddf526b3b7e732aa
2414173a1660589ebbba8bdc6e3d1237df6063db
27e49bfa89404d352fa4627719f2a9a3ea5c2759c2bc74e7567ff98b5a996758
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 18:30:52 GMT
vary: Accept-Encoding
etag: W/"67ab975c-32722"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
200 OK 7.1 kB URL GET megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: image/png
content-length: 7137
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/granim.min.js
200 OK 11 kB URL GET megaup.net/themes/spirit/assets/frontend/js/granim.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
Hash 714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-298b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Hash 5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 15:48:00 GMT
expires: Fri, 12 Jun 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 549617
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET entwithoughtsu.com/OEtiSE4XdAE7c24OODoXbzMFLBgJHjoPFB15JB8ibik4AHtsHCQvaEwiBnV3DHJafnoeOwsscwlzRDs6WT8XO3MJbQsmKFd2RD5zCWVSZnwWfkQ9cwltFjgvX3ZTbj5MPw51fw9+Unp3CnNbcH4Bcw
204 No Content 0 B URL GET entwithoughtsu.com/OEtiSE4XdAE7c24OODoXbzMFLBgJHjoPFB15JB8ibik4AHtsHCQvaEwiBnV3DHJafnoeOwsscwlzRDs6WT8XO3MJbQsmKFd2RD5zCWVSZnwWfkQ9cwltFjgvX3ZTbj5MPw51fw9+Unp3CnNbcH4Bcw
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /OEtiSE4XdAE7c24OODoXbzMFLBgJHjoPFB15JB8ibik4AHtsHCQvaEwiBnV3DHJafnoeOwsscwlzRDs6WT8XO3MJbQsmKFd2RD5zCWVSZnwWfkQ9cwltFjgvX3ZTbj5MPw51fw9+Unp3CnNbcH4Bcw HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DCs1DI%2FMGFFsjFVVJxzdFuSO3t3L%2Bsb9m4GJyC1%2FtQTKBHwnQP88zZmvfA0y%2Fqb36yg9zVQtuGV9dMeZAHMgug3B45n3zWGMtgTvBNMjtAI%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 951ee7d5ad7a1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint1E:69:E1:CB:BD:57:90:C7:05:07:13:A1:B7:8A:2B:61:F4:83:52:F3
ValidityMon, 19 May 2025 08:43:40 GMT - Mon, 11 Aug 2025 08:43:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-I7EwVg4VqSHmuhlTGbzKiAnByfW5w:hOIikLlN22TJF-77; Expires=Sat, 19-Jun-2027 00:28:18 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Jun 2025 00:28:18 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiMHB6IcWc3z9MtZqIX91OxJ84HQIYRq9g4PyasyK-NL0bl9j4qKgAj-haBtIeOa6LhbnWDxWA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-FU9ByPgGyKrRgcOpbqvuVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ukankingwithea.com/asd100.bin
404 Not Found 159 B URL GET ukankingwithea.com/asd100.bin
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash fb9666f93e418b95fea8fdbc20e80af9
d4eefca1b299cc266a80e83c9e39c4261cb87583
c6252ea6e785c1dc0d44dab86653a7209eb507e45b70d138ce515576743b64f7
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NjDJMEvs%2BX4COmE25FWJfihuEft%2F2i2vqi62mOgQ4EMJs1k2UbROkHlu6oKSzWj0vJUZNvcmdn%2B0H3YtzWELMgOKEYQNEcM2jMkgLwFvWls%3D"}]}
