Report - megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

Report Overview

Visited public
2025-04-22 21:35:15
Tags
URL
megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Finishing URL
megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
IP / ASN
94.242.53.111
#43317 SIA VEESP
Title
Schedule.I.v0.3.4f8-0xdeadcode.zip - MegaUp

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
xml.buthehads-serving.com	unknown	2024-07-23	2025-04-21	2025-04-21	940 B	30 kB	0.0.0.0
arnedtolethi.com	unknown	2025-04-04	2025-04-21	2025-04-21	6.1 kB	4.1 kB	104.21.48.1
img.vmmcdn.com	36292	2019-11-26	2019-11-26	2025-04-18	416 B	60 kB	46.4.121.113
accounts.google.com	81	1997-09-15	2012-05-23	2025-04-16	3.7 kB	13 kB	142.250.150.84
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	935 B	41 kB	142.250.74.10
d3og8t183i1vbg.cloudfront.net	unknown	2008-04-25	2025-04-06	2025-04-20	876 B	980 kB	108.157.217.208
undefined	142677	unknown	2020-01-28	2025-04-17	3.0 kB	0 B	0.0.0.0
megaup.net	179052	2004-06-24	2017-09-01	2025-04-18	17 kB	1.2 MB	94.242.53.111
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	3.9 kB	291 kB	142.250.74.35
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-16	1.0 kB	605 kB	142.250.74.136
static.buthehads-serving.com	unknown	2024-07-23	2025-04-21	2025-04-21	431 B	30 kB	23.33.119.211
rnmop.com	unknown	2025-02-10	2025-02-12	2025-04-18	888 B	59 kB	138.201.194.90
rougthatsidhe.org	unknown	2025-04-03	2025-04-21	2025-04-21	1.0 kB	4.1 kB	108.157.229.47
theharityhild.buzz	unknown	2022-09-19	2022-10-20	2025-04-16	578 B	0 B	0.0.0.0
tomlldahehun.org	unknown	2025-04-03	2025-04-17	2025-04-17	1.7 kB	9.2 kB	143.204.55.77
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2025-04-17	2.6 kB	310 kB	104.21.112.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-22	medium	undefined	Sinkholed
2025-04-22	medium	undefined	Sinkholed
2025-04-22	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (43)

	URL	From	Size	First Seen	Last Seen
	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 15:37 Last Seen2025-04-27 17:08 Times Seen49 Hash 27dd07b1450de792ad789458e2f68dc5 6b2e149fc35b6010d5c97a8bb5f765256187ad80 8e32be5b1933ffce7334fd4d54fb328633a434e7326d6845c7f844e0b11ec6d9 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 14:26 Last Seen2025-04-27 17:08 Times Seen45 Hash e17deeceb73c3946f218bff80f0a4417 05e60c9d91cb3f775418085f623cd1ec855f490b aadafb5fd102f5ebb4cc9cbac77a26c3f4a61e331f7cf2f126aeea2cb87111fc Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/themes/spirit/assets/frontend/js/datepicker.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 14:26 Last Seen2025-04-27 17:08 Times Seen49 Hash 29cbe95006a0d7d7f420707421d11da1 970d7ccef621f4dcb1f54dfe1630387effeb20a7 583e9ff1a534a5f1bca48e5b4763a61bde9a7b21b9da1cb41ffe00b1521298d8 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	1.0 kB	2025-04-07	2025-05-08
Pretty URL megaup.net/themes/spirit/assets/frontend/js/scripts.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 14:26 Last Seen2025-05-08 03:57 Times Seen43 Hash dd194b8069c57db0a8684ce2f3d78fea 02dbedcd197393fcda195c424607b885ef2d0f50 63157c75190d0422100aa13a2e4859fe4dd4a96541a852fbc4b1a030f76b667b Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	d3og8t183i1vbg.cloudfront.net/?itgod=761186	ScriptElement	1.0 kB	2025-04-07	2025-05-04
Pretty URL d3og8t183i1vbg.cloudfront.net/?itgod=761186 IP 108.157.217.208 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 00:21 Last Seen2025-05-04 12:33 Times Seen164 Hash cf40e1a0f0adb1d56a7aa3679b0c0cb6 a101b7dd894d7846d8ed3c1b441a36ba421f1632 14c1176151b4b9782f07181260427e4df4327e287825f428769ac4e5f0195a0b Loading...

	www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e54l0za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316	ScriptElement	331 kB	2025-04-22	2025-04-22
Pretty URL www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e54l0za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 21:35 Last Seen2025-04-22 21:35 Times Seen1 Hash ab59a7566f3dea6e4f4c6113af5a95e4 31a446539ef2b4b3480041a1568c3349e14d4fa6 df7106255cb85bbdb3ca84aebd7970167c40b80040efd315c9a99abadadca58f Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-05-09
Pretty URL megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 20:22 Times Seen1221 Hash c9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Loading...

	megaup.net/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/themes/spirit/assets/frontend/js/flickity.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 14:26 Last Seen2025-04-27 17:08 Times Seen50 Hash bf222976ba27320f8d3c26485691ca95 06948bc5a92a7bb99e8bf807c4396d77be2bc731 deb5a1de5c927c66b868aaa58f97c6e0bad6a6a91500598384ebf7c2dc7610ef Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/sw.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/sw.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 02:48 Last Seen2025-04-27 17:08 Times Seen39 Hash 54763acdac2b5cc823bf3fa273c3ca49 d0647d9d6a5ff39dcfc6aca4f8acdc1b2d9ad022 7d280d0e13ebe788f23641bf15962b3448ff2a716de4d0d9675a3a2eace50b67 Loading...

	rougthatsidhe.org/TnFidDUvEwEZCi9MAFJAPB1fUQcIVFAyUX0eBUxBf0lRHQQ4EwVaViIeFxBTPB4MABsgFBZRBwgZByx3BRI0MVQGCDMsVylBODheNhw2RHN5IjUQUw81BSF7fiAGOE0XBiY1dyU5GCV7GBgjN2UmEiMQTCUoJiZFejMmRFQeMic8fSZFDDNzLR0jDGd9IDoXYwsiMyNXCEk0PncEAjEybDw3NjpwHDYVMnwcKAAQQilUUDJxHzhaN3YLMCceWRY7IBx7BAlWBnAMBg8xfRw9LBoMKCg0DHYrHQkZcAxFFzxcFzo0LF0MIRVFYys0JBNmGERUInIHRjQsGCYzKBx0KxcnIgUdGygCZHw0ICZbeyQ7HkEYFCcxXwpANEF4CTMpJnIcMwcyTQ0UCi0FCRkRGGMJPEdGcx8fEjVsGx0gEV4MQTFEdD02ITlWCBg3PlELAlARBQQdNER3PTMlDHxoGxEbWz5MOj1BJEMXGFYCGhQ7Uhkj	ScriptElement	3.0 kB	2025-04-22	2025-04-22
Pretty URL rougthatsidhe.org/TnFidDUvEwEZCi9MAFJAPB1fUQcIVFAyUX0eBUxBf0lRHQQ4EwVaViIeFxBTPB4MABsgFBZRBwgZByx3BRI0MVQGCDMsVylBODheNhw2RHN5IjUQUw81BSF7fiAGOE0XBiY1dyU5GCV7GBgjN2UmEiMQTCUoJiZFejMmRFQeMic8fSZFDDNzLR0jDGd9IDoXYwsiMyNXCEk0PncEAjEybDw3NjpwHDYVMnwcKAAQQilUUDJxHzhaN3YLMCceWRY7IBx7BAlWBnAMBg8xfRw9LBoMKCg0DHYrHQkZcAxFFzxcFzo0LF0MIRVFYys0JBNmGERUInIHRjQsGCYzKBx0KxcnIgUdGygCZHw0ICZbeyQ7HkEYFCcxXwpANEF4CTMpJnIcMwcyTQ0UCi0FCRkRGGMJPEdGcx8fEjVsGx0gEV4MQTFEdD02ITlWCBg3PlELAlARBQQdNER3PTMlDHxoGxEbWz5MOj1BJEMXGFYCGhQ7Uhkj IP 108.157.229.47 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-22 21:35 Last Seen2025-04-22 21:35 Times Seen1 Hash 5f1e7b3eb1d3b02815b17e396a802b0c efae51c01aca1dd23c1426edb1180bec3c665828 948219941d88d006e50b28f22f1b427fca33077c297f30fbc28db2c7494f88d7 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-09 20:22 Times Seen1894 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	megaup.net/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	1.0 kB	2025-04-07	2025-04-27
Pretty URL megaup.net/themes/spirit/assets/frontend/js/granim.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-07 14:26 Last Seen2025-04-27 17:08 Times Seen45 Hash 0208ace6f230f367998aa60f9ac52b73 a37c963b88183f504af9a3c5bd2b44304aacfbf0 6250c0b8b78e747b31187d4039cb55811b98ad684d4b6cd78f29bf3ff4ee3cfa Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-10
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 04:16 Times Seen340776 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	megaup.net/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-05-09
Pretty URL megaup.net/themes/spirit/assets/frontend/js/typed.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 20:22 Times Seen3909 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-09
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-09 20:22 Times Seen412 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.4 kB	2023-03-07	2025-05-09
Pretty URL megaup.net/themes/spirit/assets/frontend/js/countdown.min.js IP 94.242.53.111 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-09 20:22 Times Seen1462 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	megaup.net/7d5815495eb070fb7f5c4a9ec727df38/sandbox%20eval%20code		147 B	2023-04-11	2025-05-10
Pretty URL megaup.net/7d5815495eb070fb7f5c4a9ec727df38/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-10 04:16 Times Seen341576 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (75)

URL IP Response Size

megaup.net/themes/spirit/assets/frontend/js/countdown.min.js

94.242.53.111

200 OK

5.4 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators
Size
5.4 kB (5360 bytes)
Hash
76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-14f0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

