megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL GET HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL GET HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.168200 OK 66 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.168:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintD5:C6:22:6E:78:C0:41:DC:4E:57:64:04:AF:03:23:D2:2C:BA:58:3A
ValidityMon, 03 Jul 2023 08:19:15 GMT - Mon, 25 Sep 2023 08:19:14 GMT
File type ASCII text, with very long lines (4289)
Hash 35473e1d8d2cc30d2dbf465cb61b19d0
bb21387953fb4e77c0582e26f9dc47355bc9a429
e49b2959371bcb181420e9583987f89a024b7870c3348689383cf170c8c877c1
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Jul 2023 01:03:56 GMT
expires: Mon, 24 Jul 2023 01:03:56 GMT
cache-control: private, max-age=900
last-modified: Mon, 24 Jul 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.115200 OK 190 kB URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.115:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 190 kB (190060 bytes)
Hash 8029054effd7d1e9dfb57a62300a7019
c7dfae047d533f129e4b5a91c3b196d3cdc5b7fc
74713d920c49f796b44fbb51d5efde0b12cb1fccd5f602da3d73499fb42d1b3d
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 190060
date: Mon, 24 Jul 2023 01:00:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xc-FB4x0UId6VIOwNsk-Q0IdccT9wcrRgjjmSjGvhZgZ8JjmZ7QeJg==
age: 203
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.129200 OK 26 B URL GET HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.129:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerLet's Encrypt
Subjectkeydawnawe.com
Fingerprint7C:00:70:47:FE:E2:02:52:7E:F9:63:7A:71:48:91:70:57:73:F1:DD
ValidityWed, 21 Jun 2023 23:03:50 GMT - Tue, 19 Sep 2023 23:03:49 GMT
File type ASCII text, with no line terminators
Hash 4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jul 2023 01:03:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Tue, 25-Jul-2023 01:03:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyEsKwjAURuHciwTEIPzQBXQFodU66NTO24ErKFUkEHJDkvrYvXVwBt9RSnFlwC7C9K3tG9udbHvpQE%2FwOIGXAD1Kes9fUAI3Z3AKOEzZSz3IGsr2F%2Bz%2BBjkcr9596pv4tTgJGby1HyRFSXN5gKImcBHN4HyvFOilzQ9y0h6R; expires=Tue, 25-Jul-2023 01:03:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
142.91.159.93200 OK 25 B URL GET HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 142.91.159.93:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerLet's Encrypt
Subjectaltowriestwispy.com
Fingerprint12:2B:52:FF:B1:72:59:6F:1C:F8:1F:2B:A8:A0:78:C3:01:7C:25:B0
ValidityFri, 02 Jun 2023 23:17:20 GMT - Thu, 31 Aug 2023 23:17:19 GMT
File type ASCII text, with no line terminators
Hash f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jul 2023 01:03:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Tue, 25-Jul-2023 01:03:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyEsKwjAURuHciwTEIPzQBXQFodU66NTO24ErKFUkEHJDkvrYvXVwBt9RSnFlwC7C9K3tG9udbHvpQE%2FwOIGXAD1Kes9fUAI3Z3AKOEzZSz3IGsr2F%2Bz%2BBjkcr9596pv4tTgJGby1HyRFSXN5gKImcBHN4HyvFOilzQ9y0h6R; expires=Tue, 25-Jul-2023 01:03:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 41 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1259)
Hash aafe893df6f86140460a76d58dcecfe2
fe1a74890dc8f040f5f681041663b96d983163f6
2d9574ce1b6890bd6ccf1ef3d04fe1328f35c5bbced7b6b331459119ef4fe480
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 52 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 2d40e9899d9667475ee4a7d5d9731311
6e3b230480bc36ce2e9b0622a48af5924535a72b
a72e6ce7c10983fcd6773f0db77f049b7a85039d3e7212a12ad56fbb8d70a6e6
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:57 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
91.209.70.182200 OK 21 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
Hash fddcefaab6f97068221e3a5a903c049c
251044c138ad554f9a8d4ee8de0422fc7f02851f
61a41176d3175622252d5c00b2bab632e4b35d8828380dc4c72dd5efe3a53d73
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:57 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
heukwasanasosett.info/VzFqMkV4DglBeAVfIwYcD0FPAAMGRlNlFjl/LXYTDX4JZyobZi8KYyNYDg9yYQBbCnNxQQNWeGYXGUYkI0QZD3RxWARUKmoXHA90eQJeHHZjH1oUMGoATEY1NlZXA2MnRR5eeGYHUwJ0YQFcAHdlB1I
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/VzFqMkV4DglBeAVfIwYcD0FPAAMGRlNlFjl/LXYTDX4JZyobZi8KYyNYDg9yYQBbCnNxQQNWeGYXGUYkI0QZD3RxWARUKmoXHA90eQJeHHZjH1oUMGoATEY1NlZXA2MnRR5eeGYHUwJ0YQFcAHdlB1I
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VzFqMkV4DglBeAVfIwYcD0FPAAMGRlNlFjl/LXYTDX4JZyobZi8KYyNYDg9yYQBbCnNxQQNWeGYXGUYkI0QZD3RxWARUKmoXHA90eQJeHHZjH1oUMGoATEY1NlZXA2MnRR5eeGYHUwJ0YQFcAHdlB1I HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3B%2F2V87pZw2s5qeIpcKzB3G7quFPWcZD%2BunOyZJrznKKUBTXw1gQc9FT66fV5vnDiSsAv5MupAIxIR%2FKYH235eqEwKqfEqgFvqNGmEmijp%2BGVnTajSbfl8PIEbPPUiXXL56ifT8bes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f10386eb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
itwkuouldhuke.info/QUIwRm8gIFMrUCB/UmAaMy4NY10HZwIACywvSi0JJXoCMQ44LB4lAy43VCAdLixEaAEkNhV0KQojXhwDGwd1DCgQMXMgB3UkcRADdBV1CAwXGnILJwMbfAoXMQ5+BRwCDlsLPwMsfQkhFQxUHBd1D3EQAzkWcikqAitqHjoAA3sPAyUKYTE6LQF1Mj0QKGUnKBB3agguEBFxByYuAHILLRAoYQo8NiV8CRgMI3MXOSoVdAQ+Eix2Fj0HFH0JOTUKYQAMBRYAFDkCAVcDLjlzciVeLg1oECYkGnUMLhc1fhY9BxdnCF94BHoAOTkXAS45FRViHz0mb3kEJiYHahcpGApnAzUUFHgADRMuYgQMcC1hAi0YKXQEBCUTaAscE3NiEA1wMmEDKS01FiwcLixAez4OAXRzBSNwVAU5eA
108.157.214.13200 OK 1.2 kB URL GET HTTP/2 itwkuouldhuke.info/QUIwRm8gIFMrUCB/UmAaMy4NY10HZwIACywvSi0JJXoCMQ44LB4lAy43VCAdLixEaAEkNhV0KQojXhwDGwd1DCgQMXMgB3UkcRADdBV1CAwXGnILJwMbfAoXMQ5+BRwCDlsLPwMsfQkhFQxUHBd1D3EQAzkWcikqAitqHjoAA3sPAyUKYTE6LQF1Mj0QKGUnKBB3agguEBFxByYuAHILLRAoYQo8NiV8CRgMI3MXOSoVdAQ+Eix2Fj0HFH0JOTUKYQAMBRYAFDkCAVcDLjlzciVeLg1oECYkGnUMLhc1fhY9BxdnCF94BHoAOTkXAS45FRViHz0mb3kEJiYHahcpGApnAzUUFHgADRMuYgQMcC1hAi0YKXQEBCUTaAscE3NiEA1wMmEDKS01FiwcLixAez4OAXRzBSNwVAU5eA
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 0d426700eb034967b3c6b912af25c328
c95c2e4345af0f54505c5369ed0ba31ec65e2180
ed06d0386168228009ce79cc9e4b2fe034ea350950747bea41b73e8b1f3cb767
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /QUIwRm8gIFMrUCB/UmAaMy4NY10HZwIACywvSi0JJXoCMQ44LB4lAy43VCAdLixEaAEkNhV0KQojXhwDGwd1DCgQMXMgB3UkcRADdBV1CAwXGnILJwMbfAoXMQ5+BRwCDlsLPwMsfQkhFQxUHBd1D3EQAzkWcikqAitqHjoAA3sPAyUKYTE6LQF1Mj0QKGUnKBB3agguEBFxByYuAHILLRAoYQo8NiV8CRgMI3MXOSoVdAQ+Eix2Fj0HFH0JOTUKYQAMBRYAFDkCAVcDLjlzciVeLg1oECYkGnUMLhc1fhY9BxdnCF94BHoAOTkXAS45FRViHz0mb3kEJiYHahcpGApnAzUUFHgADRMuYgQMcC1hAi0YKXQEBCUTaAscE3NiEA1wMmEDKS01FiwcLixAez4OAXRzBSNwVAU5eA HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1173
date: Mon, 24 Jul 2023 01:03:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ShsX7rVHuO_1OegTJn_C3mSwpZ5vwruxYyAwvPiyZnfnffrjVMVIrw==
X-Firefox-Spdy: h2
itwkuouldhuke.info/b2t2aVEOCRUEbg5WFE8kHQdLTGMpTkQvNQIGDAI3C1NEHjAWBVgKPQAeEg8jAAUCRz8KH1NbFwo/MVgAIT4vHxAFXiIMBQguOCg5Slk0DGAbATQhZB4pDycwJC8OOBgBBAchAAQiJw5gWS8+MxM/KB44CC0mByUAIlg1LhAfKgwkGAtZGSQfKQ9BDBQcACQ6OgE+Mj8JIygdLgFfIgUnEBtZJyo1FyoyUAEjEjcrHD0pRio9B05EKxM4JVNbEzczHic1XFo/MGILARAFYVczNQ5kKTMjITUFOSAzPB8cEyw5BQ9EJ3RdKS46GysyRVEiNjogTGMpMhpYZCojJFESBUYgPh08JT8wPyFbEC8pCCkuDWk3IyMhNQYEMyA9Lgw/EQdeKQEraDcsMws1AgQvCwA+TRwaPgEbSxseAzoSMSYkXRc
108.157.214.13200 OK 1.2 kB URL GET HTTP/2 itwkuouldhuke.info/b2t2aVEOCRUEbg5WFE8kHQdLTGMpTkQvNQIGDAI3C1NEHjAWBVgKPQAeEg8jAAUCRz8KH1NbFwo/MVgAIT4vHxAFXiIMBQguOCg5Slk0DGAbATQhZB4pDycwJC8OOBgBBAchAAQiJw5gWS8+MxM/KB44CC0mByUAIlg1LhAfKgwkGAtZGSQfKQ9BDBQcACQ6OgE+Mj8JIygdLgFfIgUnEBtZJyo1FyoyUAEjEjcrHD0pRio9B05EKxM4JVNbEzczHic1XFo/MGILARAFYVczNQ5kKTMjITUFOSAzPB8cEyw5BQ9EJ3RdKS46GysyRVEiNjogTGMpMhpYZCojJFESBUYgPh08JT8wPyFbEC8pCCkuDWk3IyMhNQYEMyA9Lgw/EQdeKQEraDcsMws1AgQvCwA+TRwaPgEbSxseAzoSMSYkXRc