content-encoding: br
cf-ray: 951ee7d91b0056aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET tomlldahehun.org/multi?cs=T3RYd0J5QGpAdnZCb05wfEVvRHE&abt=0&red=1&sm=76&k=scum%20rune%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=798378258208427&agec=1750292898&fs=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_G1jP=1750292899207&crc=1
200 OK 3.8 kB URL GET tomlldahehun.org/multi?cs=T3RYd0J5QGpAdnZCb05wfEVvRHE&abt=0&red=1&sm=76&k=scum%20rune%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=798378258208427&agec=1750292898&fs=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_G1jP=1750292899207&crc=1
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerAmazon
Subjecttomlldahehun.org
Fingerprint6B:F0:7B:63:2B:19:E1:74:83:15:1A:BF:1B:B4:E6:71:68:14:57:3D
ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT
File type ASCII text, with very long lines (3831), with no line terminators
Hash 3c5d96eebaa27af64cde448f1b6362c0
80d3ee76aa682d0fb6fa70aae401229aea41f724
c6661fd5416c34124b388009ae71f3ddda309935cbcd2af4c97bafd379ae8ffe
GET /multi?cs=T3RYd0J5QGpAdnZCb05wfEVvRHE&abt=0&red=1&sm=76&k=scum%20rune%20part1&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=798378258208427&agec=1750292898&fs=1&ref=https%3A%2F%2Fmegaup.net%2Fbee4aaade3aef77243ae3fd984b39a21%2FSCUM-RUNE.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_G1jP=1750292899207&crc=1 HTTP/1.1
Host: tomlldahehun.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 1874
date: Thu, 19 Jun 2025 00:28:19 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=d5jg13axdAgav/9hgGASdlmciElTFpxYywhvwpaPNa9GrmJlpqVoYSw8SMzvkWxD+FByZ4Gf/orCzt7OXM2y5tGkHXnjP4eTLEX0lu6x7hDqNq1D/1gDx8D00Aj2; Expires=Thu, 26 Jun 2025 00:28:19 GMT; Path=/
AWSALBCORS=d5jg13axdAgav/9hgGASdlmciElTFpxYywhvwpaPNa9GrmJlpqVoYSw8SMzvkWxD+FByZ4Gf/orCzt7OXM2y5tGkHXnjP4eTLEX0lu6x7hDqNq1D/1gDx8D00Aj2; Expires=Thu, 26 Jun 2025 00:28:19 GMT; Path=/; SameSite=None
csu=b26c8325-fcaf-4cc5-b2e0-fc121dff284b
csu=798378258208427
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C_pVz0vBh2NZINCWkWva9ktsNSJA7BoRPwRYeBq11W52_LvOY4o9CA==
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
200 OK 3.2 kB URL GET megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 4541b29b6040bc31b760f98e914fd1d7
0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-c58"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
200 OK 87 kB URL GET megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Hash 5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-152b9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/datepicker.js
200 OK 21 kB URL GET megaup.net/themes/spirit/assets/frontend/js/datepicker.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Hash 8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-51ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET fonts.gstatic.com/s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 48332, version 1.0