94.242.53.111

200 OK

4.3 kB

URL GET
megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:43 GMT
content-type: font/woff2
content-length: 4292
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-10c4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

rougthatsidhe.org/TnFidDUvEwEZCi9MAFJAPB1fUQcIVFAyUX0eBUxBf0lRHQQ4EwVaViIeFxBTPB4MABsgFBZRBwgZByx3BRI0MVQGCDMsVylBODheNhw2RHN5IjUQUw81BSF7fiAGOE0XBiY1dyU5GCV7GBgjN2UmEiMQTCUoJiZFejMmRFQeMic8fSZFDDNzLR0jDGd9IDoXYwsiMyNXCEk0PncEAjEybDw3NjpwHDYVMnwcKAAQQilUUDJxHzhaN3YLMCceWRY7IBx7BAlWBnAMBg8xfRw9LBoMKCg0DHYrHQkZcAxFFzxcFzo0LF0MIRVFYys0JBNmGERUInIHRjQsGCYzKBx0KxcnIgUdGygCZHw0ICZbeyQ7HkEYFCcxXwpANEF4CTMpJnIcMwcyTQ0UCi0FCRkRGGMJPEdGcx8fEjVsGx0gEV4MQTFEdD02ITlWCBg3PlELAlARBQQdNER3PTMlDHxoGxEbWz5MOj1BJEMXGFYCGhQ7Uhkj

108.157.229.47

200 OK

3.1 kB

URL GET
rougthatsidhe.org/TnFidDUvEwEZCi9MAFJAPB1fUQcIVFAyUX0eBUxBf0lRHQQ4EwVaViIeFxBTPB4MABsgFBZRBwgZByx3BRI0MVQGCDMsVylBODheNhw2RHN5IjUQUw81BSF7fiAGOE0XBiY1dyU5GCV7GBgjN2UmEiMQTCUoJiZFejMmRFQeMic8fSZFDDNzLR0jDGd9IDoXYwsiMyNXCEk0PncEAjEybDw3NjpwHDYVMnwcKAAQQilUUDJxHzhaN3YLMCceWRY7IBx7BAlWBnAMBg8xfRw9LBoMKCg0DHYrHQkZcAxFFzxcFzo0LF0MIRVFYys0JBNmGERUInIHRjQsGCYzKBx0KxcnIgUdGygCZHw0ICZbeyQ7HkEYFCcxXwpANEF4CTMpJnIcMwcyTQ0UCi0FCRkRGGMJPEdGcx8fEjVsGx0gEV4MQTFEdD02ITlWCBg3PlELAlARBQQdNER3PTMlDHxoGxEbWz5MOj1BJEMXGFYCGhQ7Uhkj
IP
108.157.229.47:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerAmazon
Subjectrougthatsidhe.org
FingerprintFB:E9:5F:11:E3:D3:26:A0:B6:EF:7B:B3:35:51:24:CC:74:99:67:2C
ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3070), with no line terminators
Size
3.1 kB (3070 bytes)
Hash
731fc84cc7b2460f63297f9d84cb754f
72116bafd95dbc0fccf9381fbb03833e3d299a46
922b092389a1011d4b41b65807e400d6d04b1a999c1ecdbb9760b346bc008687

HTTP Headers

GET /TnFidDUvEwEZCi9MAFJAPB1fUQcIVFAyUX0eBUxBf0lRHQQ4EwVaViIeFxBTPB4MABsgFBZRBwgZByx3BRI0MVQGCDMsVylBODheNhw2RHN5IjUQUw81BSF7fiAGOE0XBiY1dyU5GCV7GBgjN2UmEiMQTCUoJiZFejMmRFQeMic8fSZFDDNzLR0jDGd9IDoXYwsiMyNXCEk0PncEAjEybDw3NjpwHDYVMnwcKAAQQilUUDJxHzhaN3YLMCceWRY7IBx7BAlWBnAMBg8xfRw9LBoMKCg0DHYrHQkZcAxFFzxcFzo0LF0MIRVFYys0JBNmGERUInIHRjQsGCYzKBx0KxcnIgUdGygCZHw0ICZbeyQ7HkEYFCcxXwpANEF4CTMpJnIcMwcyTQ0UCi0FCRkRGGMJPEdGcx8fEjVsGx0gEV4MQTFEdD02ITlWCBg3PlELAlARBQQdNER3PTMlDHxoGxEbWz5MOj1BJEMXGFYCGhQ7Uhkj HTTP/1.1
Host: rougthatsidhe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1218
date: Tue, 22 Apr 2025 21:34:44 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=rfdXISj3sdSCso9ryIiNTq7pbf0eiAwxBFEhQw9RC318fnpMtyxGWNS4n8lZkcr1bcgtEtV+sct6cXTqUsIedc3UKYZ9htZ7UTxtMWD4getc93SL3NUJGF2P5edf; Expires=Tue, 29 Apr 2025 21:34:44 GMT; Path=/
AWSALBCORS=rfdXISj3sdSCso9ryIiNTq7pbf0eiAwxBFEhQw9RC318fnpMtyxGWNS4n8lZkcr1bcgtEtV+sct6cXTqUsIedc3UKYZ9htZ7UTxtMWD4getc93SL3NUJGF2P5edf; Expires=Tue, 29 Apr 2025 21:34:44 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 4JkpNnvhCOOy3M6M5cHIzZP5-Uqpca4ioc6LcmHRU183rm96VcS8cA==
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

94.242.53.111

200 OK

590 B

URL GET
megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
590 B (590 bytes)
Hash
ed3d11830b3e136b384f2a0b8082f235
3b75f2a64d528165f108d62e8c30d464b76945d7
1aef6752088fe69a166d3a84375431e1041dde8fa3f9ccbde26accb220feb4a5

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e; _ga_Z9TE2LW16Q=GS1.1.1745357685.1.0.1745357685.0.0.0; _ga=GA1.1.813284843.1745357685
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:45 GMT
content-type: image/png
content-length: 590
last-modified: Thu, 13 Feb 2025 17:42:00 GMT
vary: Accept-Encoding
etag: "67ae2ee8-24e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/custom.css

94.242.53.111

200 OK

8.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/custom.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
8.9 kB (8936 bytes)
Hash
68443327ebd1d8f35857bbb29d3ce6df
d34e37d8cebc246854f05dde78abc32b5ad5d9fe
98cf7514d65d87963ee938b6f83493b4429f8005a5f6814ba226a7b89c80aa45

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 19:56:14 GMT
vary: Accept-Encoding
etag: W/"67abab5e-22e8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/typed.min.js

94.242.53.111

200 OK

3.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/typed.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3949), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f6d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/sw.js

94.242.53.111

200 OK

103 kB

URL GET
megaup.net/sw.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (103036 bytes)
Hash
9ee51131e416458b88d6da4e6e6959ca
a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734

HTTP Headers

GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 22:15:30 GMT
vary: Accept-Encoding
etag: W/"63a23402-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuGjH7ftM0R00n3-LDmOY8FgAvPWKn4Uv2mT4-ohDFxFVfLNv3pSpOaVjigNmgVLyALYCOT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1008404088%3A1745357686180059

142.250.150.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuGjH7ftM0R00n3-LDmOY8FgAvPWKn4Uv2mT4-ohDFxFVfLNv3pSpOaVjigNmgVLyALYCOT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1008404088%3A1745357686180059
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuGjH7ftM0R00n3-LDmOY8FgAvPWKn4Uv2mT4-ohDFxFVfLNv3pSpOaVjigNmgVLyALYCOT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1008404088%3A1745357686180059 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:46 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-GA3yOz7B50IizXZ0ltrNyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.s8Yk6ZPYRbE.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

xml.buthehads-serving.com/thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon

0.0.0.0

0 B

URL GET
xml.buthehads-serving.com/thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon HTTP/1.1
Host: xml.buthehads-serving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

arnedtolethi.com/YmNjdk9NXAAFcgMIDxgAJ1IBEwlWLQYaN0dRIS44W1Y0PicEIFAnaRYKB0t3UFZaR35EEwoSclFRRQU7AxcWBXJQU1NDaQsNBRlyUFNTQH9SVlVFalUgCwI7EhBGRQ5HUSVTfSQRDRsgEk0AGSJHUSUfKkdQJQBqUSdXU31UAEZFC1UPChwBERMKFAQMNgYfJS8kKAYMITs6NxczPFtBFlI7EyQYVjELADwWWhEPK1cGDDccGlEkRCAxKjYvEA8HLDI3ETouO3lVICk0AjEVDSV/BC4mPScbVygMPScnNQIHEgkOBAQrUg0fBhoUEgY/G1VVGBkuDFUAOToxLj4qOFQXThsVJCIzNlYxWhE1Vwg6MmIMJSU0KgdUWy83VgERNBwTIjwkPAEGUB4aGFckAis0IQAidlA5WxgnIwArACFWMVExECRONTcDLygFBQIDVFsfKSZRVB5+EjkHBCYJCCQEPysvUxh3DzAbH39aUxMwIj0rAEI9MQopBAQMLFcnAQUVDxgCPRcUPnkrBhEiAFM8Ail8EgcORAkNCQUPNlYOJS4cVjo3ICMMFy0BYisELTgHGhQPGj0SWlonKC4iBxobLwksLyIANhoQAlpOUR87CSUGIgcLNwUvNjgbVk8nIRYqBwxaAVsRGyNRGhccMDdQExZUKVsZfCopNjF3B1M3PX4ID1oOdikaMhgQGycwNxcWNABAfQQgGjoECho6RAQIKipbfzsFFyEaGhFVFRhVDFdFATsCFgIDCTMnHQxXCQVbIxIaGzwBWxsxJyc6FgUUNiolDCc9UlYzAw0LCxssGUdRVQB+R1AnQXZHUVUAfUdQJ0F+V1JVU3ghDRYaI0dUIEd/U1ZWQn9RVlFPfVpWV0R6WltFAHJSTVpYfUxVRQNyT1FFAj8DBF5HaRIXFxpyU1RXQ3xXVFVPfVpbUA