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators
Hash 0ee436fee5d56d978dab8d0679b1bd08
b4425eec05bb51af08bab39c7f2f47de31bb283f
a027d54cd028a05d924b0f6dca5086c0f7c80c6ca1ddd8d1d850e239303a8dc7
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /b2t2aVEOCRUEbg5WFE8kHQdLTGMpTkQvNQIGDAI3C1NEHjAWBVgKPQAeEg8jAAUCRz8KH1NbFwo/MVgAIT4vHxAFXiIMBQguOCg5Slk0DGAbATQhZB4pDycwJC8OOBgBBAchAAQiJw5gWS8+MxM/KB44CC0mByUAIlg1LhAfKgwkGAtZGSQfKQ9BDBQcACQ6OgE+Mj8JIygdLgFfIgUnEBtZJyo1FyoyUAEjEjcrHD0pRio9B05EKxM4JVNbEzczHic1XFo/MGILARAFYVczNQ5kKTMjITUFOSAzPB8cEyw5BQ9EJ3RdKS46GysyRVEiNjogTGMpMhpYZCojJFESBUYgPh08JT8wPyFbEC8pCCkuDWk3IyMhNQYEMyA9Lgw/EQdeKQEraDcsMws1AgQvCwA+TRwaPgEbSxseAzoSMSYkXRc HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Mon, 24 Jul 2023 01:03:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: oKnwrEWDWHGGAmnUY6A7Kj7wRadwUrkMXXvFWHsJ0vkpKk5SzM6RZQ==
X-Firefox-Spdy: h2
heukwasanasosett.info/dXY0RVdaSVc2aiYach8ZITxNHxAaPnYrOxwUQxQSFhtQMxY0BRIxPhFLDHdiTEcFYyccEgl2ZVMFQCQjAAUJdHEcGFIqalMACXV5TFgFa2JTAwl0cQEGVSJqRFBEMSMZSwVzbkVHAnVhR0QGfG8
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/dXY0RVdaSVc2aiYach8ZITxNHxAaPnYrOxwUQxQSFhtQMxY0BRIxPhFLDHdiTEcFYyccEgl2ZVMFQCQjAAUJdHEcGFIqalMACXV5TFgFa2JTAwl0cQEGVSJqRFBEMSMZSwVzbkVHAnVhR0QGfG8
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dXY0RVdaSVc2aiYach8ZITxNHxAaPnYrOxwUQxQSFhtQMxY0BRIxPhFLDHdiTEcFYyccEgl2ZVMFQCQjAAUJdHEcGFIqalMACXV5TFgFa2JTAwl0cQEGVSJqRFBEMSMZSwVzbkVHAnVhR0QGfG8 HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7irEBMcXrej0OEBU2cKZs%2BKJ%2FfndtJ4nNb7EexivgVs4Do1FjCuhjxf6lWP%2FpSYOMoQNFTqwZAOuP3Ge34RnKQl4XtJypxmW6b6SaLrDlymh6SrvDCm%2BaNMZfAt8dV6mdX6GQHQPYbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f108898b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
heukwasanasosett.info/MzF4bHIcDhsfT1EDFDkmZl0gNDVXFEoqFGVJGTUcSxRKKiQCCBEJOnIXDAUWDglKWUsCAF4cG1cMS15UQEUZGAdADEpcQgQXEQIUXAxKSgQOAVZVXAIfTUoHDgBeGAJSVkVdVENFDABPAgdBXEMFAU5eQAABSw
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/MzF4bHIcDhsfT1EDFDkmZl0gNDVXFEoqFGVJGTUcSxRKKiQCCBEJOnIXDAUWDglKWUsCAF4cG1cMS15UQEUZGAdADEpcQgQXEQIUXAxKSgQOAVZVXAIfTUoHDgBeGAJSVkVdVENFDABPAgdBXEMFAU5eQAABSw
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MzF4bHIcDhsfT1EDFDkmZl0gNDVXFEoqFGVJGTUcSxRKKiQCCBEJOnIXDAUWDglKWUsCAF4cG1cMS15UQEUZGAdADEpcQgQXEQIUXAxKSgQOAVZVXAIfTUoHDgBeGAJSVkVdVENFDABPAgdBXEMFAU5eQAABSw HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BjCkgjVAaUW0rhXORpIZ%2BJzKXA9GLyQnm6RCYyk230Tj6qwBhYEXRYx4mjXB3yO1x19AcYNh8akz9jKOynNIh1ehgj0uMoFtIaiDB60vVm2mLbgxt9iM5f8WTAPBhktgZWmU4FxpUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f10889bb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
91.209.70.182200 OK 5.3 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 6678bbbf8814eac6d7f987ad2a32111a
aa9021d4f27c58d5ffe5a8545c20b47232d7d0cb
9b36949876f75f2961b55a066b1f9695ec8c3772771d700e951736b1fba45cbe
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:57 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
heukwasanasosett.info/ZGRPUERLWywjeQEzFmAVVQABBhUcVxYVNDUmITQjNyJ3FyAzNWkkLQBZd2dyV1V3djQNAHJifUIXOzEwERdyYWINCik/eUIScmFqVEp5YGpXQjptdUIQPzEjWVVpIDAQCHJhcl1UfmZ0UlZ9Y3VT
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/ZGRPUERLWywjeQEzFmAVVQABBhUcVxYVNDUmITQjNyJ3FyAzNWkkLQBZd2dyV1V3djQNAHJifUIXOzEwERdyYWINCik/eUIScmFqVEp5YGpXQjptdUIQPzEjWVVpIDAQCHJhcl1UfmZ0UlZ9Y3VT
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZGRPUERLWywjeQEzFmAVVQABBhUcVxYVNDUmITQjNyJ3FyAzNWkkLQBZd2dyV1V3djQNAHJifUIXOzEwERdyYWINCik/eUIScmFqVEp5YGpXQjptdUIQPzEjWVVpIDAQCHJhcl1UfmZ0UlZ9Y3VT HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZHFAEEW9RpgWGgcOBjJdiSpgLcSLGAoyzwIHBG%2Bzp2%2FMZGGG%2BMd1vHPuEAnBNOFqDGW6AOx5tsK1uy87BFiObL7KLx3SaeeKi8OPY8Zjz2J54xI49MAzVPAfnzrRw2rgnzRaFoxm1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f10a8a8b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/imageads/006.png
91.209.70.182200 OK 148 kB URL GET HTTP/2 megaup.net/imageads/006.png
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 148 kB (147550 bytes)
Hash d310d68b03388da558ac037a2a7ef3db
c862a237732f1f707ba68249e5cbd5ffc4f1e1ef
e14a9be1dc541df2e856806702668195c17aaf13586df13e890d83047c25302e
GET /imageads/006.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:57 GMT
content-type: image/png
content-length: 147550
last-modified: Sat, 15 Apr 2023 07:22:56 GMT
vary: Accept-Encoding
etag: "643a50d0-2405e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
heukwasanasosett.info/cDdNTVRfCC4+aRVzAwYHOF8ADmc6QB4IIzNRFT0aJFA9NzIbQGs5PRQKdHltSAF5ayQZU3B8bFZEOSwgBURwfHIZWSsiaVZBcHx6QBl/Y2dWQnB8cgRHLCppQRE9OSAcCnx7bUAGe31iQgV+fmY
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/cDdNTVRfCC4+aRVzAwYHOF8ADmc6QB4IIzNRFT0aJFA9NzIbQGs5PRQKdHltSAF5ayQZU3B8bFZEOSwgBURwfHIZWSsiaVZBcHx6QBl/Y2dWQnB8cgRHLCppQRE9OSAcCnx7bUAGe31iQgV+fmY
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cDdNTVRfCC4+aRVzAwYHOF8ADmc6QB4IIzNRFT0aJFA9NzIbQGs5PRQKdHltSAF5ayQZU3B8bFZEOSwgBURwfHIZWSsiaVZBcHx6QBl/Y2dWQnB8cgRHLCppQRE9OSAcCnx7bUAGe31iQgV+fmY HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMV8TMqX8ZZ4gvs%2B2Kba6QIlshn9x4tz6c7T4b3pWm2Kr7K2kxMsDS3mEIhDOaSQ5FbJ9AxtEI383LzLtjpSOzIQwYGIItacSYSl0zL2zoXfahxyzuZCQGjCaDjtTP0WgpJhwfEmvwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f10a8abb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
heukwasanasosett.info/UEUwejd/elMJCh0oSC96YgxxImAnB2cNQzMfVwphEgNEHXQ8CBYOXjR4B0wDYXEBXEc5IQ1LESMxUQ5CI3gBXF4+I19HESZ4AVQEZGsDThlgY0VHBnYxQBtQbXQWCkMkKQ1LAWl1AUwHZncCSQNl
104.21.56.19204 No Content 0 B URL GET HTTP/2 heukwasanasosett.info/UEUwejd/elMJCh0oSC96YgxxImAnB2cNQzMfVwphEgNEHXQ8CBYOXjR4B0wDYXEBXEc5IQ1LESMxUQ5CI3gBXF4+I19HESZ4AVQEZGsDThlgY0VHBnYxQBtQbXQWCkMkKQ1LAWl1AUwHZncCSQNl
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UEUwejd/elMJCh0oSC96YgxxImAnB2cNQzMfVwphEgNEHXQ8CBYOXjR4B0wDYXEBXEc5IQ1LESMxUQ5CI3gBXF4+I19HESZ4AVQEZGsDThlgY0VHBnYxQBtQbXQWCkMkKQ1LAWl1AUwHZncCSQNl HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Hi%2FqUCsLZDIEmIcT8DaMaq63ooQo6qfOQIRXC%2B5wUee5o%2BzdtuCrdfn%2B0r5nmX6jU2x2JJvi%2FeFVHPhvZwtxWghX0qBbvXDdYoVyMLi1raZvqko7bHYi4l3PCnIdq%2FvhNg%2BNmYH46I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f10b8bdb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
itwkuouldhuke.info/NHNURTNVETcoDFVONmNGRh9pYAFyVmYDV1keLi5VUEtmMlJNHXomX1sGMCNBWx0ga11RB3F3dWMXOAd5eysRE2NNFzIRVH1GGBRhfSI5KUtwQwIUfF4DAw1EbgcTHXYRQRYIYHkWDAdHZDoHNWV7CiMjfExLEgF3ZkMXE1BVPgchVmA1FXR5BQMZFwBtHAwXfXgpE3x+cTYnfHlfPg0CWUMcHAB+QykDJnliNgYiamE1FRcAYkUxdGFxKhcTYnwEGSpRdQcWAV5cVmYDaV8XFyFrREQCAGFTPGR8ZmYhEnFwYRsNHHR1EAV1agc/EipScysCclUEPRMcaxkYHhR2bhs2BEd2NhAuBGwxNx94cwQYCwNQGzEHV3YmFxMDdzJyL0BbHSR4Y3w8EzZkURltNFBYOQ4KQQ
108.157.214.13200 OK 1.2 kB URL GET HTTP/2 itwkuouldhuke.info/NHNURTNVETcoDFVONmNGRh9pYAFyVmYDV1keLi5VUEtmMlJNHXomX1sGMCNBWx0ga11RB3F3dWMXOAd5eysRE2NNFzIRVH1GGBRhfSI5KUtwQwIUfF4DAw1EbgcTHXYRQRYIYHkWDAdHZDoHNWV7CiMjfExLEgF3ZkMXE1BVPgchVmA1FXR5BQMZFwBtHAwXfXgpE3x+cTYnfHlfPg0CWUMcHAB+QykDJnliNgYiamE1FRcAYkUxdGFxKhcTYnwEGSpRdQcWAV5cVmYDaV8XFyFrREQCAGFTPGR8ZmYhEnFwYRsNHHR1EAV1agc/EipScysCclUEPRMcaxkYHhR2bhs2BEd2NhAuBGwxNx94cwQYCwNQGzEHV3YmFxMDdzJyL0BbHSR4Y3w8EzZkURltNFBYOQ4KQQ
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3008), with no line terminators