Hash 5734e133a619a6ae6ee21a6c00a95eba
57c0ac17302d07bd4f968240098afe5ed53d4ad2
d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a
GET /s/opensans/v43/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jun 2025 15:48:00 GMT
expires: Fri, 12 Jun 2026 15:48:00 GMT
cache-control: public, max-age=31536000
age: 549617
last-modified: Wed, 28 May 2025 18:06:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET undefined/bHVWUDcNFzU9CA1INHZCHhlrdQUqUGQWU18aMWhDXU1lOQYaFzF+VAAaIzRRHho4JBkCECJ1BSoDBDt9GyE6EVsgJ2I/VRY8JBZ/IgU1PkMlEBECUCESHyJ5AgYgFmQHDRsqfQk8EgVONjc5aWcVEi8EZlQ2MihiBj8vGVQmDAMIdj88ExNwCx4GE20iEzgJRiUNYiBVOzQ4GF5dATJiZj4+PBoACBkPZ3o0BiAYTT1AHTkDPhRkGXYIRGN1BS4RDgJOOzE9ZXwvLDAfZCIfNRV2Cz8RHkA9PW83ViQ/ADZlJh81FXZZOgU4Bz4yIjp1KxEVNl4EAjI8GjpMEz15GyQSJ1o1RhMoUV47LzJyLhsyCGUVMy8jTSAmZwZRLi9mM1wqUGQSbiQRLwFgGBwyOWY2JRIFUCAkPiJuCzcsAQQcUGQSUwEkEDMFKVM8I1gCBWsRZV0iBTlFNhADCWYIMy4
0 B URL GET undefined/bHVWUDcNFzU9CA1INHZCHhlrdQUqUGQWU18aMWhDXU1lOQYaFzF+VAAaIzRRHho4JBkCECJ1BSoDBDt9GyE6EVsgJ2I/VRY8JBZ/IgU1PkMlEBECUCESHyJ5AgYgFmQHDRsqfQk8EgVONjc5aWcVEi8EZlQ2MihiBj8vGVQmDAMIdj88ExNwCx4GE20iEzgJRiUNYiBVOzQ4GF5dATJiZj4+PBoACBkPZ3o0BiAYTT1AHTkDPhRkGXYIRGN1BS4RDgJOOzE9ZXwvLDAfZCIfNRV2Cz8RHkA9PW83ViQ/ADZlJh81FXZZOgU4Bz4yIjp1KxEVNl4EAjI8GjpMEz15GyQSJ1o1RhMoUV47LzJyLhsyCGUVMy8jTSAmZwZRLi9mM1wqUGQSbiQRLwFgGBwyOWY2JRIFUCAkPiJuCzcsAQQcUGQSUwEkEDMFKVM8I1gCBWsRZV0iBTlFNhADCWYIMy4
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bHVWUDcNFzU9CA1INHZCHhlrdQUqUGQWU18aMWhDXU1lOQYaFzF+VAAaIzRRHho4JBkCECJ1BSoDBDt9GyE6EVsgJ2I/VRY8JBZ/IgU1PkMlEBECUCESHyJ5AgYgFmQHDRsqfQk8EgVONjc5aWcVEi8EZlQ2MihiBj8vGVQmDAMIdj88ExNwCx4GE20iEzgJRiUNYiBVOzQ4GF5dATJiZj4+PBoACBkPZ3o0BiAYTT1AHTkDPhRkGXYIRGN1BS4RDgJOOzE9ZXwvLDAfZCIfNRV2Cz8RHkA9PW83ViQ/ADZlJh81FXZZOgU4Bz4yIjp1KxEVNl4EAjI8GjpMEz15GyQSJ1o1RhMoUV47LzJyLhsyCGUVMy8jTSAmZwZRLi9mM1wqUGQSbiQRLwFgGBwyOWY2JRIFUCAkPiJuCzcsAQQcUGQSUwEkEDMFKVM8I1gCBWsRZV0iBTlFNhADCWYIMy4 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST entwithoughtsu.com/aDlDUGNHBiAjXgxuBSg2MHsCBiYAXhIVUjxrBB4qOn8BETkDbGUkCgwEe2JWUQhydhMBXX5jUU5KNzEXHUp+YlNYDGU5DQ5WfmJTWA9zYFZeCmZnIABNNyAQTQoCdVEuHHEWEQZULCBNC1YudVEuUCZ1UC5PZmMnXBxxZgBNCgcoAA1BLh9WCnIVPiEnXXsGKgJ8HDYhEQ8CIgUifhopBBBVdiYJUFp7OgggTHpmPBBKcylWL1cWHikcQRkRAAkLGh8JHEwAZg5QVnpnViwBMwlQOAoSKlNcYXU1EyddAmIyAAsMKlIEfRA9GSF8JSo8K2EvfRoDTnITKDBdCgAFGnB6OAVQDTAhTjhTED8OO0koFTpFfzY5LltvGwAHXw8LJhUafwcJG1l9KmBaLGMVKhECDXcYJzFgJjkpBgAZfVMRVRsIM1hycTgwDWExFyENSRo2NkVDFwAwK1YSFFNaZhRhOiNYKmg1MFZ2YiECZjo+CCwUN2QuGUsRGzcteAQ6CAB+ER1bXncnISoxXiQZUlBOETUVOFIVAjkgawwhJiIBNhFbL0obHhFcSDcRWwZfd2gqDWArA1I9aHsHMxpKERQQC00oJhEkTRMVBhJNNAkVK3svEg5bdAgkMxpNMmkCNwx0OzNFUA0eMzd0dR0FPFsICAc3DjpjDhBSBCUOJVEhEgYlcHZpCR13IAAzLmAGMTo7eDU3FzF6AB0bLFIcI05aUjYAMzBtAD8rB3QuPAsYDAg0Vx5DATI8BFsCNRUjYwI8JgF8MDkzD08HDxcJCyAZNxxqdmgCDnMiFzw7AAl1UV5PcnVQLA56dVFeT3F1UCwOcmVSXhx0Ew0dVS91VCsNcmdWXg12YlRQDHRiUVsBcmZRTk9+YE1RF3F+VU5MfmdaUAp0aFFdAXFgW1wLdHYXGFgkbVJOSTckD1UIdGVTWgBxaVNdD3Fm