104.21.48.1

204 No Content

0 B

URL POST
arnedtolethi.com/YmNjdk9NXAAFcgMIDxgAJ1IBEwlWLQYaN0dRIS44W1Y0PicEIFAnaRYKB0t3UFZaR35EEwoSclFRRQU7AxcWBXJQU1NDaQsNBRlyUFNTQH9SVlVFalUgCwI7EhBGRQ5HUSVTfSQRDRsgEk0AGSJHUSUfKkdQJQBqUSdXU31UAEZFC1UPChwBERMKFAQMNgYfJS8kKAYMITs6NxczPFtBFlI7EyQYVjELADwWWhEPK1cGDDccGlEkRCAxKjYvEA8HLDI3ETouO3lVICk0AjEVDSV/BC4mPScbVygMPScnNQIHEgkOBAQrUg0fBhoUEgY/G1VVGBkuDFUAOToxLj4qOFQXThsVJCIzNlYxWhE1Vwg6MmIMJSU0KgdUWy83VgERNBwTIjwkPAEGUB4aGFckAis0IQAidlA5WxgnIwArACFWMVExECRONTcDLygFBQIDVFsfKSZRVB5+EjkHBCYJCCQEPysvUxh3DzAbH39aUxMwIj0rAEI9MQopBAQMLFcnAQUVDxgCPRcUPnkrBhEiAFM8Ail8EgcORAkNCQUPNlYOJS4cVjo3ICMMFy0BYisELTgHGhQPGj0SWlonKC4iBxobLwksLyIANhoQAlpOUR87CSUGIgcLNwUvNjgbVk8nIRYqBwxaAVsRGyNRGhccMDdQExZUKVsZfCopNjF3B1M3PX4ID1oOdikaMhgQGycwNxcWNABAfQQgGjoECho6RAQIKipbfzsFFyEaGhFVFRhVDFdFATsCFgIDCTMnHQxXCQVbIxIaGzwBWxsxJyc6FgUUNiolDCc9UlYzAw0LCxssGUdRVQB+R1AnQXZHUVUAfUdQJ0F+V1JVU3ghDRYaI0dUIEd/U1ZWQn9RVlFPfVpWV0R6WltFAHJSTVpYfUxVRQNyT1FFAj8DBF5HaRIXFxpyU1RXQ3xXVFVPfVpbUA
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /YmNjdk9NXAAFcgMIDxgAJ1IBEwlWLQYaN0dRIS44W1Y0PicEIFAnaRYKB0t3UFZaR35EEwoSclFRRQU7AxcWBXJQU1NDaQsNBRlyUFNTQH9SVlVFalUgCwI7EhBGRQ5HUSVTfSQRDRsgEk0AGSJHUSUfKkdQJQBqUSdXU31UAEZFC1UPChwBERMKFAQMNgYfJS8kKAYMITs6NxczPFtBFlI7EyQYVjELADwWWhEPK1cGDDccGlEkRCAxKjYvEA8HLDI3ETouO3lVICk0AjEVDSV/BC4mPScbVygMPScnNQIHEgkOBAQrUg0fBhoUEgY/G1VVGBkuDFUAOToxLj4qOFQXThsVJCIzNlYxWhE1Vwg6MmIMJSU0KgdUWy83VgERNBwTIjwkPAEGUB4aGFckAis0IQAidlA5WxgnIwArACFWMVExECRONTcDLygFBQIDVFsfKSZRVB5+EjkHBCYJCCQEPysvUxh3DzAbH39aUxMwIj0rAEI9MQopBAQMLFcnAQUVDxgCPRcUPnkrBhEiAFM8Ail8EgcORAkNCQUPNlYOJS4cVjo3ICMMFy0BYisELTgHGhQPGj0SWlonKC4iBxobLwksLyIANhoQAlpOUR87CSUGIgcLNwUvNjgbVk8nIRYqBwxaAVsRGyNRGhccMDdQExZUKVsZfCopNjF3B1M3PX4ID1oOdikaMhgQGycwNxcWNABAfQQgGjoECho6RAQIKipbfzsFFyEaGhFVFRhVDFdFATsCFgIDCTMnHQxXCQVbIxIaGzwBWxsxJyc6FgUUNiolDCc9UlYzAw0LCxssGUdRVQB+R1AnQXZHUVUAfUdQJ0F+V1JVU3ghDRYaI0dUIEd/U1ZWQn9RVlFPfVpWV0R6WltFAHJSTVpYfUxVRQNyT1FFAj8DBF5HaRIXFxpyU1RXQ3xXVFVPfVpbUA HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Tue, 22 Apr 2025 21:34:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQh5uSOGh4%2FG7V6m1TIYZujAzTMg9bF39cpLcQPUyarCbaJ66gGdQS21S6GU%2ByFhivXbvxbkRjIEBuwVGm8GWQD%2FY2cA0O%2Ftj%2BqLCHtr70urwZeAIejZFvGQ6oyJKQyqUQMI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 93483f6cdc740b41-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12218&min_rtt=7044&rtt_var=4333&sent=54&recv=69&lost=0&retrans=1&sent_bytes=8061&recv_bytes=6225&delivery_rate=3623&cwnd=12000&unsent_bytes=0&cid=5b1853ad4320005f&ts=8212&x=16"

megaup.net/themes/spirit/assets/frontend/js/scripts.js

94.242.53.111

200 OK

115 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/scripts.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
Size
115 kB (114862 bytes)
Hash
ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1c0ae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 472944
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

arnedtolethi.com/OGJFeE4XXSYLc2EPFzAcCjQWLSBiURA+Pm8BDTIfbg4fACpuI2MMJ1xffU94C1N9Xj5RBnhKdx4RMRk6TRF4SWhRDCMXcx4UeElgCExzSGAMRDBFfx4WNRkpBVNjCDpMDnhJeQxXdk15Dlp2TXwA

104.21.48.1

204 No Content

0 B

URL GET
arnedtolethi.com/OGJFeE4XXSYLc2EPFzAcCjQWLSBiURA+Pm8BDTIfbg4fACpuI2MMJ1xffU94C1N9Xj5RBnhKdx4RMRk6TRF4SWhRDCMXcx4UeElgCExzSGAMRDBFfx4WNRkpBVNjCDpMDnhJeQxXdk15Dlp2TXwA
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /OGJFeE4XXSYLc2EPFzAcCjQWLSBiURA+Pm8BDTIfbg4fACpuI2MMJ1xffU94C1N9Xj5RBnhKdx4RMRk6TRF4SWhRDCMXcx4UeElgCExzSGAMRDBFfx4WNRkpBVNjCDpMDnhJeQxXdk15Dlp2TXwA HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 22 Apr 2025 21:34:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93483f37bc940b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.buthehads-serving.com/thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon

198.134.116.29

302 Found

30 kB

URL GET
xml.buthehads-serving.com/thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon
IP
198.134.116.29:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectbuthehads-serving.com
Fingerprint8D:A3:8A:6F:34:95:F0:56:72:FD:81:66:97:0A:99:9D:A2:79:21:BB
ValidityTue, 18 Mar 2025 06:39:27 GMT - Mon, 16 Jun 2025 06:39:26 GMT

File type

Size
30 kB (29780 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thumbnail?i=JWkSJnouPtk_0&p=1745357686.220815&imgt=icon HTTP/1.1
Host: xml.buthehads-serving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 22 Apr 2025 21:34:49 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://static.buthehads-serving.com/n337/ad/250x250_Q9KZuyHG.png

megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

94.242.53.111

200 OK

87 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86713 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-152b9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

94.242.53.111

200 OK

70 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
Size
70 kB (69754 bytes)
Hash
6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1107a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

arnedtolethi.com/WVllT1V2ZgY8aDwRNycHMgsnHRMTfFcNMQwxJBgNC2sxJB8OOi0Gcy0wAXJib2hUd2N/KQwraGh/Fjs0LSwWcmR/MAspOmR/E3Jkd2pRYWZvd1FpIGRoQzslOD5YfnMpLREjaGhuUXpmbG5Td2ZtaFc

104.21.48.1

204 No Content

0 B

URL GET
arnedtolethi.com/WVllT1V2ZgY8aDwRNycHMgsnHRMTfFcNMQwxJBgNC2sxJB8OOi0Gcy0wAXJib2hUd2N/KQwraGh/Fjs0LSwWcmR/MAspOmR/E3Jkd2pRYWZvd1FpIGRoQzslOD5YfnMpLREjaGhuUXpmbG5Td2ZtaFc
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WVllT1V2ZgY8aDwRNycHMgsnHRMTfFcNMQwxJBgNC2sxJB8OOi0Gcy0wAXJib2hUd2N/KQwraGh/Fjs0LSwWcmR/MAspOmR/E3Jkd2pRYWZvd1FpIGRoQzslOD5YfnMpLREjaGhuUXpmbG5Td2ZtaFc HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 22 Apr 2025 21:34:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93483f379c5b0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e54l0za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316

142.250.74.136

200 OK

331 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e54l0za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
331 kB (331291 bytes)
Hash
ab59a7566f3dea6e4f4c6113af5a95e4
31a446539ef2b4b3480041a1568c3349e14d4fa6
df7106255cb85bbdb3ca84aebd7970167c40b80040efd315c9a99abadadca58f

HTTP Headers

GET /gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e54l0za200&tag_exp=102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Apr 2025 21:34:44 GMT
expires: Tue, 22 Apr 2025 21:34:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1063:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1063:0
report-to: {"group":"ascgcycc:1063:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1063:0"}],}
server: Google Tag Manager
content-length: 115405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

arnedtolethi.com/QVQ3SjFua1Q5DCATQH9iBRJtEmADbXUmBCMVb3J3FjgHCFQ2MxE+WCVpD3gEeGUGbEEoMAp5A2cnQytFNCcKeAFxYxEjXyc7CngXN2kHZAhvZhl8FzRpBmxFMTVQdwBnJEM+XXxlAH4EcmEAfAl0YAR7