Hash 59986ba50186314e0afb9d629f96742d
fcabdc978a6cf34f1f1f5fa0ab7ac4864f86b320
d6205ff294bc188304b4adf3c003edb20735ea4b150f21736336ce2f4306410e
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /NHNURTNVETcoDFVONmNGRh9pYAFyVmYDV1keLi5VUEtmMlJNHXomX1sGMCNBWx0ga11RB3F3dWMXOAd5eysRE2NNFzIRVH1GGBRhfSI5KUtwQwIUfF4DAw1EbgcTHXYRQRYIYHkWDAdHZDoHNWV7CiMjfExLEgF3ZkMXE1BVPgchVmA1FXR5BQMZFwBtHAwXfXgpE3x+cTYnfHlfPg0CWUMcHAB+QykDJnliNgYiamE1FRcAYkUxdGFxKhcTYnwEGSpRdQcWAV5cVmYDaV8XFyFrREQCAGFTPGR8ZmYhEnFwYRsNHHR1EAV1agc/EipScysCclUEPRMcaxkYHhR2bhs2BEd2NhAuBGwxNx94cwQYCwNQGzEHV3YmFxMDdzJyL0BbHSR4Y3w8EzZkURltNFBYOQ4KQQ HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1166
date: Mon, 24 Jul 2023 01:03:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: QagjHRwtCR23bYCrXxV-RYoU2qfRb2-2qdYvtLT2at_HpKGNHPCIeA==
X-Firefox-Spdy: h2
itwkuouldhuke.info/UE9Pb0IxLSwCfTFyLUk3IiNySnAWan0pJj0iNQQkNHd9GCMpIWEMLj86KwkwPyE7QSw1O2pdBCUcCz0uA30GHRUnPDs3FigrDjcYBikoORczfh0aGjgWJCsGNwUCPAsaC31fEh84FUpwFhV+LisVDgFbAwd/GCIuEhYqXxM7GR4cMQh9ej0BKScpChAZCgMYAGEOCiJnYgkKBiY2GAxbAxkjCiAIEhomOwMeOwkWKRoMDD4bGRkoJQk7K3kMLhIjGgJyFxkYIiM1HhkuJxMNOy0uBSEMFhgSBxhaEzUKNwskBH5qXQARCg1bCxd/CDkWOxotPiE7KiMlOhcjYjkrAnwgKgM5ew0mcyQOKjwQZg0JPXUFISQqFBd6HgoEGQIAPiElGDdeNwUOeykUGD8CCgAZHisDD3YlPAAsIHIbBikXFiUfJmccegYwGwMr
108.157.214.13200 OK 1.2 kB URL GET HTTP/2 itwkuouldhuke.info/UE9Pb0IxLSwCfTFyLUk3IiNySnAWan0pJj0iNQQkNHd9GCMpIWEMLj86KwkwPyE7QSw1O2pdBCUcCz0uA30GHRUnPDs3FigrDjcYBikoORczfh0aGjgWJCsGNwUCPAsaC31fEh84FUpwFhV+LisVDgFbAwd/GCIuEhYqXxM7GR4cMQh9ej0BKScpChAZCgMYAGEOCiJnYgkKBiY2GAxbAxkjCiAIEhomOwMeOwkWKRoMDD4bGRkoJQk7K3kMLhIjGgJyFxkYIiM1HhkuJxMNOy0uBSEMFhgSBxhaEzUKNwskBH5qXQARCg1bCxd/CDkWOxotPiE7KiMlOhcjYjkrAnwgKgM5ew0mcyQOKjwQZg0JPXUFISQqFBd6HgoEGQIAPiElGDdeNwUOeykUGD8CCgAZHisDD3YlPAAsIHIbBikXFiUfJmccegYwGwMr
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Hash bde4532474635cdcc940525e9c5b1233
5632c0fadb7db9478ac999ccd620dd0669aa1bd4
21c3cc9049cea83b8b0855f56e68b139ee1073141002c5a8872c54b9c16513a5
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /UE9Pb0IxLSwCfTFyLUk3IiNySnAWan0pJj0iNQQkNHd9GCMpIWEMLj86KwkwPyE7QSw1O2pdBCUcCz0uA30GHRUnPDs3FigrDjcYBikoORczfh0aGjgWJCsGNwUCPAsaC31fEh84FUpwFhV+LisVDgFbAwd/GCIuEhYqXxM7GR4cMQh9ej0BKScpChAZCgMYAGEOCiJnYgkKBiY2GAxbAxkjCiAIEhomOwMeOwkWKRoMDD4bGRkoJQk7K3kMLhIjGgJyFxkYIiM1HhkuJxMNOy0uBSEMFhgSBxhaEzUKNwskBH5qXQARCg1bCxd/CDkWOxotPiE7KiMlOhcjYjkrAnwgKgM5ew0mcyQOKjwQZg0JPXUFISQqFBd6HgoEGQIAPiElGDdeNwUOeykUGD8CCgAZHisDD3YlPAAsIHIbBikXFiUfJmccegYwGwMr HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Mon, 24 Jul 2023 01:03:57 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7grp0M_1_ArzO3RGA4RIxc-t_RO4tySpzu7jLz_Iw2Je76ktKkxP9A==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
104.26.2.107200 OK 649 B URL GET HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.2.107:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Thu, 17 Aug 2023 17:29:50 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 314291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnqKL2JBZRZzbUvKcakJapybJ6oIVUkrMbkfDZWCm6l1EMBMsrcW2T%2FJC7ZBQ7XcVTILOIu3Y5OZVDkVah3gFRtELd3WDDq21Mp0%2BVyWoCIAeYCGTn%2FA3Yi7BHFwMPI6UXX7fXAO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f153dfb1c02-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c
142.250.74.168200 OK 78 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintD5:C6:22:6E:78:C0:41:DC:4E:57:64:04:AF:03:23:D2:2C:BA:58:3A
ValidityMon, 03 Jul 2023 08:19:15 GMT - Mon, 25 Sep 2023 08:19:14 GMT
File type ASCII text, with very long lines (5857)
Hash b62b0b22f911e2263e880079980196e4
65b07af4b59bfad1655ef97a7bc55b07c81f8628
3b5818f586392e682608e5e0e2c7200ca957dd30c5958d6c4c6f6166b4208a08
GET /gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 Jul 2023 01:03:58 GMT
expires: Mon, 24 Jul 2023 01:03:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
143.204.55.49200 OK 22 kB URL GET HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 143.204.55.49:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 8f66f09578dbcea846aae62be7d17476
8def3149f4f7ce8833f114610687309cf80ca3f4
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 22068
last-modified: Fri, 07 Jul 2023 13:21:54 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Mon, 24 Jul 2023 00:32:26 GMT
etag: "b39cf26a3117a603c41cc8048c21cbb2"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7kuAdTqmHoNYVl_ykkBOFJcwywCvEYYeYh7wOL2x5jm3EiDSNj_qBw==
age: 1893
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=ea190ead9a7046c5b4f128e36531944d&p=28&g=NO&token=4a44335432&tbg=1690160637
104.26.2.107200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=ea190ead9a7046c5b4f128e36531944d&p=28&g=NO&token=4a44335432&tbg=1690160637
IP 104.26.2.107:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=ea190ead9a7046c5b4f128e36531944d&p=28&g=NO&token=4a44335432&tbg=1690160637 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdYabKURnSyvxfH05mSrUNVaXJ63bvMZ9gpEKOoa4CZZRjTcr0u%2BQTin%2FSjiNrl2ECIrWGeJYMJgPN0dIvlnECd117pZ2ZcnzH%2FetWhKdQ71JzdB1x71S%2B9oXSKqZpNrPVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f153df71c02-OSL
X-Firefox-Spdy: h2
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=phQWZ9WTs6AU
54.230.111.74204 No Content 0 B URL GET HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=phQWZ9WTs6AU
IP 54.230.111.74:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectparrecleftne.xyz
Fingerprint36:D5:D9:43:13:F4:FE:83:A7:9F:01:89:96:60:5B:AD:CB:A5:27:B7
ValiditySun, 18 Dec 2022 00:00:00 GMT - Tue, 16 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=phQWZ9WTs6AU HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 24 Jul 2023 01:04:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r8kSJL8rZTwxlJ2aoDgVr8qgF9NyY5CJQXzpye1bitvVFMcN85d4_A==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/ec2l1R3QQBhshSwcAEXpDRV1Ec0VVAwYoGgNULTZEAC8fNxBDD1MzDhdURWEYEgcSelIWBxZ6RVUIESVJR08BNxsYVBAlHhYCGjAeCw9TMhVOBBo9HR8FFGJGNVxbd1FBWV0/RUJMRgVRQVkZLhoGEVB1RAtRQxhCR0xGBVFBWQcxUUAoRHdNXVlcYkZDDh-AkHxxMRwFGQ1hFd0VDWFB1RBUAByISHBFQdTJCWERpRFUcSHY
143.204.42.115 604 B URL dmmzkfd82wayn.cloudfront.net/ec2l1R3QQBhshSwcAEXpDRV1Ec0VVAwYoGgNULTZEAC8fNxBDD1MzDhdURWEYEgcSelIWBxZ6RVUIESVJR08BNxsYVBAlHhYCGjAeCw9TMhVOBBo9HR8FFGJGNVxbd1FBWV0/RUJMRgVRQVkZLhoGEVB1RAtRQxhCR0xGBVFBWQcxUUAoRHdNXVlcYkZDDh-AkHxxMRwFGQ1hFd0VDWFB1RBUAByISHBFQdTJCWERpRFUcSHY
IP 143.204.42.115:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (842), with no line terminators
Hash a7627e18a2e9a2c3107712a67de4a31e
99c1a2314191df313d5afdab9d65ab7df50b508d
79f4eb5d3da571e12c8e58d5bb4cef6146e6bae72bc4d8d010e0fd41826d543f
GET /ec2l1R3QQBhshSwcAEXpDRV1Ec0VVAwYoGgNULTZEAC8fNxBDD1MzDhdURWEYEgcSelIWBxZ6RVUIESVJR08BNxsYVBAlHhYCGjAeCw9TMhVOBBo9HR8FFGJGNVxbd1FBWV0/RUJMRgVRQVkZLhoGEVB1RAtRQxhCR0xGBVFBWQcxUUAoRHdNXVlcYkZDDh-AkHxxMRwFGQ1hFd0VDWFB1RBUAByISHBFQdTJCWERpRFUcSHY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itwkuouldhuke.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 604
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: znDh1yWHuhrP8i-VGL76qKNsbG7fLuV3C_5AkoLMi_-XNhus1RDOcQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/eTG1QNUYvAj5TeTgENAh+e1tjBH5qByNaKDxQInoqHQkIQg16DHZBPChQYBMqLQM3CGApAzMId2oMNFd7eEskRSknUDVXLCkGP0IsNAt2QCdxAD9PLyABMRB0Clh+BWN+XXhNd31IY3djfl08XCg5FXUHdjRVZmpweEhjd2N+XSJDY38sYQV/Yl15EHR8Cj-VWLSNIYnN0fFxgBXd8XHUHdioEIlAgIxV1BwB9XGEbdmoYbQQ