204 No Content 0 B URL POST entwithoughtsu.com/aDlDUGNHBiAjXgxuBSg2MHsCBiYAXhIVUjxrBB4qOn8BETkDbGUkCgwEe2JWUQhydhMBXX5jUU5KNzEXHUp+YlNYDGU5DQ5WfmJTWA9zYFZeCmZnIABNNyAQTQoCdVEuHHEWEQZULCBNC1YudVEuUCZ1UC5PZmMnXBxxZgBNCgcoAA1BLh9WCnIVPiEnXXsGKgJ8HDYhEQ8CIgUifhopBBBVdiYJUFp7OgggTHpmPBBKcylWL1cWHikcQRkRAAkLGh8JHEwAZg5QVnpnViwBMwlQOAoSKlNcYXU1EyddAmIyAAsMKlIEfRA9GSF8JSo8K2EvfRoDTnITKDBdCgAFGnB6OAVQDTAhTjhTED8OO0koFTpFfzY5LltvGwAHXw8LJhUafwcJG1l9KmBaLGMVKhECDXcYJzFgJjkpBgAZfVMRVRsIM1hycTgwDWExFyENSRo2NkVDFwAwK1YSFFNaZhRhOiNYKmg1MFZ2YiECZjo+CCwUN2QuGUsRGzcteAQ6CAB+ER1bXncnISoxXiQZUlBOETUVOFIVAjkgawwhJiIBNhFbL0obHhFcSDcRWwZfd2gqDWArA1I9aHsHMxpKERQQC00oJhEkTRMVBhJNNAkVK3svEg5bdAgkMxpNMmkCNwx0OzNFUA0eMzd0dR0FPFsICAc3DjpjDhBSBCUOJVEhEgYlcHZpCR13IAAzLmAGMTo7eDU3FzF6AB0bLFIcI05aUjYAMzBtAD8rB3QuPAsYDAg0Vx5DATI8BFsCNRUjYwI8JgF8MDkzD08HDxcJCyAZNxxqdmgCDnMiFzw7AAl1UV5PcnVQLA56dVFeT3F1UCwOcmVSXhx0Ew0dVS91VCsNcmdWXg12YlRQDHRiUVsBcmZRTk9+YE1RF3F+VU5MfmdaUAp0aFFdAXFgW1wLdHYXGFgkbVJOSTckD1UIdGVTWgBxaVNdD3Fm
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /aDlDUGNHBiAjXgxuBSg2MHsCBiYAXhIVUjxrBB4qOn8BETkDbGUkCgwEe2JWUQhydhMBXX5jUU5KNzEXHUp+YlNYDGU5DQ5WfmJTWA9zYFZeCmZnIABNNyAQTQoCdVEuHHEWEQZULCBNC1YudVEuUCZ1UC5PZmMnXBxxZgBNCgcoAA1BLh9WCnIVPiEnXXsGKgJ8HDYhEQ8CIgUifhopBBBVdiYJUFp7OgggTHpmPBBKcylWL1cWHikcQRkRAAkLGh8JHEwAZg5QVnpnViwBMwlQOAoSKlNcYXU1EyddAmIyAAsMKlIEfRA9GSF8JSo8K2EvfRoDTnITKDBdCgAFGnB6OAVQDTAhTjhTED8OO0koFTpFfzY5LltvGwAHXw8LJhUafwcJG1l9KmBaLGMVKhECDXcYJzFgJjkpBgAZfVMRVRsIM1hycTgwDWExFyENSRo2NkVDFwAwK1YSFFNaZhRhOiNYKmg1MFZ2YiECZjo+CCwUN2QuGUsRGzcteAQ6CAB+ER1bXncnISoxXiQZUlBOETUVOFIVAjkgawwhJiIBNhFbL0obHhFcSDcRWwZfd2gqDWArA1I9aHsHMxpKERQQC00oJhEkTRMVBhJNNAkVK3svEg5bdAgkMxpNMmkCNwx0OzNFUA0eMzd0dR0FPFsICAc3DjpjDhBSBCUOJVEhEgYlcHZpCR13IAAzLmAGMTo7eDU3FzF6AB0bLFIcI05aUjYAMzBtAD8rB3QuPAsYDAg0Vx5DATI8BFsCNRUjYwI8JgF8MDkzD08HDxcJCyAZNxxqdmgCDnMiFzw7AAl1UV5PcnVQLA56dVFeT3F1UCwOcmVSXhx0Ew0dVS91VCsNcmdWXg12YlRQDHRiUVsBcmZRTk9+YE1RF3F+VU5MfmdaUAp0aFFdAXFgW1wLdHYXGFgkbVJOSTckD1UIdGVTWgBxaVNdD3Fm HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Thu, 19 Jun 2025 00:28:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sJHCFK1dL4okfhj3BVOpbjmqhnzdiYB4SSjszehPpcFOY1KhQl9RjJ3wuImoDQHvuq1VWTS1bFs1FDdj4EcX5YKfX%2BYsBT2wcNtNMFS118ZHVzUdaujNVGPFhgyfUxw6eL1zZc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 951ee8043ed3569f-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4125&min_rtt=721&rtt_var=2889&sent=116&recv=127&lost=0&retrans=0&sent_bytes=11180&recv_bytes=9179&delivery_rate=540296&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=e32e9f5f67d67832&ts=7498&inflight_dur=101&x=16"