104.21.48.1

204 No Content

0 B

URL POST
arnedtolethi.com/QVQ3SjFua1Q5DCATQH9iBRJtEmADbXUmBCMVb3J3FjgHCFQ2MxE+WCVpD3gEeGUGbEEoMAp5A2cnQytFNCcKeAFxYxEjXyc7CngXN2kHZAhvZhl8FzRpBmxFMTVQdwBnJEM+XXxlAH4EcmEAfAl0YAR7
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /QVQ3SjFua1Q5DCATQH9iBRJtEmADbXUmBCMVb3J3FjgHCFQ2MxE+WCVpD3gEeGUGbEEoMAp5A2cnQytFNCcKeAFxYxEjXyc7CngXN2kHZAhvZhl8FzRpBmxFMTVQdwBnJEM+XXxlAH4EcmEAfAl0YAR7 HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Tue, 22 Apr 2025 21:34:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFyfgbsSeNbFhQgy4lGpvi%2FHl3lSmpJhoNKELzUPE0EJobksOcrlqCILe6SkqXD3TmqgKBtGPYpcZguRnh3Tf2YIOqLaEL3g0Y63BvXKZ0skcEKWZjqVc%2FyCAnmq1ZiyWkGJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 93483f3e3a100b41-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10794&min_rtt=7044&rtt_var=4029&sent=47&recv=63&lost=0&retrans=0&sent_bytes=5652&recv_bytes=4141&delivery_rate=1764&cwnd=12000&unsent_bytes=0&cid=5b1853ad4320005f&ts=769&x=16"

megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

94.242.53.111

200 OK

536 B

URL GET
megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
PNG image data, 57 x 57, 8-bit colormap, non-interlaced
Size
536 B (536 bytes)
Hash
0019444f6b6df5b4b5ed32b6b469caab
4232370d10ab54ef9bda57aa9dcb813036047b35
0509f6df067face535f028cd86200748952227161f8f244aa7864e7848553562

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e; _ga_Z9TE2LW16Q=GS1.1.1745357685.1.0.1745357685.0.0.0; _ga=GA1.1.813284843.1745357685
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:45 GMT
content-type: image/png
content-length: 536
last-modified: Thu, 13 Feb 2025 17:40:08 GMT
vary: Accept-Encoding
etag: "67ae2e78-218"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.112.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
183 B (183 bytes)
Hash
607f8a53dbf072834a28425fae6b0084
a64f05fe0b51691778ebf447e3664bfbd78cbe42
30032743c9cc551853d7e87cd9335dd20bb136932179fcb7f8136b2f5e9033ba

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: text/html
server: cloudflare
cf-cache-status: DYNAMIC
cf-ray: 93483f417c2cb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVvGbARovNYkfPcNN14yFKvH0Lp7Ew1-Z08qh3U_OERW-k3mnW1v_q6ZW_wZlO4oJDp7GxK1

142.250.150.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVvGbARovNYkfPcNN14yFKvH0Lp7Ew1-Z08qh3U_OERW-k3mnW1v_q6ZW_wZlO4oJDp7GxK1
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint52:D3:F7:7E:94:6F:70:55:50:A6:EA:38:4B:15:DF:91:54:96:59:82
ValidityMon, 31 Mar 2025 08:56:30 GMT - Mon, 23 Jun 2025 08:56:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVvGbARovNYkfPcNN14yFKvH0Lp7Ew1-Z08qh3U_OERW-k3mnW1v_q6ZW_wZlO4oJDp7GxK1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:OsY2Xiz7_EYyfoqhhm5U3Azn_8EW:JZx3BBaOfVidBwEa;Path=/;Expires=Thu, 22-Apr-2027 21:34:46 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:46 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVv84pZTsErbds7aSOkCoKy2cqRNnDUub9z1njkhXWsgCTkFrd1VkydOGB9cdRmPp7KZ_dr_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S958959161%3A1745357686252064
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LXWZ2PYLVFg35CV3OMV5zg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 418
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/iconsmind.css

94.242.53.111

200 OK

103 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
103 kB (102727 bytes)
Hash
c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-19147"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/flickity.min.js

94.242.53.111

200 OK

54 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
Size
54 kB (53873 bytes)
Hash
8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-d271"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/datepicker.js

94.242.53.111

200 OK

21 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/datepicker.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Size
21 kB (20975 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-51ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/granim.min.js

94.242.53.111

200 OK

11 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/granim.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
Size
11 kB (10635 bytes)
Hash
714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-298b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-108868042-1

142.250.74.136

200 OK

271 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE4:97:12:2A:2B:30:84:66:33:9D:D6:09:14:D3:8F:CE:3E:20:73:24
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
271 kB (271276 bytes)
Hash
b5987c6eaf70649c2f3c02ab56e9d5b0
1ce8de9c93038d97892f282fc169942ee2144167
e3fdc17687a9cc36a3032fc1d5cc2cb063979e74feb911239aee066221a3305e

HTTP Headers

GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Apr 2025 21:34:42 GMT
expires: Tue, 22 Apr 2025 21:34:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Apr 2025 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1063:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1063:0
report-to: {"group":"ascgcycc:1063:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1063:0"}],}
server: Google Tag Manager
content-length: 95603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

theharityhild.buzz/RzhaSjk8Gik9ZjJKNmgDZVAuPkk0AnVlVCJfOz9JaVY%2FPhY0T3QgSmUUeDlUIRpgexVlSzc8G30abmQKZRR4PlggZzMuG30aYnkLcQtpaBVlSy8oZi5caGgDZV5ieQokCG4oFHFdaigUc1w4ehR%2BDGJ9FCEOPy9cJF05KVokXXg3

0.0.0.0

0 B

URL GET
theharityhild.buzz/RzhaSjk8Gik9ZjJKNmgDZVAuPkk0AnVlVCJfOz9JaVY%2FPhY0T3QgSmUUeDlUIRpgexVlSzc8G30abmQKZRR4PlggZzMuG30aYnkLcQtpaBVlSy8oZi5caGgDZV5ieQokCG4oFHFdaigUc1w4ehR%2BDGJ9FCEOPy9cJF05KVokXXg3
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /RzhaSjk8Gik9ZjJKNmgDZVAuPkk0AnVlVCJfOz9JaVY%2FPhY0T3QgSmUUeDlUIRpgexVlSzc8G30abmQKZRR4PlggZzMuG30aYnkLcQtpaBVlSy8oZi5caGgDZV5ieQokCG4oFHFdaigUc1w4ehR%2BDGJ9FCEOPy9cJF05KVokXXg3 HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

94.242.53.111

200 OK

80 kB

URL GET
megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:44 GMT
content-type: font/woff2
content-length: 80148
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-13914"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.150.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint52:D3:F7:7E:94:6F:70:55:50:A6:EA:38:4B:15:DF:91:54:96:59:82
ValidityMon, 31 Mar 2025 08:56:30 GMT - Mon, 23 Jun 2025 08:56:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:mr55jnxfwa1dPrPe9zTYIlhnH6AtXA:j_ctvVw8Vux8kTEW; Expires=Thu, 22-Apr-2027 21:34:46 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:46 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVvGbARovNYkfPcNN14yFKvH0Lp7Ew1-Z08qh3U_OERW-k3mnW1v_q6ZW_wZlO4oJDp7GxK1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-BWZsOU5JTDtRY1bMr8Y2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.10

200 OK

39 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text, with very long lines (1572)
Size
39 kB (39341 bytes)
Hash
1570f79838476e473326cd7a3fb1d06b
81ce3aa01918d85e18534934cd967f35a7558f1a
f0a8682f65670a4a8fd9a982d1b3a36521a2e74d47cece7d3b1f84f262c8b51c

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Apr 2025 21:34:42 GMT
date: Tue, 22 Apr 2025 21:34:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png

94.242.53.111

200 OK

7.1 kB

URL GET
megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7137 bytes)
Hash
5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018

HTTP Headers

GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: image/png
content-length: 7137
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js

94.242.53.111

200 OK

6.0 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators
Size
6.0 kB (6028 bytes)
Hash
c9e3a210d83398f301b3a7049c259676
8e227bb40fe120841829a7fef0ffeb091d179a91
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-178c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

d3og8t183i1vbg.cloudfront.net/?itgod=761186

108.157.217.208

200 OK

490 kB

URL GET
d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP
108.157.217.208:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
490 kB (489704 bytes)
Hash
1c1fa2e3b82d33f902c7fd97454d7fe2
459eb549b467b3630d635d2d2bfc655a32022e34
d59d3e54c21b4fe3730366ba4577f0e91b13b6f41fadd661d06042ade643b416

HTTP Headers

GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 152033
date: Tue, 22 Apr 2025 21:34:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 94251f2595ef5679fba3c952e8743886.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: On-D0XZJDel-eWyaGcQvI5bG-RINHy5Xci1VBco-hvTkxPvBv1tI9w==
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

104.21.112.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: binary/octet-stream
server: cloudflare
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 2223860
last-modified: Fri, 28 Mar 2025 03:50:26 GMT
cf-ray: 93483f412bbfb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.112.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
183 B (183 bytes)
Hash
607f8a53dbf072834a28425fae6b0084
a64f05fe0b51691778ebf447e3664bfbd78cbe42
30032743c9cc551853d7e87cd9335dd20bb136932179fcb7f8136b2f5e9033ba

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: text/html
server: cloudflare
cf-cache-status: DYNAMIC
cf-ray: 93483f41eca6b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsQBL5zOiwUJiPXaxxI-NOVJrlF01vciswUQvOGfeLs0RkCDs2ktngzildpN4I14SX6Wrvt3A

142.250.150.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsQBL5zOiwUJiPXaxxI-NOVJrlF01vciswUQvOGfeLs0RkCDs2ktngzildpN4I14SX6Wrvt3A
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint52:D3:F7:7E:94:6F:70:55:50:A6:EA:38:4B:15:DF:91:54:96:59:82
ValidityMon, 31 Mar 2025 08:56:30 GMT - Mon, 23 Jun 2025 08:56:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsQBL5zOiwUJiPXaxxI-NOVJrlF01vciswUQvOGfeLs0RkCDs2ktngzildpN4I14SX6Wrvt3A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:3Pv5aF7Q4g2BCdm9ixhyh6qfE-RDQg:d3NjI3jxbMCtZt7B;Path=/;Expires=Thu, 22-Apr-2027 21:34:46 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:46 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuGjH7ftM0R00n3-LDmOY8FgAvPWKn4Uv2mT4-ohDFxFVfLNv3pSpOaVjigNmgVLyALYCOT&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1008404088%3A1745357686180059
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LpycQENO2Eo2418s6WRD8g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVv84pZTsErbds7aSOkCoKy2cqRNnDUub9z1njkhXWsgCTkFrd1VkydOGB9cdRmPp7KZ_dr_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S958959161%3A1745357686252064