143.204.42.115 452 B URL dmmzkfd82wayn.cloudfront.net/eTG1QNUYvAj5TeTgENAh+e1tjBH5qByNaKDxQInoqHQkIQg16DHZBPChQYBMqLQM3CGApAzMId2oMNFd7eEskRSknUDVXLCkGP0IsNAt2QCdxAD9PLyABMRB0Clh+BWN+XXhNd31IY3djfl08XCg5FXUHdjRVZmpweEhjd2N+XSJDY38sYQV/Yl15EHR8Cj-VWLSNIYnN0fFxgBXd8XHUHdioEIlAgIxV1BwB9XGEbdmoYbQQ
IP 143.204.42.115:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (594), with no line terminators
Hash e81a5dddcf7c7db7e56875c97051da75
bb6783897e323b7fc2d7aef96379c8f8d5b6b6ea
a396c063ef18bbe42bc23b51c7935f93d9a58452f9cc240cfddbe7e785b7909e
GET /eTG1QNUYvAj5TeTgENAh+e1tjBH5qByNaKDxQInoqHQkIQg16DHZBPChQYBMqLQM3CGApAzMId2oMNFd7eEskRSknUDVXLCkGP0IsNAt2QCdxAD9PLyABMRB0Clh+BWN+XXhNd31IY3djfl08XCg5FXUHdjRVZmpweEhjd2N+XSJDY38sYQV/Yl15EHR8Cj-VWLSNIYnN0fFxgBXd8XHUHdioEIlAgIxV1BwB9XGEbdmoYbQQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itwkuouldhuke.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 452
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uAZsRZU7F3otY4IQ-LVcZKK60vzO1YyP_Pm9XMv1kbfNtCvg3Evmjg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/WdlBJOXEVPydfTgI5LQRIQmlxD0VQOjpWHwZtGXE+MSMeXBtPISpVOywfOx8FDDR0CVcaMSdeTFA1J1pMR3YoXRNLZG9MEEs9JkMYGjwoHEMwZWcJVERgYUFAR3V6e1REYCVQHwMobAtBDmh/ZkdCdXp7VERgO09URRF4CUhYYGAcQ0Y3LFoaGXV7f0NGYX-kJQEZhbAtBEDk7XBcZKGwLN0dheBdBUCV0CA
143.204.42.115 196 B URL dmmzkfd82wayn.cloudfront.net/WdlBJOXEVPydfTgI5LQRIQmlxD0VQOjpWHwZtGXE+MSMeXBtPISpVOywfOx8FDDR0CVcaMSdeTFA1J1pMR3YoXRNLZG9MEEs9JkMYGjwoHEMwZWcJVERgYUFAR3V6e1REYCVQHwMobAtBDmh/ZkdCdXp7VERgO09URRF4CUhYYGAcQ0Y3LFoaGXV7f0NGYX-kJQEZhbAtBEDk7XBcZKGwLN0dheBdBUCV0CA
IP 143.204.42.115:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 51bc3b954cba9fdcede91f41c5b9ba34
643e467361d845df147bf613599031a0e78d5461
e94acae50acf8c7a3f69f343055b61056c0c39926cdf964babc5a3fa9e07aff2
GET /WdlBJOXEVPydfTgI5LQRIQmlxD0VQOjpWHwZtGXE+MSMeXBtPISpVOywfOx8FDDR0CVcaMSdeTFA1J1pMR3YoXRNLZG9MEEs9JkMYGjwoHEMwZWcJVERgYUFAR3V6e1REYCVQHwMobAtBDmh/ZkdCdXp7VERgO09URRF4CUhYYGAcQ0Y3LFoaGXV7f0NGYX-kJQEZhbAtBEDk7XBcZKGwLN0dheBdBUCV0CA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itwkuouldhuke.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 196
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kzrMPwq0HJiGYrmDZmsikU-n-aJqLPa1-6AW50N8OvA1t-7ZM0LNOQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/uSDRlS2IrWwstXTxdAXZVfgVUc1RuXhYkDDgJMSIJD20POwZ/Z1AiEAN4AW0WMlBYe0QkVQssX25RCyhfeRIELwB1AEM/EidfWC4AIlEOJBUiTANtFykJCCQYIVgJKkd6clBlUm0GVWMaeQVAeCBtBlUnCyZBHW5QeExdfT1+AEB4IG0GVTkUbQckelJxGl-ViR3oEAi4BI1tAeSR6BFR7UnkEVG5QeFIMOQcuWx1uUA4FVHpMeBIQdlM
143.204.42.115 592 B URL dmmzkfd82wayn.cloudfront.net/uSDRlS2IrWwstXTxdAXZVfgVUc1RuXhYkDDgJMSIJD20POwZ/Z1AiEAN4AW0WMlBYe0QkVQssX25RCyhfeRIELwB1AEM/EidfWC4AIlEOJBUiTANtFykJCCQYIVgJKkd6clBlUm0GVWMaeQVAeCBtBlUnCyZBHW5QeExdfT1+AEB4IG0GVTkUbQckelJxGl-ViR3oEAi4BI1tAeSR6BFR7UnkEVG5QeFIMOQcuWx1uUA4FVHpMeBIQdlM
IP 143.204.42.115:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (848), with no line terminators
Hash 7db4c17f1e9800dd460d6edcc5b53642
6f2ebf54a2719f27457768dc5a427f6545f29a78
ab6dfb74276fb2a0a9229a80362d8d11c4b241dc47d687fa6490813251d50f6a
GET /uSDRlS2IrWwstXTxdAXZVfgVUc1RuXhYkDDgJMSIJD20POwZ/Z1AiEAN4AW0WMlBYe0QkVQssX25RCyhfeRIELwB1AEM/EidfWC4AIlEOJBUiTANtFykJCCQYIVgJKkd6clBlUm0GVWMaeQVAeCBtBlUnCyZBHW5QeExdfT1+AEB4IG0GVTkUbQckelJxGl-ViR3oEAi4BI1tAeSR6BFR7UnkEVG5QeFIMOQcuWx1uUA4FVHpMeBIQdlM HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itwkuouldhuke.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 592
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aBp84uCTXAHLbKjcyV5m7jDU0UYW_yxf3KmHFXiLwArgnqneBcjpJw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/KanZlZEEJGQsCfh4fAVl5WENcVXBMHBYLLxpLNCsCLkMPBnMONTNdZx4MAVlxTBoECiZXUAAKIldHQwUlCEtRQjUaGQ5ZNAQSAAIoBBMBQjQLSwgLOwMaCQVkWDBQSnFPRFVMOVtHQFcDT0RVCCgEAx1Bc1oOXVIeXEJAVwNPRFUWN09FJFVxU1hVTWRYRg-IBIgEZQFYHWEZUVHFbRlRBc1oQDBYkDBkdQXMsR1RVb1pQEFlw
143.204.42.115200 OK 373 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/KanZlZEEJGQsCfh4fAVl5WENcVXBMHBYLLxpLNCsCLkMPBnMONTNdZx4MAVlxTBoECiZXUAAKIldHQwUlCEtRQjUaGQ5ZNAQSAAIoBBMBQjQLSwgLOwMaCQVkWDBQSnFPRFVMOVtHQFcDT0RVCCgEAx1Bc1oOXVIeXEJAVwNPRFUWN09FJFVxU1hVTWRYRg-IBIgEZQFYHWEZUVHFbRlRBc1oQDBYkDBkdQXMsR1RVb1pQEFlw
IP 143.204.42.115:443
Requested by https://itwkuouldhuke.info/QUIwRm8gIFMrUCB/UmAaMy4NY10HZwIACywvSi0JJXoCMQ44LB4lAy43VCAdLixEaAEkNhV0KQojXhwDGwd1DCgQMXMgB3UkcRADdBV1CAwXGnILJwMbfAoXMQ5+BRwCDlsLPwMsfQkhFQxUHBd1D3EQAzkWcikqAitqHjoAA3sPAyUKYTE6LQF1Mj0QKGUnKBB3agguEBFxByYuAHILLRAoYQo8NiV8CRgMI3MXOSoVdAQ+Eix2Fj0HFH0JOTUKYQAMBRYAFDkCAVcDLjlzciVeLg1oECYkGnUMLhc1fhY9BxdnCF94BHoAOTkXAS45FRViHz0mb3kEJiYHahcpGApnAzUUFHgADRMuYgQMcC1hAi0YKXQEBCUTaAscE3NiEA1wMmEDKS01FiwcLixAez4OAXRzBSNwVAU5eA
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (480), with no line terminators
Hash ab2a8ce2c7f46d3ff84b1848aaf95017
55e0d2463cc10bc2b8d52ad370241b35543339a9
a542adb60fc1c61cd49568ac8678f9e8995dd7de7864be2e3c1f986c5a1483f8
GET /KanZlZEEJGQsCfh4fAVl5WENcVXBMHBYLLxpLNCsCLkMPBnMONTNdZx4MAVlxTBoECiZXUAAKIldHQwUlCEtRQjUaGQ5ZNAQSAAIoBBMBQjQLSwgLOwMaCQVkWDBQSnFPRFVMOVtHQFcDT0RVCCgEAx1Bc1oOXVIeXEJAVwNPRFUWN09FJFVxU1hVTWRYRg-IBIgEZQFYHWEZUVHFbRlRBc1oQDBYkDBkdQXMsR1RVb1pQEFlw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itwkuouldhuke.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 373
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -OjonEG8UyKHHhBC_fbfNCxKnw7UJV3K2RDZ-t_ki6mCA51-WdBfWg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
143.204.42.115200 OK 73 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.115:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 57143c38ff308b700bda81d33fffdc1c
7a4357101b77e5e514797ea16df9f31d0c1711df
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 24 Jul 2023 01:00:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YSieO_sNW5I-cUk7xQgmU0i5bz1dgMNr9HSNXIOY3cz-CkE9RAh2HA==
age: 204
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
heukwasanasosett.info/Mm9XbVcdUDQeanxcATwzAyIHPBB8KQ0aBXU1PDc7dl8ZAAZfAHEZPlZSb19iC15mSydbC2peZRQcIwwjRxxqX2cCWHEEOVQAal9xRFJnQ24cXnlYcUdSZksjQg4wUGYUHyMZOw9eYVRnA1lnW2UBXGFd
104.21.56.19204 No Content 0 B URL POST HTTP/3 heukwasanasosett.info/Mm9XbVcdUDQeanxcATwzAyIHPBB8KQ0aBXU1PDc7dl8ZAAZfAHEZPlZSb19iC15mSydbC2peZRQcIwwjRxxqX2cCWHEEOVQAal9xRFJnQ24cXnlYcUdSZksjQg4wUGYUHyMZOw9eYVRnA1lnW2UBXGFd
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Mm9XbVcdUDQeanxcATwzAyIHPBB8KQ0aBXU1PDc7dl8ZAAZfAHEZPlZSb19iC15mSydbC2peZRQcIwwjRxxqX2cCWHEEOVQAal9xRFJnQ24cXnlYcUdSZksjQg4wUGYUHyMZOw9eYVRnA1lnW2UBXGFd HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUaaZZMZ4%2BzuEsdf3QowloIFOHNq5D9n3xHgPgrhxAeHBNMUnUa%2B016tvXX3ixR5jIkDma95O9L3amZWccoNb8zyogdF1m9bagyYDG0JL6baIbmwUTE2y9T%2BZYzsezbDw%2BSQIFEJHWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f171888b4f7-OSL
alt-svc: h3=":443"; ma=86400
static.a-ads.com/a-ads-banners/470799/300x250?region=eu-central-1
136.243.35.166200 OK 52 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/470799/300x250?region=eu-central-1
IP 136.243.35.166:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1811811?size=300x250
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 31dad2055bbbff3ba8553ca9c210589e
060a36c803c048334559245fb6effd03805f777e
41ec1fc91c2dae5277a18d17cd0cb51a3c44d207b962a1b7d8d3ced438f80619
GET /a-ads-banners/470799/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/png
content-length: 51952
x-amz-id-2: 9FFIBEJsTE/yLijHHPwEC7bsaCRvgCXwyvDLM61uk3h5/tCo6aJrRo5xm0eIwZb0vafCDaIU250=
x-amz-request-id: GXBFQ8MFY0JFJYR7