GET rnmop.com/ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516
301 Moved Permanently 59 kB URL GET rnmop.com/ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516
IP
ASN #24940 Hetzner Online GmbH
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerLet's Encrypt
Subjectnimrute.com
FingerprintE2:D9:3C:CF:D5:57:A7:A2:2A:60:4E:99:80:79:B1:7A:F2:04:4F:7D
ValidityMon, 05 May 2025 05:34:31 GMT - Sun, 03 Aug 2025 05:34:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=xcexmO5bKVnBOd8VIjE_fBy6ArfJGYygxl5vj8c8jkHu96_xs0y5GnUNJtxZAca2YOjtuC6m8o975D8pY3P3Qz04X6epOdA2Qh2Oz1lDSmzIEfz_CXl-ykw1CKXdIPfrI9hf84sq-PjSomSpkEY-FuiM3VXPd76HvvrFDYx1Di09DZVzrj44HDYYeiJn9Z-0ylXXP0K2hSeXrGBepYfU-zTPSCoQD02_W1YKai8VXo52Bj_ynkD-t4MqrRKTEAGjkhGRM86NdqIYggI18wRevPkVRZHROqEJ8uA8GsXNr4qtA8nf48IeYhS1UQ8WPrsRDsctkvrLtPEeztwYvCBlBm3MKtPrtq9a_57kP-iNNP_M6MfTbKXd_7y3mxkGumMhbBeMI59juNcPPFYEaYSAvgtYCCMxDk_s-2kuPPXTCoHoMmlhp5Kd4vzBb_lbAevKZAlEiEsiPgvD_ta2cITtS58afJaG_S9J&v1=79&v2=71516 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Thu, 19 Jun 2025 00:28:25 GMT
content-length: 0
location: https://img.vmmcdn.com/get/1684855/238426_icon.png
x-app-id: 11
GET www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 288 kB URL GET www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (5913)
Size 288 kB (288362 bytes)
Hash 6c97698b1de8e4c74a697a6d43681423
02ac33c771757b0759e3691ef4ae05dbb0cb1795
b0df2fbce1623c8a829c449920aaa990a5f3b1d2974856f47da37a3c1027e938
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 00:28:17 GMT
expires: Thu, 19 Jun 2025 00:28:17 GMT
cache-control: private, max-age=900
last-modified: Thu, 19 Jun 2025 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 101578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
200 OK 490 kB URL GET d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size 490 kB (489877 bytes)
Hash f234eeff35df9fb33237d3ff5db8d59b
841148ccc9e784c57cf5f10270efe70d5ffa566d
b0e2821384792124c0a358a2fa130553027a28cdb8a68c5d717f8e42730fad84
GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 152090
date: Thu, 19 Jun 2025 00:28:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 3bd19ecae9d202e55626096b4934d62e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: VFGpE6GQU8X-c68ptjN-PBFkGqRlzn8_2_d9mTWOrOmKM3e7opGtxw==
X-Firefox-Spdy: h2
GET undefined/U1VKREoyNykpdTJoKGI/ITl3YXgVcHgCLmA6LXw+Ym15LXslNy1qKT86PyAsITokMGQ9MD5heBUyGXUMBgEfIyUDPyU2LiltfgkCESIsAy49MwIGPhoGEysGPQxyCRk8JRotDGUcM3RvYRMuPn52ZwgOMwY9KxApAB8ZDQsUMiUBEysMLwASJzwAFyYmBTM3PTAdIjAaBwAgCHkJZgcXByExJwYzHxY9NCgUFzgUDiBweAYaYBQ7DiMaPQEQAyUYIwFvYRMoLn4kNBkFJB4BLXADADk/HTIZYRAqPmMPJHUtAxEtcgEANnINJBVweAIvEAAmJxJqYS8pDGUzHXV+FmZnAm9hEy8APWcaJDByMTgDEysbJX0PHRlgKBwtBzYSfX4cBi48LDQ5fB0nET8vAwBjDyR0PB8/A2F4FRwndX8VZxB9LwshIh4SYmAoKQQ4HjMBfx0RAy0HFGAgASQrYix3czg0MHV4ChRsLjk8Ozp5MAk7ORAdERp4BhkWZXk1Lg