142.250.150.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVv84pZTsErbds7aSOkCoKy2cqRNnDUub9z1njkhXWsgCTkFrd1VkydOGB9cdRmPp7KZ_dr_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S958959161%3A1745357686252064
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D
ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVv84pZTsErbds7aSOkCoKy2cqRNnDUub9z1njkhXWsgCTkFrd1VkydOGB9cdRmPp7KZ_dr_&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S958959161%3A1745357686252064 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:46 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ojK4y7QnKZIlgIlQWELu4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.s8Yk6ZPYRbE.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

arnedtolethi.com/WEFDOU93fiBKcjwUGWsaM3AOXSISMCV8GSEgFHtqagcSCg01GwtKaSwoJwR4bnByAXl+MSpdcmlnME0uLDQwBHxocXIfJjYnLAR/aHFyHzllcG0Ke3ZydRd7fjR+FH1+NTNYKGVwZUk7LC1+CHhsdHAMeG55dQF+bg

104.21.48.1

204 No Content

0 B

URL POST
arnedtolethi.com/WEFDOU93fiBKcjwUGWsaM3AOXSISMCV8GSEgFHtqagcSCg01GwtKaSwoJwR4bnByAXl+MSpdcmlnME0uLDQwBHxocXIfJjYnLAR/aHFyHzllcG0Ke3ZydRd7fjR+FH1+NTNYKGVwZUk7LC1+CHhsdHAMeG55dQF+bg
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /WEFDOU93fiBKcjwUGWsaM3AOXSISMCV8GSEgFHtqagcSCg01GwtKaSwoJwR4bnByAXl+MSpdcmlnME0uLDQwBHxocXIfJjYnLAR/aHFyHzllcG0Ke3ZydRd7fjR+FH1+NTNYKGVwZUk7LC1+CHhsdHAMeG55dQF+bg HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Tue, 22 Apr 2025 21:34:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3wIuUviuUpGrUGqi7Z1AC8lBhbzb6b0a9nhnnv8QZb08ZNrac5b78UWuaChJ4PuV4UrPXNGk0KDigOInuhM0NoppjFWiMDCvs7ZA4EvaePaqbtlVbBlcyQ6nsGCjwbgNxM9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 93483f46fa820b41-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10621&min_rtt=7044&rtt_var=3368&sent=50&recv=65&lost=0&retrans=1&sent_bytes=6884&recv_bytes=4568&delivery_rate=6019&cwnd=12000&unsent_bytes=0&cid=5b1853ad4320005f&ts=2148&x=16"

megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css

94.242.53.111

200 OK

6.0 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (6019 bytes)
Hash
25cfe48e07622a00154b677afcbaeb47
23e3ae1bd04ad1d00d25d30e39815104ceeae52f
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1783"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 472944
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

undefined/M2tBeW5SCSIUUVJWI18bQQd8XFx1TnM/CgAEJkEaAlNyEF9FCSZXDV8ENB0IQQQvDUBdDjVcXHUzIhM/BjhxEjxkWiINClQxJSE2aRMTKCd4Di8/O2EuMgwiA1IbIS1EBANJP2shEg4pdgcMTSRbEwQ7L1QYET80ByYvHgtyKnk9Il85ACgXClsQESRlICgaOHA5eQwkSy4LOikDBAcVN3YNc0EpYS0YHgpyHyAtOlhOcz8tAzkAMjpDPhAvBgEhA0ghZigiFStLLg09NksIAzsWBg4XCSpmKBQNJmYlChsARygWEl9GDnEwKHA8F0w4RA92GwBHKBBIQ3IHJ0k3YSgmFR1iKhM7CGtaGTtdRx4kSSR0P3NMWH4cFDIIAQ8CMTxLXiQrOGE8KDgDZRwbXFx1DhkVKnEqLU8LZiYTOl1AHQZJNFAnEiAldjoyNwt2LgA/XUcdAw4Fek0rCgFdG3w6C30JAABfX193MQk

0.0.0.0

0 B

URL GET
undefined/M2tBeW5SCSIUUVJWI18bQQd8XFx1TnM/CgAEJkEaAlNyEF9FCSZXDV8ENB0IQQQvDUBdDjVcXHUzIhM/BjhxEjxkWiINClQxJSE2aRMTKCd4Di8/O2EuMgwiA1IbIS1EBANJP2shEg4pdgcMTSRbEwQ7L1QYET80ByYvHgtyKnk9Il85ACgXClsQESRlICgaOHA5eQwkSy4LOikDBAcVN3YNc0EpYS0YHgpyHyAtOlhOcz8tAzkAMjpDPhAvBgEhA0ghZigiFStLLg09NksIAzsWBg4XCSpmKBQNJmYlChsARygWEl9GDnEwKHA8F0w4RA92GwBHKBBIQ3IHJ0k3YSgmFR1iKhM7CGtaGTtdRx4kSSR0P3NMWH4cFDIIAQ8CMTxLXiQrOGE8KDgDZRwbXFx1DhkVKnEqLU8LZiYTOl1AHQZJNFAnEiAldjoyNwt2LgA/XUcdAw4Fek0rCgFdG3w6C30JAABfX193MQk
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /M2tBeW5SCSIUUVJWI18bQQd8XFx1TnM/CgAEJkEaAlNyEF9FCSZXDV8ENB0IQQQvDUBdDjVcXHUzIhM/BjhxEjxkWiINClQxJSE2aRMTKCd4Di8/O2EuMgwiA1IbIS1EBANJP2shEg4pdgcMTSRbEwQ7L1QYET80ByYvHgtyKnk9Il85ACgXClsQESRlICgaOHA5eQwkSy4LOikDBAcVN3YNc0EpYS0YHgpyHyAtOlhOcz8tAzkAMjpDPhAvBgEhA0ghZigiFStLLg09NksIAzsWBg4XCSpmKBQNJmYlChsARygWEl9GDnEwKHA8F0w4RA92GwBHKBBIQ3IHJ0k3YSgmFR1iKhM7CGtaGTtdRx4kSSR0P3NMWH4cFDIIAQ8CMTxLXiQrOGE8KDgDZRwbXFx1DhkVKnEqLU8LZiYTOl1AHQZJNFAnEiAldjoyNwt2LgA/XUcdAw4Fek0rCgFdG3w6C30JAABfX193MQk HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ukankingwithea.com/asd100.bin

104.21.112.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: binary/octet-stream
server: cloudflare
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 2223860
last-modified: Fri, 28 Mar 2025 03:50:26 GMT
cf-ray: 93483f413bcab4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

104.21.112.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: binary/octet-stream
server: cloudflare
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 2223860
last-modified: Fri, 28 Mar 2025 03:50:26 GMT
cf-ray: 93483f418c39b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d3og8t183i1vbg.cloudfront.net/?itgod=761186

108.157.217.208

200 OK

490 kB

URL GET
d3og8t183i1vbg.cloudfront.net/?itgod=761186
IP
108.157.217.208:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
490 kB (489704 bytes)
Hash
bb9e34ef38db319e7d8db1d3226c459f
788e367cb4da96ecb453d99828b97e7451468be7
4fb3abe68aca62442ffaa461bd4c1f6d6d7668f695e9be9ebde0f99f02a31aac

HTTP Headers

GET /?itgod=761186 HTTP/1.1
Host: d3og8t183i1vbg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 152032
date: Tue, 22 Apr 2025 21:34:42 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 94251f2595ef5679fba3c952e8743886.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Z3Y5UPZyq00NVTLY6RJxFJQOcYHVZv0CaIpVG0uN6iP0L2CcwG_EDA==
X-Firefox-Spdy: h2

arnedtolethi.com/anJpT1hFTQo8ZQgfDQM9BB4LF2tTPz1+bTIXAicVPEMndgtaGU87MQ5PUHthUkRdaSgDFlR+YEwBHS4sHwFUfn4DHA8gZUwEVH52WlxbYW1MB1R+fh4CCChlW1QZOywGT1h4bF9BXHhuUkFceW8

104.21.48.1

204 No Content

0 B

URL GET
arnedtolethi.com/anJpT1hFTQo8ZQgfDQM9BB4LF2tTPz1+bTIXAicVPEMndgtaGU87MQ5PUHthUkRdaSgDFlR+YEwBHS4sHwFUfn4DHA8gZUwEVH52WlxbYW1MB1R+fh4CCChlW1QZOywGT1h4bF9BXHhuUkFceW8
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /anJpT1hFTQo8ZQgfDQM9BB4LF2tTPz1+bTIXAicVPEMndgtaGU87MQ5PUHthUkRdaSgDFlR+YEwBHS4sHwFUfn4DHA8gZUwEVH52WlxbYW1MB1R+fh4CCChlW1QZOywGT1h4bF9BXHhuUkFceW8 HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 22 Apr 2025 21:34:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93483f37bc9a0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.buthehads-serving.com/n337/ad/250x250_Q9KZuyHG.png

23.33.119.211

200 OK

30 kB

URL GET
static.buthehads-serving.com/n337/ad/250x250_Q9KZuyHG.png
IP
23.33.119.211:443
ASN
#20940 Akamai International B.V.