x-amz-replication-status: COMPLETED
last-modified: Sat, 15 Jul 2023 03:53:05 GMT
etag: "31dad2055bbbff3ba8553ca9c210589e"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: RyZGv3x2JJASvWqchJpSYU2q9vM1At1D
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
itwkuouldhuke.info/utx?cb=pr7CVouSdeDr&top=megaup.net&tid=761186
108.157.214.13204 No Content 0 B URL GET HTTP/2 itwkuouldhuke.info/utx?cb=pr7CVouSdeDr&top=megaup.net&tid=761186
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /utx?cb=pr7CVouSdeDr&top=megaup.net&tid=761186 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 24 Jul 2023 01:04:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 2h07IoeLZSbJtR_JIupmRUGLP3zGDuZtjZKlD1D9Z6o7hNANMTfWAw==
X-Firefox-Spdy: h2
itwkuouldhuke.info/utx?cb=KrCq0EPKHcV8&top=megaup.net&tid=825911
108.157.214.13204 No Content 0 B URL GET HTTP/2 itwkuouldhuke.info/utx?cb=KrCq0EPKHcV8&top=megaup.net&tid=825911
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /utx?cb=KrCq0EPKHcV8&top=megaup.net&tid=825911 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 24 Jul 2023 01:04:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: defDslt8AoymoYb0RhlD_dcp-I3oSntsf4kaxKU3PHHwBwW-DyzZ2A==
X-Firefox-Spdy: h2
itwkuouldhuke.info/utx?cb=ZS2EeWv5fmgl&top=megaup.net&tid=876318
108.157.214.13204 No Content 0 B URL GET HTTP/2 itwkuouldhuke.info/utx?cb=ZS2EeWv5fmgl&top=megaup.net&tid=876318
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /utx?cb=ZS2EeWv5fmgl&top=megaup.net&tid=876318 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 24 Jul 2023 01:04:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: IROracivJ72bLl5ARA7kKwEeI4fHvwkhXdwTRq2bQIo2xgqgRpnCXA==
X-Firefox-Spdy: h2
itwkuouldhuke.info/utx?cb=S99L1iP8IHbP&top=megaup.net&tid=764141
108.157.214.13204 No Content 0 B URL GET HTTP/2 itwkuouldhuke.info/utx?cb=S99L1iP8IHbP&top=megaup.net&tid=764141
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /utx?cb=S99L1iP8IHbP&top=megaup.net&tid=764141 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 24 Jul 2023 01:04:58 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: fKzXzlk30Qb7JQitK9PHUhmFjsnqMQIDOcyir-Lju83lntah-wM8cw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
itwkuouldhuke.info/multi?cs=VzJYQ1FjAWB3ZmQEandmZgtqdWI&abt=0&red=1&sm=76&k=download%20file%20break%20build%2007212023&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_D18d=1690160623364&crc=1
108.157.214.13200 OK 1.6 kB URL GET HTTP/2 itwkuouldhuke.info/multi?cs=VzJYQ1FjAWB3ZmQEandmZgtqdWI&abt=0&red=1&sm=76&k=download%20file%20break%20build%2007212023&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_D18d=1690160623364&crc=1
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3343), with no line terminators
Hash bbd09da65b66240d4a818fbc19dc936b
d56273c8150fec13c06365376ac741244a9c3a1d
76595f201a4ffe875c50c7a65454307c2727f7a6b587921e3349d27d36900f4d
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /multi?cs=VzJYQ1FjAWB3ZmQEandmZgtqdWI&abt=0&red=1&sm=76&k=download%20file%20break%20build%2007212023&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_D18d=1690160623364&crc=1 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1605
date: Mon, 24 Jul 2023 01:03:58 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3ccf86f9-d199-4405-9314-1d6a43b851b4
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: msPhK7cAswPuMJSYOYJSe3TnnpUVFkHFc25LQuysnhKeAx3RyP7Kow==
X-Firefox-Spdy: h2
itwkuouldhuke.info/floater?cs=bG9rNVBUWlgHZF9cXQRmVFldAGk&abt=0&red=1&sm=83&k=download%20file%20break%20build%2007212023&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_IfGV=1690160623362&crc=1
108.157.214.13200 OK 2.2 kB URL GET HTTP/2 itwkuouldhuke.info/floater?cs=bG9rNVBUWlgHZF9cXQRmVFldAGk&abt=0&red=1&sm=83&k=download%20file%20break%20build%2007212023&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_IfGV=1690160623362&crc=1
IP 108.157.214.13:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subjectitwkuouldhuke.info
Fingerprint5C:5A:50:51:2B:2F:A0:AA:D9:A6:8C:EB:F5:6F:98:8D:8F:38:B6:DF
ValidityThu, 13 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (4047), with no line terminators
Hash 9b73c9c7c70003e0353b6258210fa267
badf97cbc96ee291962c8d4172bd9636efac7a82
f0727ab4a7a8e5ae69bb6496c9f175a0227fd7f42ec1899a3bd8986692de23f5
Analyzer Verdict Alert quad9 malicious Sinkholed
GET /floater?cs=bG9rNVBUWlgHZF9cXQRmVFldAGk&abt=0&red=1&sm=83&k=download%20file%20break%20build%2007212023&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1fJmw%2FThe_Break-In_Build_07212023.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_IfGV=1690160623362&crc=1 HTTP/1.1
Host: itwkuouldhuke.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2193
date: Mon, 24 Jul 2023 01:03:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=d3a149ec-bed9-4e75-9cab-6ad26a859440
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 0xdXE4op-w_3OEWkiXRy5SrJnn-inovTgborynythPyJx_P9Z129Ag==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhNoaF-5grZCaHcm3AyYULejUZgRGIkIZJoLSUUOcWr4HtOGBaY2Yb7TJhETRaaS3AMLNZazw
142.250.74.109302 Found 393 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhNoaF-5grZCaHcm3AyYULejUZgRGIkIZJoLSUUOcWr4HtOGBaY2Yb7TJhETRaaS3AMLNZazw
IP 142.250.74.109:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint88:3A:16:13:A0:10:B6:19:DC:DA:DA:BA:25:7D:F9:3F:DD:EE:C2:B1
ValidityMon, 03 Jul 2023 08:19:15 GMT - Mon, 25 Sep 2023 08:19:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash cc550e90b2d913ec9aca26c51fd69e4b
0d6f5427145ffd14b953ce4e27454e73cb92f13e
0cf6882f91420218eda66581f44b0162f41387735e3c92f937b647af62e0cc22
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhNoaF-5grZCaHcm3AyYULejUZgRGIkIZJoLSUUOcWr4HtOGBaY2Yb7TJhETRaaS3AMLNZazw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:6kHI7JCio0ogARQwRadtnx22WiQsow:g1N0YipIKtoHMn86;Path=/;Expires=Wed, 23-Jul-2025 01:03:59 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jul 2023 01:03:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1777751517%3A1690160639266204&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6w7wx1QNloUlbVgLKgrfbKoLiKAL1If-eYNHq8CHIvHt9LdYFmpp6Qkauk9aEX211qPe2IA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-14ZQj2PVaZcg5haFF3dnSQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.purpleads.io/x/init?ts=1690160623339
34.201.193.243200 OK 87 B URL GET HTTP/2 api.purpleads.io/x/init?ts=1690160623339
IP 34.201.193.243:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1690160623339 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.7
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFmSm13L1RoZV9CcmVhay1Jbl9CdWlsZF8wNzIxMjAyMy5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:03:59 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXhxzpRrI8MxRV-8v9OOOttS8YnD61ZtNWcPH7NOVXD3BIEnjm2YNnnSqM2_sVrrKqSIj6h_yA
142.250.74.109302 Found 392 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXhxzpRrI8MxRV-8v9OOOttS8YnD61ZtNWcPH7NOVXD3BIEnjm2YNnnSqM2_sVrrKqSIj6h_yA
IP 142.250.74.109:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint88:3A:16:13:A0:10:B6:19:DC:DA:DA:BA:25:7D:F9:3F:DD:EE:C2:B1
ValidityMon, 03 Jul 2023 08:19:15 GMT - Mon, 25 Sep 2023 08:19:14 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash b2302672d61c1b011509615650b57b00
54b97a06128648de3a44ef8f27ebc1cb9dc0e964
68a9c1f0c80a7c6583028040a2076fee560ec89d8810ede0eb294782d90185d1