0 B URL GET undefined/U1VKREoyNykpdTJoKGI/ITl3YXgVcHgCLmA6LXw+Ym15LXslNy1qKT86PyAsITokMGQ9MD5heBUyGXUMBgEfIyUDPyU2LiltfgkCESIsAy49MwIGPhoGEysGPQxyCRk8JRotDGUcM3RvYRMuPn52ZwgOMwY9KxApAB8ZDQsUMiUBEysMLwASJzwAFyYmBTM3PTAdIjAaBwAgCHkJZgcXByExJwYzHxY9NCgUFzgUDiBweAYaYBQ7DiMaPQEQAyUYIwFvYRMoLn4kNBkFJB4BLXADADk/HTIZYRAqPmMPJHUtAxEtcgEANnINJBVweAIvEAAmJxJqYS8pDGUzHXV+FmZnAm9hEy8APWcaJDByMTgDEysbJX0PHRlgKBwtBzYSfX4cBi48LDQ5fB0nET8vAwBjDyR0PB8/A2F4FRwndX8VZxB9LwshIh4SYmAoKQQ4HjMBfx0RAy0HFGAgASQrYix3czg0MHV4ChRsLjk8Ozp5MAk7ORAdERp4BhkWZXk1Lg
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /U1VKREoyNykpdTJoKGI/ITl3YXgVcHgCLmA6LXw+Ym15LXslNy1qKT86PyAsITokMGQ9MD5heBUyGXUMBgEfIyUDPyU2LiltfgkCESIsAy49MwIGPhoGEysGPQxyCRk8JRotDGUcM3RvYRMuPn52ZwgOMwY9KxApAB8ZDQsUMiUBEysMLwASJzwAFyYmBTM3PTAdIjAaBwAgCHkJZgcXByExJwYzHxY9NCgUFzgUDiBweAYaYBQ7DiMaPQEQAyUYIwFvYRMoLn4kNBkFJB4BLXADADk/HTIZYRAqPmMPJHUtAxEtcgEANnINJBVweAIvEAAmJxJqYS8pDGUzHXV+FmZnAm9hEy8APWcaJDByMTgDEysbJX0PHRlgKBwtBzYSfX4cBi48LDQ5fB0nET8vAwBjDyR0PB8/A2F4FRwndX8VZxB9LwshIh4SYmAoKQQ4HjMBfx0RAy0HFGAgASQrYix3czg0MHV4ChRsLjk8Ozp5MAk7ORAdERp4BhkWZXk1Lg HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET ukankingwithea.com/
200 OK 26 B IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type ASCII text, with no line terminators
Hash e4633d4acca7abeb5d1587d5248721d8
8fb075dd45ee34971ff258a05603ff1bc690b14b
b6d2484a25902de55dd8e17d7679d9dd2bfc5092dc9fc2aea9a0c4212cd2fed3
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Iqumd0sQXEltKKYiCm49TFaCWYGcaVmacJd97gTGQoLIbRlpVxaZJkl3w8MK5Jv4%2Flfm01tAiZ6xG2CqY1LKH3vzKRFnweDz69T%2FMzpziJg%3D"}]}
content-encoding: br
set-cookie: csu=335140285369120@1@1750292898; SameSite=None; Secure; Max-Age=31104000
cf-ray: 951ee7d90af956aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET undefined/Q01IN3oiLytaRSJwKhEPMSF1EkgFaHpxHnAiLw8OcnV7Xks1Ly8ZGS8iPVMcMSImQ1QtKDwSSAUhEVk0NhkjcjgLDAlYHCsUKXQUDXgdciAbK3t1PwI1P0UwcnUtdAMoKg5ANAIEC2YtFRwZDjYkOgxiDSwiCk8RdQowUBYTHCtRMRB8HnAQEiEQBzQKBCF2NwULBlgwAjoZYkl6IwlPGQ4ue2E/ATV8XzEvdQ92OSwmCnUVAgYxYT8BKnFNNgJ9AnUDCjkJBiAgDgBlNxJ9PA8ZFiINdQMCIQxmKycse3kpCx84RRlyBwtvFwE1Ggc7MCx7eSkBDGVUHSd8EmAiEjUjYj8OGi1/LAscC08IIHwBdT0EOTF+SgkpLVpDEBojQ0IgHB1gPhAYPWVKBiIufzwXHHkCX3ELK2E0FBUAAxQAOg17MQB5KWEWNAQrcTwLHAACFAV9fVFcKT4nWQp+CSFSEBcYEXA0KhwgeA
0 B URL GET undefined/Q01IN3oiLytaRSJwKhEPMSF1EkgFaHpxHnAiLw8OcnV7Xks1Ly8ZGS8iPVMcMSImQ1QtKDwSSAUhEVk0NhkjcjgLDAlYHCsUKXQUDXgdciAbK3t1PwI1P0UwcnUtdAMoKg5ANAIEC2YtFRwZDjYkOgxiDSwiCk8RdQowUBYTHCtRMRB8HnAQEiEQBzQKBCF2NwULBlgwAjoZYkl6IwlPGQ4ue2E/ATV8XzEvdQ92OSwmCnUVAgYxYT8BKnFNNgJ9AnUDCjkJBiAgDgBlNxJ9PA8ZFiINdQMCIQxmKycse3kpCx84RRlyBwtvFwE1Ggc7MCx7eSkBDGVUHSd8EmAiEjUjYj8OGi1/LAscC08IIHwBdT0EOTF+SgkpLVpDEBojQ0IgHB1gPhAYPWVKBiIufzwXHHkCX3ELK2E0FBUAAxQAOg17MQB5KWEWNAQrcTwLHAACFAV9fVFcKT4nWQp+CSFSEBcYEXA0KhwgeA