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectstatic.buthehads-serving.com
Fingerprint39:CF:91:AD:AA:C7:1C:CA:5E:89:CD:90:AF:9C:83:1D:89:F9:11:03
ValidityWed, 09 Apr 2025 10:42:34 GMT - Tue, 08 Jul 2025 10:42:33 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
30 kB (29780 bytes)
Hash
1133d3aaa0866ea57a5b44ecccd3283b
96417ace0d02687e054a2fba6c9cb197162eb0ea
62aee0fd8036247bfc2fca571d6e6328621f8639e4d939807cb555111f6bd039

HTTP Headers

GET /n337/ad/250x250_Q9KZuyHG.png HTTP/1.1
Host: static.buthehads-serving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 29780
Last-Modified: Tue, 11 Apr 2023 12:57:12 GMT
ETag: "64355928-7454"
Accept-Ranges: bytes
Cache-Control: max-age=63666
Expires: Wed, 23 Apr 2025 15:15:55 GMT
Date: Tue, 22 Apr 2025 21:34:49 GMT
Connection: keep-alive
X-Forward-Proto: http
CDN-Origin-Protocol: HTTP

megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css

94.242.53.111

200 OK

59 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (58929), with CRLF line terminators
Size
59 kB (59119 bytes)
Hash
879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-e6ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js

94.242.53.111

200 OK

14 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-3626"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 472944
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

94.242.53.111

200 OK

80 kB

URL User Request GET
megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (51982)
Size
80 kB (79460 bytes)
Hash
9fc876918581d6a131d8929a61d1ace0
cb76d1de665941fc45d8fed9dc064cf4c0f853d9
37118ec6ba5fec5ef718869d1bff8d69ace9a81bb05a192a9cf0ff006e22b1f2

HTTP Headers

GET /7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e; expires=Wed, 23 Apr 2025 21:34:41 GMT; Max-Age=86400; path=/; domain=megaup.net; secure; HttpOnly; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
access-control-allow-origin: https://megaup.net
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, no-cache, private
date: Tue, 22 Apr 2025 21:34:41 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/images/logo/logo.png

94.242.53.111

200 OK

5.9 kB

URL GET
megaup.net/themes/spirit/assets/images/logo/logo.png
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5900 bytes)
Hash
fa360a47a62ae74a0a3d8c0f3e6f7f12
168c72a918b04b735f8e0f8a72223a16f0eda358
1d3a3c84dd36871d1009693761f441537117d5ee62c8e775d7d52c77d4c46de4

HTTP Headers

GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: image/png
content-length: 5900
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
vary: Accept-Encoding
etag: "67a6e29c-170c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 472944
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tomlldahehun.org/multi?cs=QmlEbzhyX3VfDXpbc1oNdltyXQ0&abt=0&red=1&sm=76&k=schedule%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_MBGF=1745357685448&crc=1

143.204.55.77

200 OK

15 B

URL GET
tomlldahehun.org/multi?cs=QmlEbzhyX3VfDXpbc1oNdltyXQ0&abt=0&red=1&sm=76&k=schedule%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_MBGF=1745357685448&crc=1
IP
143.204.55.77:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerAmazon
Subjecttomlldahehun.org
Fingerprint6B:F0:7B:63:2B:19:E1:74:83:15:1A:BF:1B:B4:E6:71:68:14:57:3D
ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
d39207bea620cffa8e65d3b12e8f1547
220ebce5a61ee5d771133e1cd20c469443ccfd76
f058a19c34ccdfbb47e68ba58b254ffa5d774fdaeeaa0b1fb9f19d3c055c0a21

HTTP Headers

GET /multi?cs=QmlEbzhyX3VfDXpbc1oNdltyXQ0&abt=0&red=1&sm=76&k=schedule%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_MBGF=1745357685448&crc=1 HTTP/1.1
Host: tomlldahehun.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain
content-length: 41
date: Tue, 22 Apr 2025 21:34:46 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=VDal2r6Gqoo3BD8wsvBbcdMjsKur63APGdyR62feiCDrPH7/j/QilmsD3dH7FkOjtJK8XkeRJ1exSzAEN6BWqkWmiV9OQ+VODTcjdhnqsCLiUAyGpe67pxtUc5LJ; Expires=Tue, 29 Apr 2025 21:34:46 GMT; Path=/
AWSALBCORS=VDal2r6Gqoo3BD8wsvBbcdMjsKur63APGdyR62feiCDrPH7/j/QilmsD3dH7FkOjtJK8XkeRJ1exSzAEN6BWqkWmiV9OQ+VODTcjdhnqsCLiUAyGpe67pxtUc5LJ; Expires=Tue, 29 Apr 2025 21:34:46 GMT; Path=/; SameSite=None
csu=10698ca9-e855-4209-bf46-2f3f1a76f5b1
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9UcAQKn4WM-tju7FDenCd5_4y6-yyJfIjpFdcZYTNbBeWva5GqwCJw==
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/stack-interface.css

94.242.53.111

200 OK

3.2 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.2 kB (3160 bytes)
Hash
4541b29b6040bc31b760f98e914fd1d7
0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-c58"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css

94.242.53.111

200 OK

3.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
3.9 kB (3889 bytes)
Hash
30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f31"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/flickity.css

94.242.53.111

200 OK

2.5 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/flickity.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2521 bytes)
Hash
244d315064064270eabbbb7ac9f6c700
21ad53d3efbb40154293190173ee0c497ed7651c
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-9d9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

arnedtolethi.com/RzNzVXVoDBAmSCQBBwQ7EkMwAhgschUAIyRSMh9QdXEiAwUocR0YUzNaF2hNdQZKZERhQxoxSHQBVSYBJkcGJkh1A0NiUy5dFTpIdRUFaEVpCl1nW3EVBmhEYUcDNBJ6AlUlATNfTmRCcwZAYEJxC0BhTH8

104.21.48.1

204 No Content

0 B

URL GET
arnedtolethi.com/RzNzVXVoDBAmSCQBBwQ7EkMwAhgschUAIyRSMh9QdXEiAwUocR0YUzNaF2hNdQZKZERhQxoxSHQBVSYBJkcGJkh1A0NiUy5dFTpIdRUFaEVpCl1nW3EVBmhEYUcDNBJ6AlUlATNfTmRCcwZAYEJxC0BhTH8
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /RzNzVXVoDBAmSCQBBwQ7EkMwAhgschUAIyRSMh9QdXEiAwUocR0YUzNaF2hNdQZKZERhQxoxSHQBVSYBJkcGJkh1A0NiUy5dFTpIdRUFaEVpCl1nW3EVBmhEYUcDNBJ6AlUlATNfTmRCcwZAYEJxC0BhTH8 HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 22 Apr 2025 21:34:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93483f379c650b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/theme.css

94.242.53.111

200 OK

207 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/theme.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
207 kB (206626 bytes)
Hash
06cc8983a538a05dddf526b3b7e732aa
2414173a1660589ebbba8bdc6e3d1237df6063db
27e49bfa89404d352fa4627719f2a9a3ea5c2759c2bc74e7567ff98b5a996758

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 18:30:52 GMT
vary: Accept-Encoding
etag: W/"67ab975c-32722"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 472944
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tomlldahehun.org/floater?cs=YUE4elZQcAFPYVd2AE1iU3AASW8&abt=0&red=1&sm=83&k=schedule%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_0KhI=1745357685434&crc=1

143.204.55.77

200 OK

6.8 kB

URL GET
tomlldahehun.org/floater?cs=YUE4elZQcAFPYVd2AE1iU3AASW8&abt=0&red=1&sm=83&k=schedule%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_0KhI=1745357685434&crc=1
IP
143.204.55.77:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerAmazon
Subjecttomlldahehun.org
Fingerprint6B:F0:7B:63:2B:19:E1:74:83:15:1A:BF:1B:B4:E6:71:68:14:57:3D
ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT

File type
ASCII text, with very long lines (6795), with no line terminators
Size
6.8 kB (6795 bytes)
Hash
ebcd4e59f0992526e499c25794a324ec
f91e996af0508cd97b626e3b2c84255a6cb7ded4
8b831c436d008b124812ccca05ce9c31dabfc0711c6228ff734f9749c381ff5b

HTTP Headers

GET /floater?cs=YUE4elZQcAFPYVd2AE1iU3AASW8&abt=0&red=1&sm=83&k=schedule%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F7d5815495eb070fb7f5c4a9ec727df38%2FSchedule.I.v0.3.4f8-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_0KhI=1745357685434&crc=1 HTTP/1.1
Host: tomlldahehun.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 4123
date: Tue, 22 Apr 2025 21:34:46 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=Xym9eyAA0v/nk/xtrWfDAhApeXygaY5j5fJfCGPVZOdusHhvh713NgoV+a4aMCtkZJwTeoskpqDiUaAjXdFflWns7KjXkIOUJkSFGp4PCuKyCajzblxSe5hQwtmu; Expires=Tue, 29 Apr 2025 21:34:46 GMT; Path=/
AWSALBCORS=Xym9eyAA0v/nk/xtrWfDAhApeXygaY5j5fJfCGPVZOdusHhvh713NgoV+a4aMCtkZJwTeoskpqDiUaAjXdFflWns7KjXkIOUJkSFGp4PCuKyCajzblxSe5hQwtmu; Expires=Tue, 29 Apr 2025 21:34:46 GMT; Path=/; SameSite=None
csu=783f7016-d4ba-40ea-bedf-76e58d9ce245
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e4pyQtwXZIrLBh7gfSOiGRa4WxdXMhORNuveiDCganrPRjWUjCI2BQ==
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.35

200 OK

19 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19280, version 1.0
Size
19 kB (19280 bytes)
Hash
386fb59be54b2d819064af98e57cc226
9e2d14d736be97ec84bfca3513558450cd6e3249
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

HTTP Headers

GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 09:21:29 GMT
expires: Fri, 17 Apr 2026 09:21:29 GMT
cache-control: public, max-age=31536000
age: 475995
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.112.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
183 B (183 bytes)
Hash
607f8a53dbf072834a28425fae6b0084
a64f05fe0b51691778ebf447e3664bfbd78cbe42
30032743c9cc551853d7e87cd9335dd20bb136932179fcb7f8136b2f5e9033ba