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXhxzpRrI8MxRV-8v9OOOttS8YnD61ZtNWcPH7NOVXD3BIEnjm2YNnnSqM2_sVrrKqSIj6h_yA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:h5o1Hhvx_ceKen0iFRSYqt8R7KZbDw:P7RDl-LWhwsPYpzI;Path=/;Expires=Wed, 23-Jul-2025 01:03:59 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jul 2023 01:03:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S16852870%3A1690160639312526&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXhVOK5aT5r9R2OgOpJ8ijn-JqjFBE9QwEPvON4bdpBExXMie9rktkse7jdsB4QBwcA8wBjpBw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--0jRgAlQiqr55DH5AcMvKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?dsh=S-1777751517%3A1690160639266204&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6w7wx1QNloUlbVgLKgrfbKoLiKAL1If-eYNHq8CHIvHt9LdYFmpp6Qkauk9aEX211qPe2IA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109 1.7 kB URL accounts.google.com/v3/signin/identifier?dsh=S-1777751517%3A1690160639266204&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6w7wx1QNloUlbVgLKgrfbKoLiKAL1If-eYNHq8CHIvHt9LdYFmpp6Qkauk9aEX211qPe2IA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint88:3A:16:13:A0:10:B6:19:DC:DA:DA:BA:25:7D:F9:3F:DD:EE:C2:B1
ValidityMon, 03 Jul 2023 08:19:15 GMT - Mon, 25 Sep 2023 08:19:14 GMT
File type gzip compressed data, max compression\012- data
Hash 8e3a7e3ce2bb10e090e38a5c08095aa6
f5a39baa74a8dfd072d493d80ec0c4f508f3678a
732aa7f88775a65315ba70e15a2b2619415277a856162e30c995fe69def05b02
GET /v3/signin/identifier?dsh=S-1777751517%3A1690160639266204&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeDOFXg6w7wx1QNloUlbVgLKgrfbKoLiKAL1If-eYNHq8CHIvHt9LdYFmpp6Qkauk9aEX211qPe2IA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jul 2023 01:03:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-iV7x8MzWlBssoSmYYJYtTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
104.26.2.51200 OK 21 kB URL GET HTTP/2 cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 104.26.2.51:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint7C:BA:8F:B8:14:50:74:C6:07:D2:B2:F4:44:E9:B5:F2:A4:9B:32:39
ValiditySat, 17 Jun 2023 13:21:01 GMT - Fri, 15 Sep 2023 13:21:00 GMT
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 8f66f09578dbcea846aae62be7d17476
8def3149f4f7ce8833f114610687309cf80ca3f4
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:00 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"b39cf26a3117a603c41cc8048c21cbb2"
last-modified: Fri, 07 Jul 2023 13:21:56 GMT
x-amz-id-2: hRuGpLB9IZKmdNAqbeQ721y97xZOykGhypZaE9Alk7NWE/ZQf6SgObdIM1QiVnSVZoa+lgbLRlM=
x-amz-request-id: YDGXPE7SKJFYVVTJ
cache-control: max-age=86400
cf-cache-status: HIT
age: 1862
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlkQCS2bIjxc1BmKzVCM1vAMFKDrbCIvzHmlfVoejJ%2FJR3xjkULi%2FERyPC4maT6loFmswjM0Ai0Rm%2BfKNMwss83z6MQkRBJU59Pw1on%2Faoa7TXX50286we9Csq7yoDpaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f205868fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-07-11.js
104.26.2.51200 OK 96 kB URL GET HTTP/2 cdn.prplads.com/prebid-2023-07-11.js
IP 104.26.2.51:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint7C:BA:8F:B8:14:50:74:C6:07:D2:B2:F4:44:E9:B5:F2:A4:9B:32:39
ValiditySat, 17 Jun 2023 13:21:01 GMT - Fri, 15 Sep 2023 13:21:00 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash a773c2d28468a1b9797880da96454c50
43e3d4d0467ce43d3053dd8b3b3e1dc8b8b65b9c
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be
GET /prebid-2023-07-11.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:00 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=309911
etag: W/"5ebcd954e9429fcb6ba235104d6a1bbc"
last-modified: Tue, 11 Jul 2023 08:48:49 GMT
x-amz-id-2: 57oK1cwYY8xmzpjWE/5MVw8vuL3hAEcpEURSG8r0119HUxGXFc6eVTjZWqxgNkANihFeiNRAkPc=
x-amz-request-id: DT5TVN0EQ12R5KNN
cf-cache-status: HIT
age: 318925
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKS0ImLI4iEV8VQ%2F58lWyZ0IxTRH9XXuK39lONcKQboPLnerwZ08ABZDXL49mmppvmsB%2BX3L8h%2FF0%2FzG93sRDFngRLNSJTb0iYzr8pIggF9c0tFIv2KSlvJ5JVFPlnZugw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f204866fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ex.ingage.tech/v1/openrtb
104.22.5.61200 OK 0 B URL POST HTTP/2 ex.ingage.tech/v1/openrtb
IP 104.22.5.61:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.ingage.tech
FingerprintDE:C1:F2:5D:46:4F:1E:78:35:08:18:1A:A0:B0:8F:23:F8:FB:69:62
ValidityWed, 13 Jul 2022 00:00:00 GMT - Fri, 11 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/openrtb HTTP/1.1
Host: ex.ingage.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:04:00 GMT
content-length: 0
vary: Origin, Access-Control-Request-Headers
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7eb83f21c866b518-OSL
X-Firefox-Spdy: h2
ex.ingage.tech/v1/openrtb
104.22.5.61200 OK 1.5 kB URL POST HTTP/2 ex.ingage.tech/v1/openrtb
IP 104.22.5.61:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.ingage.tech
FingerprintDE:C1:F2:5D:46:4F:1E:78:35:08:18:1A:A0:B0:8F:23:F8:FB:69:62
ValidityWed, 13 Jul 2022 00:00:00 GMT - Fri, 11 Aug 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 35bdf3b41cfc1f6810f33b8425f9cefc
f66224f85b213ed3e9f78db114c9e1d0834d7270
28d78422e4161d11fa0a82291978fd5d0b11e858ae8a11b3128748c984abc852
POST /v1/openrtb HTTP/1.1
Host: ex.ingage.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 732
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:00 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7eb83f22cd62067b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bs.yandex.ru/metadsp/2346643?imp-id=1&target-ref=megaup.net&ssp-id=10500
213.180.193.90204 No Content 0 B URL POST HTTP/2 bs.yandex.ru/metadsp/2346643?imp-id=1&target-ref=megaup.net&ssp-id=10500
IP 213.180.193.90:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGlobalSign nv-sa
Subjectbs.yandex.ru
Fingerprint1C:B8:23:29:66:43:02:25:DE:19:23:C0:54:1F:01:F1:A1:FD:E8:9C
ValiditySat, 08 Apr 2023 21:02:08 GMT - Sat, 07 Oct 2023 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /metadsp/2346643?imp-id=1&target-ref=megaup.net&ssp-id=10500 HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 242
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
content-length: 0
timing-allow-origin: *
uniformat: true
date: Mon, 24 Jul 2023 01:04:00 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
pragma: no-cache
uniformat-product-type: None
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Mon, 24 Jul 2023 01:04:00 GMT
last-modified: Mon, 24 Jul 2023 01:04:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[300,250]]&slotid=60a7900d-8832-45d6-b59e-a64d61e25d9d&demand=unifiedPb&ts=1690160625548
34.201.193.243200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[300,250]]&slotid=60a7900d-8832-45d6-b59e-a64d61e25d9d&demand=unifiedPb&ts=1690160625548
IP 34.201.193.243:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[300,250]]&slotid=60a7900d-8832-45d6-b59e-a64d61e25d9d&demand=unifiedPb&ts=1690160625548 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.7
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFmSm13L1RoZV9CcmVhay1Jbl9CdWlsZF8wNzIxMjAyMy5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
pa-user-id: 9c1222e5-6a18-4b34-a6b7-4ff0fe61a5a2
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:04:00 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b15516d7-8ba1-4713-85d7-a4425e18c26b&demand=unifiedPb&ts=1690160625984
34.201.193.243200 OK 0 B URL OPTIONS HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b15516d7-8ba1-4713-85d7-a4425e18c26b&demand=unifiedPb&ts=1690160625984