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /Q01IN3oiLytaRSJwKhEPMSF1EkgFaHpxHnAiLw8OcnV7Xks1Ly8ZGS8iPVMcMSImQ1QtKDwSSAUhEVk0NhkjcjgLDAlYHCsUKXQUDXgdciAbK3t1PwI1P0UwcnUtdAMoKg5ANAIEC2YtFRwZDjYkOgxiDSwiCk8RdQowUBYTHCtRMRB8HnAQEiEQBzQKBCF2NwULBlgwAjoZYkl6IwlPGQ4ue2E/ATV8XzEvdQ92OSwmCnUVAgYxYT8BKnFNNgJ9AnUDCjkJBiAgDgBlNxJ9PA8ZFiINdQMCIQxmKycse3kpCx84RRlyBwtvFwE1Ggc7MCx7eSkBDGVUHSd8EmAiEjUjYj8OGi1/LAscC08IIHwBdT0EOTF+SgkpLVpDEBojQ0IgHB1gPhAYPWVKBiIufzwXHHkCX3ELK2E0FBUAAxQAOg17MQB5KWEWNAQrcTwLHAACFAV9fVFcKT4nWQp+CSFSEBcYEXA0KhwgeA HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
200 OK 536 B URL GET megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type PNG image data, 57 x 57, 8-bit colormap, non-interlaced
Hash 0019444f6b6df5b4b5ed32b6b469caab
4232370d10ab54ef9bda57aa9dcb813036047b35
0509f6df067face535f028cd86200748952227161f8f244aa7864e7848553562
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: image/png
content-length: 536
last-modified: Thu, 13 Feb 2025 17:40:08 GMT
vary: Accept-Encoding
etag: "67ae2e78-218"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
POST entwithoughtsu.com/cEpxRzFfdRI0DBQwGXRVHQAyA2RFAiQsCTsbGhVQIi0dAGAmKVczWBR3SXUESXtAYUEZLkx0A1Y5BSZFBTlMdQFAfVcuXxYlTHUXBndBaQheeF9xFwV3QGFFACsWegBWOgUzXU17RnIBQnNDfwhJe0B+
204 No Content 0 B URL POST entwithoughtsu.com/cEpxRzFfdRI0DBQwGXRVHQAyA2RFAiQsCTsbGhVQIi0dAGAmKVczWBR3SXUESXtAYUEZLkx0A1Y5BSZFBTlMdQFAfVcuXxYlTHUXBndBaQheeF9xFwV3QGFFACsWegBWOgUzXU17RnIBQnNDfwhJe0B+
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /cEpxRzFfdRI0DBQwGXRVHQAyA2RFAiQsCTsbGhVQIi0dAGAmKVczWBR3SXUESXtAYUEZLkx0A1Y5BSZFBTlMdQFAfVcuXxYlTHUXBndBaQheeF9xFwV3QGFFACsWegBWOgUzXU17RnIBQnNDfwhJe0B+ HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
date: Thu, 19 Jun 2025 00:28:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YcHbPHLUyQHiDcsEtL9WZgJL%2BIW5eHKAP%2BqgX9astiTnyn9lf2IRPl8wEZBMMpm9njKS9utRwPQcamJ0Q30XcdFR%2BAgi6%2BOFM3Yw3%2B4BYCfxupE%2FcwlWrtJxYPqiAHth27ECEqg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 951ee7db8e44569f-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4952&min_rtt=721&rtt_var=2529&sent=112&recv=123&lost=0&retrans=0&sent_bytes=9912&recv_bytes=7496&delivery_rate=540296&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=e32e9f5f67d67832&ts=988&inflight_dur=58&x=16"
GET xml.panel-bid.com/thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon
0 B URL GET xml.panel-bid.com/thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=MVOgoY5mTNw_0&p=1750292899.220815&imgt=icon HTTP/1.1
Host: xml.panel-bid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
200 OK 3.9 kB URL GET megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f31"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/css/flickity.css
200 OK 2.5 kB URL GET megaup.net/themes/spirit/assets/frontend/css/flickity.css
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 244d315064064270eabbbb7ac9f6c700
21ad53d3efbb40154293190173ee0c497ed7651c
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-9d9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
200 OK 5.4 kB URL GET megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators
Hash 76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9jvfisd0eao2jf7ct0dirk96po
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 00:28:17 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-14f0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
GET entwithoughtsu.com/aWRYWmlGWzspVCYxKGs9PyEVPFkRXAELL101EGMZKiwsHwwENX4uAA1ZYGhcUFVpfBkAAGVpW08XLDsdHBdla08ACj41VE8SZWpHUEpqdF9PEWVrTx0UOT1UWEIoLh0FWWltXFlWYWhRUFxobF0
204 No Content 0 B URL GET entwithoughtsu.com/aWRYWmlGWzspVCYxKGs9PyEVPFkRXAELL101EGMZKiwsHwwENX4uAA1ZYGhcUFVpfBkAAGVpW08XLDsdHBdla08ACj41VE8SZWpHUEpqdF9PEWVrTx0UOT1UWEIoLh0FWWltXFlWYWhRUFxobF0
IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectentwithoughtsu.com
Fingerprint9F:4E:E2:30:75:A9:98:9D:2D:DE:B6:6E:85:FF:D4:16:C1:52:D1:33
ValidityWed, 11 Jun 2025 06:22:56 GMT - Tue, 09 Sep 2025 07:20:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /aWRYWmlGWzspVCYxKGs9PyEVPFkRXAELL101EGMZKiwsHwwENX4uAA1ZYGhcUFVpfBkAAGVpW08XLDsdHBdla08ACj41VE8SZWpHUEpqdF9PEWVrTx0UOT1UWEIoLh0FWWltXFlWYWhRUFxobF0 HTTP/1.1
Host: entwithoughtsu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 19 Jun 2025 00:28:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1jnT%2Ba7IEdsiG%2BvqKV31AZkqLxgj9JGLuO%2Bbk%2FZJ5emYuO7JHZ5N%2F8goy1DerBp%2FiUWlsavBKnWFfVm35%2BEuu9FBe2pSFB1FJvos3ljyLX4%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 951ee7d54d5b1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 26 B IP
Requested by https://megaup.net/bee4aaade3aef77243ae3fd984b39a21/SCUM-RUNE.part1.rar
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70
ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File type ASCII text, with no line terminators
Hash d60b088a8dc0353148c97ddf7b908fc5
eb7621799dd86ede567cb24f8509be88c7072917
0fa3c9df7c22dd2105ac65978cd9e7887d6b5d3584d15df2c03605d1d700bf55
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 00:28:18 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=30i%2BuBiqomA%2BBVFMsdo0IZnV%2Bb61C7t2lNfvx5hiFFRCwXnPY3mZbL7grjq8BWL%2Fma3FWZbaFD5ukspDypz7tWteBB7LInpeZMOoc9noLA4%3D"}]}
content-encoding: br
set-cookie: csu=798378258208427@1@1750292898; SameSite=None; Secure; Max-Age=31104000
cf-ray: 951ee7d92b0456aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
5.34.214.148
3.167.7.122
46.4.121.113
23.36.77.89
0.0.0.0
0.0.0.0