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Tue, 22 Apr 2025 21:34:46 GMT
content-type: text/html
server: cloudflare
cf-cache-status: DYNAMIC
cf-ray: 93483f40eb55b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rnmop.com/ie?v=4&c=7lijNspibKnUeijMGKpCCXYAXQ_87Y0XpRW4Rhvst9ryd5eoASx2G2oSIUY_mdODxsYMM67CJBMSvnS0fMEKhy4KzrEDVtHpjmrKI1niIxwqppy66nVLo6vvXRMHeZ7t8TwGAEy4R9gz5kYD-nFFBee78Yx4brBSqA_Rsce3hUz4GtdVBcT92Z8nhAcHvn4R2G_F-VALMKfsMa78ifD27h1pZdrikkGrpIL0n8mSxi080pFm_Hc4rSiJrKnO4QNgvlnM_twH6IerTO1_a_3pdm2Fojfyy4mFXS4YTVlntNw-IgNNHxwllrp99QgLAdlTMjOYmbUyfM8-2itkFeTHiTfYyZx59hCuIqC8b8gTA2yaSRT3eY6J8o3HJUG8e0TK1jl9x9KyQn_yDSAXtWc62fCyLKhyY2KjII-0YftWUxr6cW7o43NYautLkPDkC5jf-lpyxJN9xRQhXufbyHFoQr05PuBihxZV&v1=79&v2=71516

138.201.194.90

301 Moved Permanently

59 kB

URL GET
rnmop.com/ie?v=4&c=7lijNspibKnUeijMGKpCCXYAXQ_87Y0XpRW4Rhvst9ryd5eoASx2G2oSIUY_mdODxsYMM67CJBMSvnS0fMEKhy4KzrEDVtHpjmrKI1niIxwqppy66nVLo6vvXRMHeZ7t8TwGAEy4R9gz5kYD-nFFBee78Yx4brBSqA_Rsce3hUz4GtdVBcT92Z8nhAcHvn4R2G_F-VALMKfsMa78ifD27h1pZdrikkGrpIL0n8mSxi080pFm_Hc4rSiJrKnO4QNgvlnM_twH6IerTO1_a_3pdm2Fojfyy4mFXS4YTVlntNw-IgNNHxwllrp99QgLAdlTMjOYmbUyfM8-2itkFeTHiTfYyZx59hCuIqC8b8gTA2yaSRT3eY6J8o3HJUG8e0TK1jl9x9KyQn_yDSAXtWc62fCyLKhyY2KjII-0YftWUxr6cW7o43NYautLkPDkC5jf-lpyxJN9xRQhXufbyHFoQr05PuBihxZV&v1=79&v2=71516
IP
138.201.194.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
FingerprintE0:1D:F6:81:34:02:68:16:68:12:1A:02:F1:F0:73:EE:D7:49:2D:3B
ValidityTue, 11 Feb 2025 10:57:43 GMT - Mon, 12 May 2025 10:57:42 GMT

File type

Size
59 kB (59035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=7lijNspibKnUeijMGKpCCXYAXQ_87Y0XpRW4Rhvst9ryd5eoASx2G2oSIUY_mdODxsYMM67CJBMSvnS0fMEKhy4KzrEDVtHpjmrKI1niIxwqppy66nVLo6vvXRMHeZ7t8TwGAEy4R9gz5kYD-nFFBee78Yx4brBSqA_Rsce3hUz4GtdVBcT92Z8nhAcHvn4R2G_F-VALMKfsMa78ifD27h1pZdrikkGrpIL0n8mSxi080pFm_Hc4rSiJrKnO4QNgvlnM_twH6IerTO1_a_3pdm2Fojfyy4mFXS4YTVlntNw-IgNNHxwllrp99QgLAdlTMjOYmbUyfM8-2itkFeTHiTfYyZx59hCuIqC8b8gTA2yaSRT3eY6J8o3HJUG8e0TK1jl9x9KyQn_yDSAXtWc62fCyLKhyY2KjII-0YftWUxr6cW7o43NYautLkPDkC5jf-lpyxJN9xRQhXufbyHFoQr05PuBihxZV&v1=79&v2=71516 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Tue, 22 Apr 2025 21:34:52 GMT
content-length: 0
location: https://img.vmmcdn.com/get/1684855/238426_icon.png
x-app-id: 14

img.vmmcdn.com/get/1684855/238426_icon.png

46.4.121.113

200 OK

59 kB

URL GET
img.vmmcdn.com/get/1684855/238426_icon.png
IP
46.4.121.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
Fingerprint80:06:97:89:A7:1D:CD:83:B1:41:F8:CA:CE:6A:15:04:EB:BE:E6:BF
ValidityTue, 15 Apr 2025 20:58:33 GMT - Mon, 14 Jul 2025 20:58:32 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
59 kB (59035 bytes)
Hash
669eb036e71ef2df4b1a7d3fa9e5ebb7
6a8686b1ce7276b8c6732245e340dbe38b30eb04
89edf6961767b760b3ff755a803457eee41b5f2df863cdeca95165bf4a126732

HTTP Headers

GET /get/1684855/238426_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Tue, 22 Apr 2025 21:34:53 GMT
content-type: image/png
content-length: 59035
last-modified: Sun, 18 Dec 2022 10:47:54 GMT
cache-control: public, max-age=604800
etag: "639eefda-e69b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css

94.242.53.111

200 OK

739 B

URL GET
megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
739 B (739 bytes)
Hash
a19cdfde4cca33ccafc0b8bfd518bebb
df1830e07033d0ae31288f62892121778fc7c765
a347474d3c97d5440c2f06c86c314eb1e9c2a20e2b84e8367d57743fe77a8115

HTTP Headers

GET /themes/spirit/assets/frontend/css/mu-waiting-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Mon, 17 Feb 2025 00:39:28 GMT
vary: Accept-Encoding
etag: W/"67b28540-2e3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.150.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.150.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint52:D3:F7:7E:94:6F:70:55:50:A6:EA:38:4B:15:DF:91:54:96:59:82
ValidityMon, 31 Mar 2025 08:56:30 GMT - Mon, 23 Jun 2025 08:56:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:GzOL14HgmUdru8R7yskTXgwEPSddQg:0RagIa0hhVsXwjzH; Expires=Thu, 22-Apr-2027 21:34:45 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Apr 2025 21:34:45 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsQBL5zOiwUJiPXaxxI-NOVJrlF01vciswUQvOGfeLs0RkCDs2ktngzildpN4I14SX6Wrvt3A
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ZnOYsXhsAGHwneoD1_7c1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

arnedtolethi.com/R2hTMU5oVzBCcxEsEWAsdgQ/cBkrCTFcBw8JFVk6HQ8VXhYAKXVFJyNVawN7flliFz4uDG4CfGEbJ1A6MhtuA353XXVYICEHbgN+d15jAX90WnYGDS8cJ0E9YlsSFHwBTWF3NioEfVM7MwA2WS8jG35CKzUeOl8paQs8XGt1LidZOyoKPVAnK01gdydiWxd7GSw7GV8hMjgnWhF3TWEHPmJbFwB5c11gBHlxUGUffHVYawB7YlplWCMgHHYCCi4LPF9rcCtlBXdwWmJue3dYawB6cU1kcn93WWYEendbZgN3dVBmBXxyUGsXOHpYfQhgdUZlFzt6RWEXOjcJNAx/YRgnRSJ6WWQFe3RdZAd2f1BqCA

104.21.48.1

204 No Content

0 B

URL POST
arnedtolethi.com/R2hTMU5oVzBCcxEsEWAsdgQ/cBkrCTFcBw8JFVk6HQ8VXhYAKXVFJyNVawN7flliFz4uDG4CfGEbJ1A6MhtuA353XXVYICEHbgN+d15jAX90WnYGDS8cJ0E9YlsSFHwBTWF3NioEfVM7MwA2WS8jG35CKzUeOl8paQs8XGt1LidZOyoKPVAnK01gdydiWxd7GSw7GV8hMjgnWhF3TWEHPmJbFwB5c11gBHlxUGUffHVYawB7YlplWCMgHHYCCi4LPF9rcCtlBXdwWmJue3dYawB6cU1kcn93WWYEendbZgN3dVBmBXxyUGsXOHpYfQhgdUZlFzt6RWEXOjcJNAx/YRgnRSJ6WWQFe3RdZAd2f1BqCA
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /R2hTMU5oVzBCcxEsEWAsdgQ/cBkrCTFcBw8JFVk6HQ8VXhYAKXVFJyNVawN7flliFz4uDG4CfGEbJ1A6MhtuA353XXVYICEHbgN+d15jAX90WnYGDS8cJ0E9YlsSFHwBTWF3NioEfVM7MwA2WS8jG35CKzUeOl8paQs8XGt1LidZOyoKPVAnK01gdydiWxd7GSw7GV8hMjgnWhF3TWEHPmJbFwB5c11gBHlxUGUffHVYawB7YlplWCMgHHYCCi4LPF9rcCtlBXdwWmJue3dYawB6cU1kcn93WWYEendbZgN3dVBmBXxyUGsXOHpYfQhgdUZlFzt6RWEXOjcJNAx/YRgnRSJ6WWQFe3RdZAd2f1BqCA HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Tue, 22 Apr 2025 21:34:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teZLRs7ShA429Q%2BTkatktPnD1kaiZTl33X2ofx7qbnYDZ30Ls6Ts%2B9BPB9qJMLlXn7BGWRrWvX3y7p25hYB519c2krjN1xUg%2BqrY6I8xVPSM20T2emboUoClDTsx8iuKL0ZX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 93483f53bb490b41-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12130&min_rtt=7044&rtt_var=5545&sent=52&recv=67&lost=0&retrans=1&sent_bytes=7470&recv_bytes=5159&delivery_rate=3769&cwnd=12000&unsent_bytes=0&cid=5b1853ad4320005f&ts=4190&x=16"

megaup.net/themes/spirit/assets/frontend/css/socicon.css

94.242.53.111

200 OK

9.8 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/socicon.css
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
9.8 kB (9838 bytes)
Hash
910a42ce112991b31b30a735f1006a5f
6c8b4769270f1c86bb1c7a6b54325465395ba614
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:42 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-266e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/img/background.jpg

94.242.53.111

200 OK

86 kB

URL GET
megaup.net/themes/spirit/assets/frontend/img/background.jpg
IP
94.242.53.111:443
ASN
#43317 SIA VEESP