IP 34.201.193.243:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerAmazon
Subject*.purpleads.io
Fingerprint2C:07:41:61:C9:75:ED:6A:72:5B:30:CE:B3:18:1C:47:DB:07:BF:D4
ValidityFri, 24 Feb 2023 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/v2/b/?idx=1&pid=6b5b71a429d3419c99cd54ce559e24b3&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b15516d7-8ba1-4713-85d7-a4425e18c26b&demand=unifiedPb&ts=1690160625984 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.7
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFmSm13L1RoZV9CcmVhay1Jbl9CdWlsZF8wNzIxMjAyMy5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
pa-user-id: 9c1222e5-6a18-4b34-a6b7-4ff0fe61a5a2
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 24 Jul 2023 01:04:01 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
heukwasanasosett.info/amdIbmNFWCsdXgsjIActBBcZKjUvIhwCECYxCQouPyZ9OyJaKm4aCg5acFxWU1Z5SBMDA3VdUUwUPA8XHxR1XFNaUm4HDQwIdVxTWlF4XlJZVW1ZIAITPB4QT1QJS1EsQnooGwcLZhcGBgsnGU4YAjsbDx4UKgcHDgI6QAwYAG1cJR4PPQMBBAYhAkZZISFLUC5NACQQWx44W1ImPhdeRlhROEtQLlZ+V1NbUXhYUFJJelxTUlZ9S1FcDiUJF09UDAcABQltWSBbV31fUlpUF1tUU19/W1NPUAtdUVtWcFhUXl5/WVBYX3xbUlpUbhheWklxQFJEUm4bXltReF9VX1B+XFpdU3lcUV1BPB4CDVp5SBMeEyRTUlxeeF9VWlF6WFFaVg
104.21.56.19204 No Content 0 B URL POST HTTP/3 heukwasanasosett.info/amdIbmNFWCsdXgsjIActBBcZKjUvIhwCECYxCQouPyZ9OyJaKm4aCg5acFxWU1Z5SBMDA3VdUUwUPA8XHxR1XFNaUm4HDQwIdVxTWlF4XlJZVW1ZIAITPB4QT1QJS1EsQnooGwcLZhcGBgsnGU4YAjsbDx4UKgcHDgI6QAwYAG1cJR4PPQMBBAYhAkZZISFLUC5NACQQWx44W1ImPhdeRlhROEtQLlZ+V1NbUXhYUFJJelxTUlZ9S1FcDiUJF09UDAcABQltWSBbV31fUlpUF1tUU19/W1NPUAtdUVtWcFhUXl5/WVBYX3xbUlpUbhheWklxQFJEUm4bXltReF9VX1B+XFpdU3lcUV1BPB4CDVp5SBMeEyRTUlxeeF9VWlF6WFFaVg
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /amdIbmNFWCsdXgsjIActBBcZKjUvIhwCECYxCQouPyZ9OyJaKm4aCg5acFxWU1Z5SBMDA3VdUUwUPA8XHxR1XFNaUm4HDQwIdVxTWlF4XlJZVW1ZIAITPB4QT1QJS1EsQnooGwcLZhcGBgsnGU4YAjsbDx4UKgcHDgI6QAwYAG1cJR4PPQMBBAYhAkZZISFLUC5NACQQWx44W1ImPhdeRlhROEtQLlZ+V1NbUXhYUFJJelxTUlZ9S1FcDiUJF09UDAcABQltWSBbV31fUlpUF1tUU19/W1NPUAtdUVtWcFhUXl5/WVBYX3xbUlpUbhheWklxQFJEUm4bXltReF9VX1B+XFpdU3lcUV1BPB4CDVp5SBMeEyRTUlxeeF9VWlF6WFFaVg HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 24 Jul 2023 01:04:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38PGLacCUQeiPatP0UzhgAxOp0QjSNp2mjua78g10z7%2F5s6QKPPnxQuogm27JaKOJatj%2FCx3%2FLSDU9F7UnVTc2Gmj7XsNL9wBwP9EkJkahVwzETmuJl55l3cMArAAHI%2BXDJgaQpJfZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f283d8eb4f7-OSL
alt-svc: h3=":443"; ma=86400
pogothere.xyz/
172.64.132.29200 OK 32 kB IP 172.64.132.29:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b566755235557843ab9e7c7e81068c21
0bff8af56c52fc7215d493ededfa7d71343e9eab
09b38cb90962bc192e581ea0c1907586fb7e1aa7385612a0e38485ab9331e1b2
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: text/plain
set-cookie: csu=975617714577742@1@1690160638; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjhimkSUWWhZjLSmxuCRctsYuziAX7Oxw7TkxY9mxCnB4RIZfKrrKhux%2Fopso%2FRTs3jwQhBpuHKYGQjfL52nrZSXEdzlhCmiZ%2Fu0dCw6%2BH0%2BwQkrbbvsjeHTXhsi1K4P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f18ea132407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623; hb_insticator_uid=ec408f7d-949d-4d3f-88f0-9c3b8e99df47
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:04:01 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623; hb_insticator_uid=ec408f7d-949d-4d3f-88f0-9c3b8e99df47
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:04:01 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-07-11.js
104.26.2.51200 OK 128 kB URL GET HTTP/2 cdn.prplads.com/prebid-2023-07-11.js
IP 104.26.2.51:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectprplads.com
Fingerprint7C:BA:8F:B8:14:50:74:C6:07:D2:B2:F4:44:E9:B5:F2:A4:9B:32:39
ValiditySat, 17 Jun 2023 13:21:01 GMT - Fri, 15 Sep 2023 13:21:00 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 128 kB (127958 bytes)
Hash a773c2d28468a1b9797880da96454c50
43e3d4d0467ce43d3053dd8b3b3e1dc8b8b65b9c
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be
GET /prebid-2023-07-11.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:00 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=309911
etag: W/"5ebcd954e9429fcb6ba235104d6a1bbc"
last-modified: Tue, 11 Jul 2023 08:48:49 GMT
x-amz-id-2: 57oK1cwYY8xmzpjWE/5MVw8vuL3hAEcpEURSG8r0119HUxGXFc6eVTjZWqxgNkANihFeiNRAkPc=
x-amz-request-id: DT5TVN0EQ12R5KNN
cf-cache-status: HIT
age: 318925
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAN%2BSkSaV%2BCkvG4jwwfc5mWdYdlfqf9O3Bnbbq1Jpb6wk9nqWP4VXV%2BvlwVd7vw5VYmokUyLCpIVHPiDT4%2FnZNwwGho8DgbvefxB0bU%2BnSopaxmn%2FOWEVKhNghAqQdhgAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f23d952fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
xml.yellow-resultsbidder.org/thumbnail?i=*HJs1yp51LY_0&p=1690160638.220815&imgt=icon
198.134.116.29 0 B URL GET xml.yellow-resultsbidder.org/thumbnail?i=*HJs1yp51LY_0&p=1690160638.220815&imgt=icon
IP 198.134.116.29:0
ASN #27257 WEBAIR-INTERNET
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=*HJs1yp51LY_0&p=1690160638.220815&imgt=icon HTTP/1.1
Host: xml.yellow-resultsbidder.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 24 Jul 2023 01:04:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://static.servingserved.com/n337/ad/192x192_tyLA69UTuseS2tUwPFwk.jpeg
Pragma: no-cache
static.servingserved.com/n337/ad/192x192_tyLA69UTuseS2tUwPFwk.jpeg
151.139.128.10200 OK 6.0 kB URL GET HTTP/2 static.servingserved.com/n337/ad/192x192_tyLA69UTuseS2tUwPFwk.jpeg
IP 151.139.128.10:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerLet's Encrypt
Subjectservingserved.com
Fingerprint51:3A:63:B9:3A:74:5A:53:6F:57:E6:D1:16:DC:BD:55:CC:9C:5D:1A
ValidityThu, 06 Jul 2023 12:10:24 GMT - Wed, 04 Oct 2023 12:10:23 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash eeef598876c05a83cc863490aaa93e30
c137e62b74b82110a75b16ac27f0b34514601625
686e2be66999b39b62cecf4588ccecc5d140efe2f8cacfc3d9eb2d5c889cea10
GET /n337/ad/192x192_tyLA69UTuseS2tUwPFwk.jpeg HTTP/1.1
Host: static.servingserved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:01 GMT
content-length: 6031
content-type: image/jpeg
last-modified: Thu, 30 Mar 2023 20:09:41 GMT
accept-ranges: bytes
etag: "6425ec85-178f"
cache-control: max-age=86400
server: fbs
x-hw: 1690160641.cds202.sk1.hn,1690160641.cds010.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623; hb_insticator_uid=ec408f7d-949d-4d3f-88f0-9c3b8e99df47
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:04:03 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
xml.yellow-resultsbidder.org/thumbnail?i=W6hmpmuNtIk_0&p=1690160638.220815&imgt=icon
198.134.116.29302 Found 0 B URL GET HTTP/1.1 xml.yellow-resultsbidder.org/thumbnail?i=W6hmpmuNtIk_0&p=1690160638.220815&imgt=icon
IP 198.134.116.29:443
ASN #27257 WEBAIR-INTERNET
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerLet's Encrypt
Subjectyellow-resultsbidder.org
Fingerprint84:BD:84:89:57:01:5C:3A:76:DB:7B:87:6A:F4:00:E4:64:7E:B2:5C
ValidityThu, 06 Jul 2023 12:36:23 GMT - Wed, 04 Oct 2023 12:36:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=W6hmpmuNtIk_0&p=1690160638.220815&imgt=icon HTTP/1.1
Host: xml.yellow-resultsbidder.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 24 Jul 2023 01:04:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://static.servingserved.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
Pragma: no-cache
heukwasanasosett.info/Z2pZclhIVToBZT0QGAsKVVM/MAkhWw5DCSMoESgCPx0ANzsLM38GMQNXYUBtXltoVCgODmRBakEZLRMsEhlkQGhXX38bNgEFZEBoV1xpQmlUWHxFGw8eLQIrQlkYV2ohT2s0IAoGdws9CwY2BXUVDyoHNBMZOxs8Aw8rXDcVDXxAHhMCLB86CQswHn1ULDBXayM9bxo1FwcsPCwuAQZCfVVcKVdrI1tvS2hWXGlEa19Ea0BoX1tsV2pRAzQVLEJZHRs7CAR8RRsJHzUefVApakBpVlJvRWxeXW5Bal9ebENoVEwvT2hJU3dDdlJMLE9pUVpoRG1QXGtLb1Nba0BvQR4pEz9aW38CLBMGZENuXlpoRGhRWWlDYFU
104.21.56.19204 No Content 0 B URL POST HTTP/3 heukwasanasosett.info/Z2pZclhIVToBZT0QGAsKVVM/MAkhWw5DCSMoESgCPx0ANzsLM38GMQNXYUBtXltoVCgODmRBakEZLRMsEhlkQGhXX38bNgEFZEBoV1xpQmlUWHxFGw8eLQIrQlkYV2ohT2s0IAoGdws9CwY2BXUVDyoHNBMZOxs8Aw8rXDcVDXxAHhMCLB86CQswHn1ULDBXayM9bxo1FwcsPCwuAQZCfVVcKVdrI1tvS2hWXGlEa19Ea0BoX1tsV2pRAzQVLEJZHRs7CAR8RRsJHzUefVApakBpVlJvRWxeXW5Bal9ebENoVEwvT2hJU3dDdlJMLE9pUVpoRG1QXGtLb1Nba0BvQR4pEz9aW38CLBMGZENuXlpoRGhRWWlDYFU
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Z2pZclhIVToBZT0QGAsKVVM/MAkhWw5DCSMoESgCPx0ANzsLM38GMQNXYUBtXltoVCgODmRBakEZLRMsEhlkQGhXX38bNgEFZEBoV1xpQmlUWHxFGw8eLQIrQlkYV2ohT2s0IAoGdws9CwY2BXUVDyoHNBMZOxs8Aw8rXDcVDXxAHhMCLB86CQswHn1ULDBXayM9bxo1FwcsPCwuAQZCfVVcKVdrI1tvS2hWXGlEa19Ea0BoX1tsV2pRAzQVLEJZHRs7CAR8RRsJHzUefVApakBpVlJvRWxeXW5Bal9ebENoVEwvT2hJU3dDdlJMLE9pUVpoRG1QXGtLb1Nba0BvQR4pEz9aW38CLBMGZENuXlpoRGhRWWlDYFU HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 24 Jul 2023 01:04:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2QbQ3HNurqCYXILmyjmHRAzzs20yKJF3BiD9a36e%2BR6Nuf6rSB0aqqoRMV4JWhnlUMpCHfuC1sybDNAaQ9Qrf9fXaYd4DgziSeiEe2Jf38X69VN58F0cJu9emVs9QbS1aAfshDpDvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7eb83f4119c4b4f7-OSL
alt-svc: h3=":443"; ma=86400
static.servingserved.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
151.139.128.10200 OK 6.3 kB URL GET HTTP/2 static.servingserved.com/n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg
IP 151.139.128.10:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerLet's Encrypt
Subjectservingserved.com
Fingerprint51:3A:63:B9:3A:74:5A:53:6F:57:E6:D1:16:DC:BD:55:CC:9C:5D:1A
ValidityThu, 06 Jul 2023 12:10:24 GMT - Wed, 04 Oct 2023 12:10:23 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 93e3c260245c2a1ad4b63df4c0ebf5a3
2ccb84898f62cf17a23c5841a8f29910364e2ee5
7f191166957890d1faa9d85dd48ee615b59556b1cba4b4847920db9d05ea8fc6
GET /n337/ad/192x192_LkOLuXg5EoqpGaHVLLnW.jpeg HTTP/1.1
Host: static.servingserved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:04:05 GMT
content-length: 6311
content-type: image/jpeg
last-modified: Fri, 07 Apr 2023 23:14:18 GMT
accept-ranges: bytes
etag: "6430a3ca-18a7"
cache-control: max-age=86400
server: fbs
x-hw: 1690160645.cds202.sk1.hn,1690160645.cds247.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 2.5 kB URL GET HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2582), with no line terminators
Hash a695bcdeef4ab1f27d01d2175ab9ddcd
442e6298bf7092455528a2b81e721aaf7a72ef09
ac92521ad4d3d0191d63ce8dda671b9e78c7c7e1d5f0b3fb2cf5424461f3f315
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 1.2 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash e95c130b43ef6c32b9c9459aff5706c1
51b8b0d3ae3eabd9c31e65098acfa9ba18e9bb30
6c3dde0843949903d807800c8d6706e357fd762d29885946bacac881d4abfb35
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0; _ga_Z9TE2LW16Q=GS1.1.1690160623.1.0.1690160623.0.0.0; _ga=GA1.1.1234386514.1690160623
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 102 kB IP 172.64.132.29:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 975
last-modified: Mon, 24 Jul 2023 00:47:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7%2FdoB0geNlFz7giDo1XiTnYya83l0whqgUUmZvhxwDTCIj1gFG6IGz4gByz4%2F%2Fk1gQrJxR3FRbEnK64BxgTyoj2t6Y5U23qTqBsOikuNgKoLl%2Fl2B2j75LB%2F%2FJBtHND"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f18fa1d2407-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 16 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 38c5167c8052d0c73892c3742b16e903
213ef9210b4a5c4e73a242e832a08f4abef69a74
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 198 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (464), with CRLF line terminators
Size 198 kB (197554 bytes)
Hash 35045d45f7d1dde1f90457c5d73700c5
a7fcee0ab1da615e828e51967c474ae91d768569
d72616e59f2ba832c54a0e734cdf0a79cb8730f81a07b5de43864c15a240e221
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint44:24:D6:98:F4:78:DE:87:21:F9:22:11:86:71:F3:7D:3F:50:08:59
ValidityMon, 03 Jul 2023 08:24:31 GMT - Mon, 25 Sep 2023 08:24:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:EO7a_1FP6A7ILIYEH9rUtHt6jignhg:xlAfV6A_HpU9oNEa; Expires=Wed, 23-Jul-2025 01:03:58 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jul 2023 01:03:58 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeDOFXhxzpRrI8MxRV-8v9OOOttS8YnD61ZtNWcPH7NOVXD3BIEnjm2YNnnSqM2_sVrrKqSIj6h_yA
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-Eoeb_O6hz2DP1OA_Vb3KJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 5.4 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (6528), with no line terminators
Hash 86379ef62388dc773f0c909c8678823c
5eff5eeda891aeb71ef023ab40006f5e9be33642
4152201489950049e566388267c82b03eda1810018354b17055593f250d1e658
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:56 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
heukwasanasosett.info/popunder.gif
104.21.56.19200 OK 35 B URL GET HTTP/3 heukwasanasosett.info/popunder.gif
IP 104.21.56.19:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectheukwasanasosett.info
Fingerprint96:D4:11:7E:B2:6C:1B:AB:26:FB:45:AF:68:76:3A:68:F7:77:C0:03
ValidityTue, 04 Jul 2023 09:29:56 GMT - Mon, 02 Oct 2023 09:29:55 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: heukwasanasosett.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 24 Jul 2023 01:03:58 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 3832
last-modified: Mon, 24 Jul 2023 00:00:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0ZroomuVvKMrWBAsFcHwp4NvErR4EXP7AYZAauWQR4H1uzwYnWV%2BdTBSpYZD%2BR6roM6bHe%2ByGJjLZp9%2FQOsTEPio4jHbnobX17A%2Bn%2FyptxIBQrrUABZikZaIYVOj1Rey8EnyzhVO6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7eb83f15bf8cb4f7-OSL
alt-svc: h3=":443"; ma=86400
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
91.209.70.182200 OK 23 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP 91.209.70.182:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
FingerprintEE:EF:A3:6B:57:FF:78:CA:ED:05:12:5B:C3:7F:36:53:C6:F9:53:2A
ValiditySat, 17 Sep 2022 00:00:00 GMT - Wed, 18 Oct 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash f8398a4ad2442f1943b62d93f89249b6
280150fc79d01a95808b1c16ca8749e8d8cda85e
7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=f30fh58nsp5oee3iqu16lnvgp0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 24 Jul 2023 01:03:57 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://megaup.net/1fJmw/The_Break-In_Build_07212023.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint44:24:D6:98:F4:78:DE:87:21:F9:22:11:86:71:F3:7D:3F:50:08:59
ValidityMon, 03 Jul 2023 08:24:31 GMT - Mon, 25 Sep 2023 08:24:30 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:Zv4mNXZVg2OvNeiDHvf4ndPQsDKgBQ:IZlLutRLYJv56HeZ; Expires=Wed, 23-Jul-2025 01:03:58 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 24 Jul 2023 01:03:58 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeDOFXhNoaF-5grZCaHcm3AyYULejUZgRGIkIZJoLSUUOcWr4HtOGBaY2Yb7TJhETRaaS3AMLNZazw
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-J57pM21Q5BpQTyUc_rwmUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 18 kB