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerSectigo Limited
Subject*.megaup.net
Fingerprint9F:EA:CB:17:3E:61:7E:D0:A0:8D:E9:C3:CB:DD:EE:6D:C5:EC:80:3E
ValidityTue, 22 Oct 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3
Size
86 kB (86513 bytes)
Hash
1b0874b56457a14258e3bd22805266c6
26ff3d095376d43cb78388e700707cdaf6ac75eb
5c5e0d52eb281e1ceae07f53c931982e8e014b9a535df9c98246157167e29285

HTTP Headers

GET /themes/spirit/assets/frontend/img/background.jpg HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=t39rhg1h2i2od9h6ulu5ksiv1e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 22 Apr 2025 21:34:43 GMT
content-type: image/jpeg
content-length: 86513
last-modified: Tue, 11 Feb 2025 07:35:38 GMT
vary: Accept-Encoding
etag: "67aafdca-151f1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

142.250.74.35

200 OK

25 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24984, version 1.0
Size
25 kB (24984 bytes)
Hash
303a79d404d97ccbb3d803088fc387d8
66e3525b79a1a58a63fe0934f31676dd40c7f033
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 09:31:51 GMT
expires: Fri, 17 Apr 2026 09:31:51 GMT
cache-control: public, max-age=31536000
age: 475373
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

arnedtolethi.com/UHhqYUJ/RwkSfzIvXzQWYE0JOXBhTg83NgoaIgl0CElTEiQYG0wVKzRFUlN3aUlbRzI5HFdScHYLHgA2JQtXUGQ5FgwOf3YOV1FsaVZYT3R2DVdQZCQICwZ/YV4aFTY8RVtWdmVLX1Z0aEteVnI

104.21.48.1

204 No Content

0 B

URL GET
arnedtolethi.com/UHhqYUJ/RwkSfzIvXzQWYE0JOXBhTg83NgoaIgl0CElTEiQYG0wVKzRFUlN3aUlbRzI5HFdScHYLHgA2JQtXUGQ5FgwOf3YOV1FsaVZYT3R2DVdQZCQICwZ/YV4aFTY8RVtWdmVLX1Z0aEteVnI
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectarnedtolethi.com
FingerprintC5:54:97:8F:C7:ED:79:F4:04:A1:F8:96:76:CE:A9:D9:2A:87:31:90
ValidityFri, 04 Apr 2025 11:53:24 GMT - Thu, 03 Jul 2025 12:52:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /UHhqYUJ/RwkSfzIvXzQWYE0JOXBhTg83NgoaIgl0CElTEiQYG0wVKzRFUlN3aUlbRzI5HFdScHYLHgA2JQtXUGQ5FgwOf3YOV1FsaVZYT3R2DVdQZCQICwZ/YV4aFTY8RVtWdmVLX1Z0aEteVnI HTTP/1.1
Host: arnedtolethi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 22 Apr 2025 21:34:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93483f379c660b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

undefined/M0F0RzNSIxcqDFJ8FmFGQS1JYgF1ZEYBVwAuE39HAnlHLgJFIxNpUF8uASNVQS4aMx1dJABiAXUZJixleA4hc194KCYhUGcIBwtUYXMQD3FJAjx+VH0VHCR4ezIbCwIHNzk9ZVgXDTRKajg2DHpgJkUjAGInFx9pCyMNKH5XOT4lel11JAxLC3ckBHUAAiMgQnkCJiJQAQATDXVDOxB1fkEZJz8EUBYMCWNaKgEjA0QmPS5yQBQ3Bll6FgwKfwAyGw1mfi8/LlhBCTwwclAGJQ1SABNFHlgHLz8Edl8VHnZZV3IEH3xeD0ciVFtkRgVSexcCBFRLKxB0HkMOPj5bSSccPwpxBjZzcGcbAyRkCwowAH0AJB80B2pyLQtwe3ANJgBcEBV0YQINIjBHfxIEMXBEKUQja0ALEilXAiQMPwtXKDktYEoyEwxZeiISBnEDJCV2VFcsOWIBdQM8fxVZMhspQw4MJXAABRcQDQFrIxh/eVI

0.0.0.0

0 B

URL GET
undefined/M0F0RzNSIxcqDFJ8FmFGQS1JYgF1ZEYBVwAuE39HAnlHLgJFIxNpUF8uASNVQS4aMx1dJABiAXUZJixleA4hc194KCYhUGcIBwtUYXMQD3FJAjx+VH0VHCR4ezIbCwIHNzk9ZVgXDTRKajg2DHpgJkUjAGInFx9pCyMNKH5XOT4lel11JAxLC3ckBHUAAiMgQnkCJiJQAQATDXVDOxB1fkEZJz8EUBYMCWNaKgEjA0QmPS5yQBQ3Bll6FgwKfwAyGw1mfi8/LlhBCTwwclAGJQ1SABNFHlgHLz8Edl8VHnZZV3IEH3xeD0ciVFtkRgVSexcCBFRLKxB0HkMOPj5bSSccPwpxBjZzcGcbAyRkCwowAH0AJB80B2pyLQtwe3ANJgBcEBV0YQINIjBHfxIEMXBEKUQja0ALEilXAiQMPwtXKDktYEoyEwxZeiISBnEDJCV2VFcsOWIBdQM8fxVZMhspQw4MJXAABRcQDQFrIxh/eVI
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /M0F0RzNSIxcqDFJ8FmFGQS1JYgF1ZEYBVwAuE39HAnlHLgJFIxNpUF8uASNVQS4aMx1dJABiAXUZJixleA4hc194KCYhUGcIBwtUYXMQD3FJAjx+VH0VHCR4ezIbCwIHNzk9ZVgXDTRKajg2DHpgJkUjAGInFx9pCyMNKH5XOT4lel11JAxLC3ckBHUAAiMgQnkCJiJQAQATDXVDOxB1fkEZJz8EUBYMCWNaKgEjA0QmPS5yQBQ3Bll6FgwKfwAyGw1mfi8/LlhBCTwwclAGJQ1SABNFHlgHLz8Edl8VHnZZV3IEH3xeD0ciVFtkRgVSexcCBFRLKxB0HkMOPj5bSSccPwpxBjZzcGcbAyRkCwowAH0AJB80B2pyLQtwe3ANJgBcEBV0YQINIjBHfxIEMXBEKUQja0ALEilXAiQMPwtXKDktYEoyEwxZeiISBnEDJCV2VFcsOWIBdQM8fxVZMhspQw4MJXAABRcQDQFrIxh/eVI HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

565 B

URL GET
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text
Size
565 B (565 bytes)
Hash
736c83e15fc300de505f6ce9762a9396
31c0f11ada78e92970ff42d990116d77c169c6d7
c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Apr 2025 21:34:42 GMT
date: Tue, 22 Apr 2025 21:34:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

undefined/UUx2VGwwLhU5UzBxFHIZIyBLcV4XaUQSCGIjEWwYYHRFPV0nLhF6Dz0jAzAKIyMYIEI/KQJxXhc7FzoAAikuGSYXJgEyOBN4JxoHAwcuPy4gGEYwIRIfNzcqBy8jGhRlHz4jAGkKDg0JCTYRHyQQHTw2G2gAOS49NwkkFQoZHjMwPCsFOBM9KRo+MyFjHjMaIRcYOwwqFygQGhQyHSBkBGELNDclAwssMi42ODMEFAgGNyw5dH40EyoLFSZmCAkdRm0gCCAzES0pL0QSCwAWLhMuGwQkYQ8ICRoXOz0oHwwpECMuEy4bDjcZNAsJRwM7BThFB1wcHyJmQQsvJxcEMhUzPy4ZCg48IxQGLAA0KQYhP1UdFR5gOxIeP200FAkFB14bBSdlHBgVHTw7BgkdZCkQCSYcFmEOIDgLdH4wDVwhBCQRAGEIM2EOdyYFOwIhcQBsPRwBHjcZNQ8SGDQlBwM

0.0.0.0

0 B

URL GET
undefined/UUx2VGwwLhU5UzBxFHIZIyBLcV4XaUQSCGIjEWwYYHRFPV0nLhF6Dz0jAzAKIyMYIEI/KQJxXhc7FzoAAikuGSYXJgEyOBN4JxoHAwcuPy4gGEYwIRIfNzcqBy8jGhRlHz4jAGkKDg0JCTYRHyQQHTw2G2gAOS49NwkkFQoZHjMwPCsFOBM9KRo+MyFjHjMaIRcYOwwqFygQGhQyHSBkBGELNDclAwssMi42ODMEFAgGNyw5dH40EyoLFSZmCAkdRm0gCCAzES0pL0QSCwAWLhMuGwQkYQ8ICRoXOz0oHwwpECMuEy4bDjcZNAsJRwM7BThFB1wcHyJmQQsvJxcEMhUzPy4ZCg48IxQGLAA0KQYhP1UdFR5gOxIeP200FAkFB14bBSdlHBgVHTw7BgkdZCkQCSYcFmEOIDgLdH4wDVwhBCQRAGEIM2EOdyYFOwIhcQBsPRwBHjcZNQ8SGDQlBwM
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/7d5815495eb070fb7f5c4a9ec727df38/Schedule.I.v0.3.4f8-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /UUx2VGwwLhU5UzBxFHIZIyBLcV4XaUQSCGIjEWwYYHRFPV0nLhF6Dz0jAzAKIyMYIEI/KQJxXhc7FzoAAikuGSYXJgEyOBN4JxoHAwcuPy4gGEYwIRIfNzcqBy8jGhRlHz4jAGkKDg0JCTYRHyQQHTw2G2gAOS49NwkkFQoZHjMwPCsFOBM9KRo+MyFjHjMaIRcYOwwqFygQGhQyHSBkBGELNDclAwssMi42ODMEFAgGNyw5dH40EyoLFSZmCAkdRm0gCCAzES0pL0QSCwAWLhMuGwQkYQ8ICRoXOz0oHwwpECMuEy4bDjcZNAsJRwM7BThFB1wcHyJmQQsvJxcEMhUzPy4ZCg48IxQGLAA0KQYhP1UdFR5gOxIeP200FAkFB14bBSdlHBgVHTw7BgkdZCkQCSYcFmEOIDgLdH4wDVwhBCQRAGEIM2EOdyYFOwIhcQBsPRwBHjcZNQ8SGDQlBwM HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML