Report - megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

Report Overview

Visited public
2025-04-04 12:14:11
Tags
URL
megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Finishing URL
megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
IP / ASN
172.67.72.212
#13335 CLOUDFLARENET
Title
Schedule.I.v0.3.3f13-0xdeadcode.zip - MegaUp

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
kmtendationfore.org	unknown	2025-02-17	2025-03-31	2025-03-31	1.8 kB	12 kB	3.164.230.47
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-02	3.9 kB	291 kB	142.250.74.35
edbyherslende.org	unknown	2025-02-17	2025-04-04	2025-04-04	993 B	4.1 kB	3.164.240.3
rnmop.com	unknown	2025-02-10	2025-02-12	2025-03-28	1.8 kB	59 kB	157.90.94.146
undefined	142677	unknown	2020-01-28	2025-04-03	3.0 kB	0 B	0.0.0.0
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-02	935 B	41 kB	142.250.74.10
megaup.net	179052	2004-06-24	2017-09-01	2025-03-28	17 kB	1.8 MB	104.26.0.140
eu.xml.rexsrv.com	79338	2019-01-21	2020-02-13	2025-04-01	446 B	387 B	109.206.178.121
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2025-04-03	2.6 kB	312 kB	104.21.16.1
accounts.google.com	81	1997-09-15	2012-05-23	2025-04-02	3.7 kB	13 kB	64.233.164.84
theharityhild.buzz	unknown	2022-09-19	2022-10-20	2025-04-02	574 B	0 B	0.0.0.0
earningseriegents.org	unknown	2025-02-17	2025-04-04	2025-04-04	7.0 kB	3.8 kB	104.21.64.1
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-02	997 B	589 kB	142.250.74.136
img.vmmcdn.com	36292	2019-11-26	2019-11-26	2025-03-28	416 B	60 kB	138.201.51.142
334.mbvnclickipp2.xyz	unknown	2024-06-21	2025-01-05	2025-03-26	2.3 kB	516 B	136.243.78.216

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-04 12:13:52	medium	136.243.78.216	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2025-04-04 12:13:52	medium	136.243.78.216	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-04	medium	undefined	Sinkholed
2025-04-04	medium	undefined	Sinkholed
2025-04-04	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (40)

	URL	From	Size	First Seen	Last Seen
	megaup.net/sw.js	ScriptElement	103 kB	2023-03-09	2025-05-14
Pretty URL megaup.net/sw.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:12 Last Seen2025-05-14 19:40 Times Seen2957 Hash 9ee51131e416458b88d6da4e6e6959ca a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4 db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-15 03:07 Times Seen342102 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e5421za200&tag_exp=102788824~102803279~102813109~102887799~102926062~102975949~103016951~103021830~103027016	ScriptElement	323 kB	2025-04-04	2025-04-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e5421za200&tag_exp=102788824~102803279~102813109~102887799~102926062~102975949~103016951~103021830~103027016 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-04 12:14 Last Seen2025-04-04 12:14 Times Seen1 Hash 0bf32721a5afcfae93c05e92f8220caa 912c98e7b6c4904bcd018baf2db7baffc7489e31 7f867ee2a9d0bef6ede8b58bb9a326d71e2a7367cdbb94c041ad58b3b52d55a3 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1283 Hash c9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	ScriptElement	44 B	2023-03-07	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen3600 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	ScriptElement	1.4 kB	2025-04-04	2025-04-04
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-04 12:14 Last Seen2025-04-04 12:14 Times Seen1 Hash e7f9cf949ee81b231b8da11260da5aa9 3af772fc05e260d9bb0f5017d6617bd181d35491 ff9f0ac857be7afe2880db70ee1b5def58b5efa9c9eddc778bce4f3c0c9664ee Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/typed.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen3976 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	14 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1297 Hash 0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843 Loading...

	www.googletagmanager.com/gtag/js?id=UA-108868042-1	ScriptElement	264 kB	2025-04-04	2025-04-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-108868042-1 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-04 12:14 Last Seen2025-04-04 12:14 Times Seen1 Hash 64c405206e2b3bd0b2cb63ad53688f74 720187d0fab0031671563551cc5705b06b1786bf afbe69b3e9db9f457f89057f294f56a5a6a9c8f827908fa2375b9a58f90f354e Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/sandbox%20eval%20code		147 B	2023-04-11	2025-05-15
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-15 03:07 Times Seen342916 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	d33bakhpv0qxhf.cloudfront.net/9QzZXQkogWTkkdTdfM399dQdmenxlRiUnLH5bMiUrNkZ5LC83ED0xJS1Gag4oJ0wVcngGeB1kPjlSanJsL1c5JXdlUzkhd3IQNiYofgJxNjosXWo0KTVYJjg+M1UlZD8iCzotMCpaOyNvcXBibHpmBGdqPSpYMy09MBNlciQ3E2Vye3MYZ2d5ARNlcj0qWG-F2b3B0cnB6OwBjZ3kBE2VyODUTZAN7cAJ5cmNmBGclLyBdOGd4BQRnc3pzB2dzb3EGMSs4JlA4Om9xcGZxfm0GcTd3cg	ScriptElement	0 B	0001-01-01	2025-05-15
Pretty URL d33bakhpv0qxhf.cloudfront.net/9QzZXQkogWTkkdTdfM399dQdmenxlRiUnLH5bMiUrNkZ5LC83ED0xJS1Gag4oJ0wVcngGeB1kPjlSanJsL1c5JXdlUzkhd3IQNiYofgJxNjosXWo0KTVYJjg+M1UlZD8iCzotMCpaOyNvcXBibHpmBGdqPSpYMy09MBNlciQ3E2Vye3MYZ2d5ARNlcj0qWG-F2b3B0cnB6OwBjZ3kBE2VyODUTZAN7cAJ5cmNmBGclLyBdOGd4BQRnc3pzB2dzb3EGMSs4JlA4Om9xcGZxfm0GcTd3cg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-15 03:08 Times Seen4684866 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-14 19:40 Times Seen1961 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	ScriptElement	606 kB	2025-04-04	2025-04-04
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-04 12:14 Last Seen2025-04-04 12:14 Times Seen1 Hash e27a121e5375de8c2834bc9cbf5b632e bac46b3fe5a1623568c7d3dbad60aabdfb8ddda9 b04d86cd51474c39eb737fff456c43292d53b0df26b43d070704af94a660967f Loading...

	megaup.net/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	54 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/flickity.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1286 Hash 8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	21 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/datepicker.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen3360 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	megaup.net/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	115 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/scripts.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1014 Hash ce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	ScriptElement	292 B	2023-03-07	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen3925 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

	megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	70 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1291 Hash 6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f Loading...

	megaup.net/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.4 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/countdown.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1532 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	megaup.net/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	11 kB	2023-03-07	2025-05-14
Pretty URL megaup.net/themes/spirit/assets/frontend/js/granim.min.js IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-14 19:40 Times Seen1285 Hash 714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	ScriptElement	155 B	2023-03-07	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 19:40 Times Seen2858 Hash dbc6f821e8ff7c4828576a426ee2d4e8 f043b3149f201934cfc9ff603023868202ac2141 68db8c28a54f45ff784d9386fb96e04dc8131f033f5f68307876dc2f1652ea59 Loading...

	megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip	DomTimer	230 B	2025-04-01	2025-05-14
Pretty URL megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip IP 104.26.0.140 ASN #13335 CLOUDFLARENET Introduced by domTimer Embedded in HTML false Observations First Seen2025-04-01 20:54 Last Seen2025-05-14 19:40 Times Seen470 Hash 0baa56943575391187833596a8161168 3f6760ab649bdc5aca5ac72aa5a16562b14282cb db99c9ec42d22ca48c381d5b2a4d8cbcc1490c92e9b9584b657ac6f413ffb8f6 Loading...

HTTP Transactions (76)

URL IP Response Size

megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

104.26.0.140

200 OK

590 B

URL GET
megaup.net/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
590 B (590 bytes)
Hash
ed3d11830b3e136b384f2a0b8082f235
3b75f2a64d528165f108d62e8c30d464b76945d7
1aef6752088fe69a166d3a84375431e1041dde8fa3f9ccbde26accb220feb4a5

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:48 GMT
content-type: image/png
content-length: 590
cf-bgj: h2pri,csam-hash
etag: "67ae2ee8-24e"
last-modified: Thu, 13 Feb 2025 17:42:00 GMT
referrer-policy: no-referrer, strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Y%2FFy8Hg4uTUbmeZAmPE8amXp0H7%2FdM8jNuGlAncrZvCTX9%2FAWAn5WYN2iOPDv%2FUKPc2KWCjMcvzIjJz1eyEBC91wZ%2FMUowI%2BKIS7m6h1GeRdnfFmY2zpO1dg%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8cac9d6b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=844&min_rtt=422&rtt_var=463&sent=497&recv=195&lost=0&retrans=1&sent_bytes=594962&recv_bytes=4597&delivery_rate=66554037&cwnd=218&unsent_bytes=0&cid=473884aa05529f0f&ts=2721&x=0"
X-Firefox-Spdy: h2

earningseriegents.org/OGNOR3cXXC00SmFRKnUUUiUsEhxiKAx2B2kxJQI0blJ3BCZPImgzHlxednBBC1J2YQdRB3N1Th4QOiYDTRBzdlFRDSgoSh4Vc3ZZCE14d1kMRTt6Rh4XPiYQBVJoNwNMD3N2QAxQeXFPAFF5dU8N

104.21.64.1

204 No Content

0 B

URL GET
earningseriegents.org/OGNOR3cXXC00SmFRKnUUUiUsEhxiKAx2B2kxJQI0blJ3BCZPImgzHlxednBBC1J2YQdRB3N1Th4QOiYDTRBzdlFRDSgoSh4Vc3ZZCE14d1kMRTt6Rh4XPiYQBVJoNwNMD3N2QAxQeXFPAFF5dU8N
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /OGNOR3cXXC00SmFRKnUUUiUsEhxiKAx2B2kxJQI0blJ3BCZPImgzHlxednBBC1J2YQdRB3N1Th4QOiYDTRBzdlFRDSgoSh4Vc3ZZCE14d1kMRTt6Rh4XPiYQBVJoNwNMD3N2QAxQeXFPAFF5dU8N HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 04 Apr 2025 12:13:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92b0b8c49e76ca79-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eu.xml.rexsrv.com/icon?sid=30bad0daeff106dcdaa9405c5eb43174&rnd=83308374

109.206.178.121

302 Found

0 B

URL GET
eu.xml.rexsrv.com/icon?sid=30bad0daeff106dcdaa9405c5eb43174&rnd=83308374
IP
109.206.178.121:443
ASN
#50245 Serverel Inc.

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjecteu.xml.rexsrv.com
FingerprintE3:6E:62:A2:58:AB:24:DE:44:93:F3:16:8E:96:F5:23:60:2B:42:94
ValiditySat, 22 Feb 2025 04:19:23 GMT - Fri, 23 May 2025 04:19:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /icon?sid=30bad0daeff106dcdaa9405c5eb43174&rnd=83308374 HTTP/1.1
Host: eu.xml.rexsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 04 Apr 2025 12:13:52 GMT
location: https://c.adskeeper.com/c?pv=2&v=0|0|0|C65Ss6VJRTXNF2Ra9xlyAeJsFbqaTAX-hQgpEsWRDlbEa_LoE8c7XLOk6P_01uOQrfk7oeaZwwoo0_7J_qv1gjEfGcqIiHXj_Y00Vggwa6s*&cid=1741340&f=1&h2=McWJCZZsM7jqXO6rYqITMV9ODg1BPcaI6DynuIlUug4jCJjDV-_xCcOLHOVzDWEQ&rid=4407339b-114e-11f0-82d6-c4cbe1e6af52&psid=67093
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/iconsmind.css

104.26.0.140

200 OK

103 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/iconsmind.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with CRLF line terminators
Size
103 kB (102727 bytes)
Hash
c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-19147"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uWi2g%2F9pbsp%2Fufd5prgDRoa1YDq2DW0QimbGDZNpytvxeFnH6ej63Q4P1XHJhIoihBKQmaK%2Bx%2B%2BHJr%2BSKpAFbmA4w76aL0ZqPzIbcmxecoLgKf8Ech3s%2BsLlGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3dbbb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=643&min_rtt=422&rtt_var=112&sent=146&recv=91&lost=0&retrans=0&sent_bytes=167301&recv_bytes=3873&delivery_rate=39388601&cwnd=178&unsent_bytes=0&cid=473884aa05529f0f&ts=713&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/datepicker.js

104.26.0.140

200 OK

21 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/datepicker.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Size
21 kB (20975 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-51ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60fCpnjQ5mrcxVChPUTcP7Svq6g%2BEqMayEHmBRF4%2F6zS7BtTM3AjRCQvuwSDOPxB8I%2FpuFgfi%2B2vi5EEdwRf%2BDiv30wjfydlNyMde96KIg3LCx9TNbVdhIRDFaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be5dfbb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=869&min_rtt=422&rtt_var=468&sent=240&recv=130&lost=0&retrans=0&sent_bytes=272867&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=724&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/img/background.jpg

104.26.0.140

200 OK

86 kB

URL GET
megaup.net/themes/spirit/assets/frontend/img/background.jpg
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3
Size
86 kB (86513 bytes)
Hash
1b0874b56457a14258e3bd22805266c6
26ff3d095376d43cb78388e700707cdaf6ac75eb
5c5e0d52eb281e1ceae07f53c931982e8e014b9a535df9c98246157167e29285

HTTP Headers

GET /themes/spirit/assets/frontend/img/background.jpg HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: image/jpeg
content-length: 86513
cf-bgj: h2pri,csam-hash
etag: "67aafdca-151f1"
last-modified: Tue, 11 Feb 2025 07:35:38 GMT
referrer-policy: no-referrer, strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEViUsmnt2UubrpEqXFf4lwoIgzz4onYcTWEcXIilNWpHfXZ4gii6CNCMN4%2BweGJidI3UUpb5H5Iigp%2Bbhrx8CubWixxt2LIQ2FRj7ceW%2BjoC%2BHwWYJUEPsyeBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c0f9a7b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2948&min_rtt=422&rtt_var=4285&sent=365&recv=164&lost=0&retrans=0&sent_bytes=420573&recv_bytes=3975&delivery_rate=66554037&cwnd=196&unsent_bytes=0&cid=473884aa05529f0f&ts=1138&x=0"
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

104.21.16.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: binary/octet-stream
server: cloudflare
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 632710
last-modified: Fri, 28 Mar 2025 04:28:37 GMT
cf-ray: 92b0b8c46e06cab1-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

earningseriegents.org/UDFwd0R/DhMEeTRfKj0hOnc0I3c8fzMyBh9UGxwCAWQ2QBAReFYDLTQMSEVxaQBBUTQ5VU1EdnZCBBYwJUJNRmI5XxYYeXZHTUdqaR9CWXJ2RE1GYiRBERB5YRcAAzA8DEFAcGMGRk98YgZCQnY

104.21.64.1

204 No Content

0 B

URL GET
earningseriegents.org/UDFwd0R/DhMEeTRfKj0hOnc0I3c8fzMyBh9UGxwCAWQ2QBAReFYDLTQMSEVxaQBBUTQ5VU1EdnZCBBYwJUJNRmI5XxYYeXZHTUdqaR9CWXJ2RE1GYiRBERB5YRcAAzA8DEFAcGMGRk98YgZCQnY
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /UDFwd0R/DhMEeTRfKj0hOnc0I3c8fzMyBh9UGxwCAWQ2QBAReFYDLTQMSEVxaQBBUTQ5VU1EdnZCBBYwJUJNRmI5XxYYeXZHTUdqaR9CWXJ2RE1GYiRBERB5YRcAAzA8DEFAcGMGRk98YgZCQnY HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 04 Apr 2025 12:13:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bANtdu9ynvKuUbM229VeF4Z8ufF1GXA2SXSn%2B4eGpI2RLfDaLnCko%2FLT2kJyWTUOYYdZVVchlTEnwhK2d%2Fz3cjHzeBBmN0t2EuOlA5g8KQ%2Fk0I4qblyeDZS%2FagdaBlmMSiFDq8QuQFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c47e01ca79-HAM
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14604&min_rtt=14488&rtt_var=2511&sent=11&recv=14&lost=0&retrans=0&sent_bytes=3421&recv_bytes=1952&delivery_rate=298720&cwnd=255&unsent_bytes=0&cid=06c302fcb49bb4f4&ts=155&x=0"
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsmBgy8UVlqLQTUMSDzMzRYmnz0UkRXqyLUl9f3juOEfeix30ov1PVv_m9ykXY3gkQV0Abo4g

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsmBgy8UVlqLQTUMSDzMzRYmnz0UkRXqyLUl9f3juOEfeix30ov1PVv_m9ykXY3gkQV0Abo4g
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint2B:35:DB:61:55:FE:A9:5F:3D:C3:C0:C2:B9:5E:BA:4D:D1:45:81:CA
ValidityThu, 20 Mar 2025 11:20:40 GMT - Thu, 12 Jun 2025 11:20:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsmBgy8UVlqLQTUMSDzMzRYmnz0UkRXqyLUl9f3juOEfeix30ov1PVv_m9ykXY3gkQV0Abo4g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:H73dSKFucJ_fUQqJdxZGDwXNLHrQiA:gX4OLIEqyh0ILIFd;Path=/;Expires=Sun, 04-Apr-2027 12:13:48 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:48 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuFRR2vjRwZS2hwyxkwbtTlvMc6F4H83AfPT3oDSGYhYMniccjvq5wGgDEz0zN-qaDeu5ItFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S455802972%3A1743768828992170
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-1vxWqseVv61dFr9f4-htng' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 414
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rnmop.com/ie?v=4&c=0q7sxyRrUnPEWmmWI0vQcXUX3ubZuN_c7pBtw3-le2bSFvhYKqgil59Jdic5yHe-1hFHKVsu8jiNbTy6afRg3TO1Zcm2XgOlZ5iFs5Sh7ZRtwuRxnzAupEarr9KRXSxpJSDXFP-4DRg5Y-D6IFdxwUW_UNGB7A8Jg16LuBCXrqH4gZLLCP1bgqWQoZpBfn8I4TuZ9DxzOUQGTjZVUnU2ibW_ukLII-6I1KUN98ljmE2bXASj_3uikQad1oLFjwKcT1oB64BOj9P5mrsk29rf2f4-m_tOXvQBnB8e5R72Ta1PTWYcPStRpBhdBqsNli4gQk8U1qvBVlsYsOMQU1uz72Zfh26b_a1dfniNXestTQPXbM0bUFtLCp6Kl0gyc29Bc7JV_2xmDHvL-bc5adv5BeV7onY-6EjwCg1KAGpa-Yv1LFdf5VOii1PTC2UFyYHYibroWmBaScHx-e93IhgYXXRQLxvK0DhA&v1=79&v2=71516

157.90.94.146

301 Moved Permanently

59 kB

URL GET
rnmop.com/ie?v=4&c=0q7sxyRrUnPEWmmWI0vQcXUX3ubZuN_c7pBtw3-le2bSFvhYKqgil59Jdic5yHe-1hFHKVsu8jiNbTy6afRg3TO1Zcm2XgOlZ5iFs5Sh7ZRtwuRxnzAupEarr9KRXSxpJSDXFP-4DRg5Y-D6IFdxwUW_UNGB7A8Jg16LuBCXrqH4gZLLCP1bgqWQoZpBfn8I4TuZ9DxzOUQGTjZVUnU2ibW_ukLII-6I1KUN98ljmE2bXASj_3uikQad1oLFjwKcT1oB64BOj9P5mrsk29rf2f4-m_tOXvQBnB8e5R72Ta1PTWYcPStRpBhdBqsNli4gQk8U1qvBVlsYsOMQU1uz72Zfh26b_a1dfniNXestTQPXbM0bUFtLCp6Kl0gyc29Bc7JV_2xmDHvL-bc5adv5BeV7onY-6EjwCg1KAGpa-Yv1LFdf5VOii1PTC2UFyYHYibroWmBaScHx-e93IhgYXXRQLxvK0DhA&v1=79&v2=71516
IP
157.90.94.146:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectnimrute.com
FingerprintE0:1D:F6:81:34:02:68:16:68:12:1A:02:F1:F0:73:EE:D7:49:2D:3B
ValidityTue, 11 Feb 2025 10:57:43 GMT - Mon, 12 May 2025 10:57:42 GMT

File type

Size
59 kB (59035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=0q7sxyRrUnPEWmmWI0vQcXUX3ubZuN_c7pBtw3-le2bSFvhYKqgil59Jdic5yHe-1hFHKVsu8jiNbTy6afRg3TO1Zcm2XgOlZ5iFs5Sh7ZRtwuRxnzAupEarr9KRXSxpJSDXFP-4DRg5Y-D6IFdxwUW_UNGB7A8Jg16LuBCXrqH4gZLLCP1bgqWQoZpBfn8I4TuZ9DxzOUQGTjZVUnU2ibW_ukLII-6I1KUN98ljmE2bXASj_3uikQad1oLFjwKcT1oB64BOj9P5mrsk29rf2f4-m_tOXvQBnB8e5R72Ta1PTWYcPStRpBhdBqsNli4gQk8U1qvBVlsYsOMQU1uz72Zfh26b_a1dfniNXestTQPXbM0bUFtLCp6Kl0gyc29Bc7JV_2xmDHvL-bc5adv5BeV7onY-6EjwCg1KAGpa-Yv1LFdf5VOii1PTC2UFyYHYibroWmBaScHx-e93IhgYXXRQLxvK0DhA&v1=79&v2=71516 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Fri, 04 Apr 2025 12:13:55 GMT
content-length: 0
location: https://img.vmmcdn.com/get/1684855/238426_icon.png
x-app-id: 13

megaup.net/themes/spirit/assets/frontend/js/granim.min.js

104.26.0.140

200 OK

11 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/granim.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
Size
11 kB (10635 bytes)
Hash
714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-298b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCuS2G4obZCg%2FT8JftfMu%2FsMa46nSI6R%2F4O8vCWqTg6s03qa4hqbb0%2BMDOkoqMxIzmFY72eSv6W61qaKI%2F37w8GjQ9xjHH9r7TlAZhwt4l%2B1RMvJVybwI4dstTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e13b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=902&min_rtt=422&rtt_var=316&sent=306&recv=152&lost=0&retrans=0&sent_bytes=348732&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=733&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/scripts.js

104.26.0.140

200 OK

115 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/scripts.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
Size
115 kB (114862 bytes)
Hash
ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1c0ae"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hl5MGh28HdIUJtAokJJNC4x%2B2v3qjwRKsSHnPwgMMfOI0lKbLXMqDmf8TtU8sBosIxp9XXPtqv1afSHf5Q78U2M%2FKKXWBKpvb28xadq3MRIDbsfT%2BN7WpMfH0DY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e18b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=858&min_rtt=422&rtt_var=317&sent=315&recv=153&lost=0&retrans=0&sent_bytes=355467&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=735&x=0"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-108868042-1

142.250.74.136

200 OK

264 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
264 kB (263911 bytes)
Hash
64c405206e2b3bd0b2cb63ad53688f74
720187d0fab0031671563551cc5705b06b1786bf
afbe69b3e9db9f457f89057f294f56a5a6a9c8f827908fa2375b9a58f90f354e

HTTP Headers

GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Apr 2025 12:13:46 GMT
expires: Fri, 04 Apr 2025 12:13:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 93238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.vmmcdn.com/get/1684855/238426_icon.png

138.201.51.142

200 OK

59 kB

URL GET
img.vmmcdn.com/get/1684855/238426_icon.png
IP
138.201.51.142:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectimg.vmmcdn.com
FingerprintD1:4A:55:51:D2:8A:01:AB:76:9F:1B:AD:F1:F7:00:8A:F5:BF:C1:FC
ValidityFri, 14 Feb 2025 07:05:29 GMT - Thu, 15 May 2025 07:05:28 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
59 kB (59035 bytes)
Hash
669eb036e71ef2df4b1a7d3fa9e5ebb7
6a8686b1ce7276b8c6732245e340dbe38b30eb04
89edf6961767b760b3ff755a803457eee41b5f2df863cdeca95165bf4a126732

HTTP Headers

GET /get/1684855/238426_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 04 Apr 2025 12:13:56 GMT
Content-Type: image/png
Content-Length: 59035
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 10:47:54 GMT
Cache-Control: public, max-age=604800
ETag: "639eefda-e69b"
X-Proxy-Cache: HIT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Request-Headers: x-requested-with
Access-Control-Allow-Headers: x-requested-with
Accept-Ranges: bytes

earningseriegents.org/enZEQmtVSScxVikhEnY9FDR8Gi4SHhcaUh4ldhQuHBoOCTI/O2I2Ah5LfHBeQ0d1ZBsTEnlxWVwFMCMfDwV5cFtKQWIrBRwZeXBNDEt0bFJURGp0TQ9LdWQfChcjf1pcBjA2B0dHc3ZYTUB8ellNRHJy

104.21.64.1

204 No Content

0 B

URL GET
earningseriegents.org/enZEQmtVSScxVikhEnY9FDR8Gi4SHhcaUh4ldhQuHBoOCTI/O2I2Ah5LfHBeQ0d1ZBsTEnlxWVwFMCMfDwV5cFtKQWIrBRwZeXBNDEt0bFJURGp0TQ9LdWQfChcjf1pcBjA2B0dHc3ZYTUB8ellNRHJy
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /enZEQmtVSScxVikhEnY9FDR8Gi4SHhcaUh4ldhQuHBoOCTI/O2I2Ah5LfHBeQ0d1ZBsTEnlxWVwFMCMfDwV5cFtKQWIrBRwZeXBNDEt0bFJURGp0TQ9LdWQfChcjf1pcBjA2B0dHc3ZYTUB8ellNRHJy HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 04 Apr 2025 12:13:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92b0b8c47e14ca79-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kmtendationfore.org/floater?cs=THNnUkJ5Sldle3pLVGF2e0RVZHE&abt=0&red=1&sm=83&k=schedule%203f13%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=-2&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_LNSK=1743768829161&crc=1

3.164.230.47

200 OK

9.6 kB

URL GET
kmtendationfore.org/floater?cs=THNnUkJ5Sldle3pLVGF2e0RVZHE&abt=0&red=1&sm=83&k=schedule%203f13%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=-2&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_LNSK=1743768829161&crc=1
IP
3.164.230.47:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerAmazon
Subjectkmtendationfore.org
Fingerprint1D:04:BE:FF:DA:46:50:36:23:B0:DB:DE:97:5B:D1:19:8D:F3:12:0B
ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 27 Apr 2026 23:59:59 GMT

File type
ASCII text, with very long lines (9559), with no line terminators
Size
9.6 kB (9559 bytes)
Hash
c1141c8b439941960044d7554e20f2ad
37dbf7b831bd113f30ab28d345189bf9e9f0288b
1b5601b139264d75dc947233c11a7abfa68aa386d480fb9e8383a475e97df972

HTTP Headers

GET /floater?cs=THNnUkJ5Sldle3pLVGF2e0RVZHE&abt=0&red=1&sm=83&k=schedule%203f13%200xdeadcode&v=0.9.2.6&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=-2&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&aa=oi1_&_LNSK=1743768829161&crc=1 HTTP/1.1
Host: kmtendationfore.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 6640
date: Fri, 04 Apr 2025 12:13:49 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=ctbi7mPOmv0xHaUGYKIFWvA0yxTGwnwUeeNU6vK9idtK4SM+nohxAeFPv5hmv18g0I7UAiVPlx8l7PlkyqIxcYFufp5C30tg6Istc2aClFIVzuAqo2MUOLAbe8iE; Expires=Fri, 11 Apr 2025 12:13:49 GMT; Path=/
AWSALBCORS=ctbi7mPOmv0xHaUGYKIFWvA0yxTGwnwUeeNU6vK9idtK4SM+nohxAeFPv5hmv18g0I7UAiVPlx8l7PlkyqIxcYFufp5C30tg6Istc2aClFIVzuAqo2MUOLAbe8iE; Expires=Fri, 11 Apr 2025 12:13:49 GMT; Path=/; SameSite=None
csu=a85ecb59-370e-44de-ab78-ea6694b2d0ae
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1db03b964c596a103fbc1af4b6ebb7c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: VAK0QIp0FakBY6zN7S1qMPxclgPsSxt1USoANJQex8wIVrdT0cFzCg==
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuFRR2vjRwZS2hwyxkwbtTlvMc6F4H83AfPT3oDSGYhYMniccjvq5wGgDEz0zN-qaDeu5ItFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S455802972%3A1743768828992170

64.233.164.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuFRR2vjRwZS2hwyxkwbtTlvMc6F4H83AfPT3oDSGYhYMniccjvq5wGgDEz0zN-qaDeu5ItFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S455802972%3A1743768828992170
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintD9:9E:60:22:6F:83:0B:DE:8F:D6:FF:6C:5B:83:B4:22:4D:58:97:82
ValidityThu, 20 Mar 2025 11:18:50 GMT - Thu, 12 Jun 2025 11:18:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVuFRR2vjRwZS2hwyxkwbtTlvMc6F4H83AfPT3oDSGYhYMniccjvq5wGgDEz0zN-qaDeu5ItFw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S455802972%3A1743768828992170 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:49 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-gnz_3UrIJcAb1qhSipZzSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._0nmwHM1LT0.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js

104.26.0.140

200 OK

6.0 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (6203), with no line terminators
Size
6.0 kB (6028 bytes)
Hash
e2cb768d67ad989791afcb5f2865e847
3f744595f23463b6be98a9b767f17ffc513d2b2a
1c03002798c2de182a135a060de3bc4c751bf5e33163369ef266ea484037aa4e

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-178c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvQ1FWPRLM3fXwx0audVWOGF%2BHLcRarZ0S3miAkRcsFRB4Dxw3yyPnz3LfjT9Q2vuECYB33Zv03ijnNRzSWxlAaqOlnPZW%2BAsJ%2FCIAyy223O5YBZxUB1n4FAEZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e17b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=902&min_rtt=422&rtt_var=316&sent=311&recv=152&lost=0&retrans=0&sent_bytes=352191&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=733&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.35

200 OK

19 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19280, version 1.0
Size
19 kB (19280 bytes)
Hash
386fb59be54b2d819064af98e57cc226
9e2d14d736be97ec84bfca3513558450cd6e3249
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

HTTP Headers

GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 09:21:29 GMT
expires: Fri, 03 Apr 2026 09:21:29 GMT
cache-control: public, max-age=31536000
age: 96738
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ukankingwithea.com/asd100.bin

104.21.16.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 632710
last-modified: Fri, 28 Mar 2025 04:28:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex%2FSlvVSdFFvlZSKWbeUqWHeXzWQ%2Fvyi4H1wE%2B03LmoXwh9%2FUX0s65btAiA4erKrgMZniX9mH%2FWO%2F2FogYBWP4%2BUrmPY%2BcyGdPoc%2FkVF3VAR1xfRy3jlodDtaTRMA4ysEsIw7Zw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92b0b8c36c7fcab1-HAM
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14966&min_rtt=14247&rtt_var=2348&sent=13&recv=16&lost=0&retrans=0&sent_bytes=4121&recv_bytes=1568&delivery_rate=302338&cwnd=257&unsent_bytes=0&cid=00f6fd7279583d03&ts=285&x=0"
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.16.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with no line terminators
Size
183 B (183 bytes)
Hash
7320c1db3ab6706d7a944a0983212848
04882537a81a139c1c8802c77c05b863060c5dd0
7d5514f4c18b076095cba3eb17ab3be2c482b80454aab16367ed502a7d8d46c6

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6QIMLAkyI4wYwYAMJHoEg4LFreu95JDUAIjzG86uXiewKhshU1RHQWgb%2FxM8zyWId%2FcQJNiciS4%2BfeFfu4KbOmT4x7lIWAt6hIlUSvSeosvNkkrWWeTxnJof9FcEFkdvcoPrHA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c34c60cab1-HAM
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14983&min_rtt=14247&rtt_var=3086&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3295&recv_bytes=1425&delivery_rate=302338&cwnd=254&unsent_bytes=0&cid=00f6fd7279583d03&ts=261&x=0"
X-Firefox-Spdy: h2

334.mbvnclickipp2.xyz/ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o

136.243.78.216

302 Found

0 B

URL GET
334.mbvnclickipp2.xyz/ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o
IP
136.243.78.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectmbvnclickipp2.xyz
Fingerprint43:47:B5:DB:0F:97:D8:06:59:F6:28:BC:9B:67:74:3A:8C:C3:3D:56
ValidityMon, 24 Mar 2025 23:35:44 GMT - Sun, 22 Jun 2025 23:35:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o HTTP/1.1
Host: 334.mbvnclickipp2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 04 Apr 2025 12:13:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://eu.xml.rexsrv.com/icon?sid=30bad0daeff106dcdaa9405c5eb43174&rnd=83308374

megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

104.26.0.140

200 OK

620 kB

URL User Request GET
megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type

Size
620 kB (620497 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
access-control-allow-origin: https://megaup.net
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cf-cache-status: BYPASS
set-cookie: filehosting=7mvigp446687ln7oqam8iemt5o; expires=Sat, 05 Apr 2025 12:13:46 GMT; Max-Age=86400; path=/; domain=megaup.net; secure; HttpOnly; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1j%2FFh3hp08TGSJmHslxacfa872CemhzEOfYKX3yKHfKDsAnxHUz8ZppXUDk7AK0hlFtKrlEvI5KGg%2FrhNreq9z3hYAe7IXZNSbXOHDrMtXD6XK2A5ZXte3Vgn3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8ba1f41b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=5567&min_rtt=448&rtt_var=10212&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1293&delivery_rate=7387755&cwnd=254&unsent_bytes=0&cid=473884aa05529f0f&ts=428&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 10:12:20 GMT
expires: Fri, 03 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 93687
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/countdown.min.js

104.26.0.140

200 OK

5.4 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/countdown.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (5507), with no line terminators
Size
5.4 kB (5360 bytes)
Hash
0a9988ecd74ad96d83a8e257f5f5e0f1
2f85fdf86f65c0a2a477ef02af754827b7a5a069
c292f5ba20b0ba73fcd40289791f0e0be99c49d83fc5226881da97ad78e9c061

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-14f0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGM7bUUloGgyDXEEPVcsFgOHWKgpo%2FKkEaSbB3PlG3gAlNXVwbAa1iPxgqAzafNHFZbPAYvm24Syzh%2Bx4mlKVBAL3TkYi4O8nzC40ZmelPVECN1UKlc6P0LCRHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e15b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=935&min_rtt=422&rtt_var=260&sent=279&recv=144&lost=0&retrans=0&sent_bytes=319478&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=729&x=0"
X-Firefox-Spdy: h2

0.0.0.0

0 B

URL GET
334.mbvnclickipp2.xyz/ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o HTTP/1.1
Host: 334.mbvnclickipp2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

104.26.0.140

200 OK

70 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
Size
70 kB (69754 bytes)
Hash
6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1107a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdLPJmhBsEEJJo12lmpnK74xjP6fpSR8E3g9F6rHExvL58j2Mm93cytKWKxT%2Bfu76hK%2FnBDnG1LQ4AnA8mGu7QhkGW129Olw2jjF2hiKljFmRVit2ymip8tQErg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4df2b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=889&min_rtt=422&rtt_var=263&sent=283&recv=145&lost=0&retrans=0&sent_bytes=322441&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=730&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 10:12:20 GMT
expires: Fri, 03 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 93687
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint2B:35:DB:61:55:FE:A9:5F:3D:C3:C0:C2:B9:5E:BA:4D:D1:45:81:CA
ValidityThu, 20 Mar 2025 11:20:40 GMT - Thu, 12 Jun 2025 11:20:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:NKZ-YsmkU73RZMOAglac1lj8wK_Kqw:-TMkh3LovSFEW2ax; Expires=Sun, 04-Apr-2027 12:13:48 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:48 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVtRXZccPqFyNlpqUHwjD2HOvago8NBU4XHDmmhscJffE9pBFI5AqE1Zyg9qrdIweqHwvjgV9g
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-mi8WciHtzq4ir-elT32-3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e5421za200&tag_exp=102788824~102803279~102813109~102887799~102926062~102975949~103016951~103021830~103027016

142.250.74.136

200 OK

323 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e5421za200&tag_exp=102788824~102803279~102813109~102887799~102926062~102975949~103016951~103021830~103027016
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
323 kB (323394 bytes)
Hash
0bf32721a5afcfae93c05e92f8220caa
912c98e7b6c4904bcd018baf2db7baffc7489e31
7f867ee2a9d0bef6ede8b58bb9a326d71e2a7367cdbb94c041ad58b3b52d55a3

HTTP Headers

GET /gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c&gtm=457e5421za200&tag_exp=102788824~102803279~102813109~102887799~102926062~102975949~103016951~103021830~103027016 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Apr 2025 12:13:48 GMT
expires: Fri, 04 Apr 2025 12:13:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 113107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

megaup.net/themes/spirit/assets/frontend/css/socicon.css

104.26.0.140

200 OK

9.8 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/socicon.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (11480), with no line terminators
Size
9.8 kB (9838 bytes)
Hash
a2aeb76876fb10c62f38b8bb21242fc9
1d843adccd2e9b1feebf6cc09cb6766f64fa7bb3
ce98772e66c03b967c0b721551cf842b96e35f60cabf01a6a9dbdf3d80c497ff

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-266e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PAJpRoSd2L8cnNwRg3TFKFv%2BbDzsHrua3B7THU%2BjVhoxTyfL5FDdMTYbGwUeyD%2F8xTc6B9HWu3nxmJeECrmFQKomxQ1p%2ByvbPLjlLSwQk5DyHBtqHA5dbhO1U0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3db2b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=723&min_rtt=422&rtt_var=157&sent=133&recv=81&lost=0&retrans=0&sent_bytes=160719&recv_bytes=3391&delivery_rate=39388601&cwnd=176&unsent_bytes=0&cid=473884aa05529f0f&ts=707&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

104.26.0.140

200 OK

4.3 kB

URL GET
megaup.net/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: font/woff2
content-length: 4292
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-10c4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FhmY7azLr3q7nJjiWJMv1P4R8Eo1isHe10wRIZsnwlJ5%2FweareDKUo8xb73nVqCtyREVxrKz%2FddTLfJSVkHkbhc9nebjC8%2FJmwdwZwpYg%2FbXZOCRhSX0Ydjxaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c16a40b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2316&min_rtt=422&rtt_var=2732&sent=428&recv=168&lost=0&retrans=0&sent_bytes=508136&recv_bytes=4210&delivery_rate=66554037&cwnd=216&unsent_bytes=0&cid=473884aa05529f0f&ts=1209&x=0"
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.16.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with no line terminators
Size
183 B (183 bytes)
Hash
7320c1db3ab6706d7a944a0983212848
04882537a81a139c1c8802c77c05b863060c5dd0
7d5514f4c18b076095cba3eb17ab3be2c482b80454aab16367ed502a7d8d46c6

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFiVTc%2BSViTBuJ4Rg3BW0bxTsM7viE%2BpZlzz7S7IhCtJYz10mNKrLByRc0nnYvAZXHpBqWI1r56FyHhRxeRZIdXd7zl8ReQrN2%2Bgy8XDjdXiESq4f2X%2B0QbULjFxLqwv3O1ayNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c49e5fcab1-HAM
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15048&min_rtt=14247&rtt_var=654&sent=181&recv=27&lost=0&retrans=0&sent_bytes=227688&recv_bytes=1568&delivery_rate=3627592&cwnd=285&unsent_bytes=31856&cid=00f6fd7279583d03&ts=467&x=0"
X-Firefox-Spdy: h2

undefined/MzFXS3JSUzQmTVIMNW0HQV1qbkB1FGUNFgACNSoZW0EhewNLWTFlEV9eIi8UQV45P1xdVCNuQHV9NgxDAmQRCj5yWSR5EEtGEg4lAkEPDSB9azoZPXtgNHo8X2QWDjZQSR8ZQ1FhPR4RYElvISJEaDMYMFx6EyERC2gAEgZ9SGYgPHVwOQM2XwMfCRFhUwAJPXJjBm5AcX9mHT52dWMxJGVJAwYmYnoCDjQBewYnI3R1bzozYnQNBiplUBx7MBYDFRI3AlcFExVdcAYGIGNINCkhdlUwGxpLeAV5MFtmEgU0V2YaOiF2VTABBXZ1BnkgAmYuciNqXBYaJQMcEXorSkEeGUByWB8gGnR0AA0QZGcjLBdmADEZJlAAFDwrUlUAAgdrAQEjK3VZNBkldQAAJ0JnfgQCPHBJOCQWZV4lGTV9WgUnQ2d7AHooFVskJBxDDB0RFGl4Zn03aWljL0p5WD4

0.0.0.0

0 B

URL GET
undefined/MzFXS3JSUzQmTVIMNW0HQV1qbkB1FGUNFgACNSoZW0EhewNLWTFlEV9eIi8UQV45P1xdVCNuQHV9NgxDAmQRCj5yWSR5EEtGEg4lAkEPDSB9azoZPXtgNHo8X2QWDjZQSR8ZQ1FhPR4RYElvISJEaDMYMFx6EyERC2gAEgZ9SGYgPHVwOQM2XwMfCRFhUwAJPXJjBm5AcX9mHT52dWMxJGVJAwYmYnoCDjQBewYnI3R1bzozYnQNBiplUBx7MBYDFRI3AlcFExVdcAYGIGNINCkhdlUwGxpLeAV5MFtmEgU0V2YaOiF2VTABBXZ1BnkgAmYuciNqXBYaJQMcEXorSkEeGUByWB8gGnR0AA0QZGcjLBdmADEZJlAAFDwrUlUAAgdrAQEjK3VZNBkldQAAJ0JnfgQCPHBJOCQWZV4lGTV9WgUnQ2d7AHooFVskJBxDDB0RFGl4Zn03aWljL0p5WD4
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MzFXS3JSUzQmTVIMNW0HQV1qbkB1FGUNFgACNSoZW0EhewNLWTFlEV9eIi8UQV45P1xdVCNuQHV9NgxDAmQRCj5yWSR5EEtGEg4lAkEPDSB9azoZPXtgNHo8X2QWDjZQSR8ZQ1FhPR4RYElvISJEaDMYMFx6EyERC2gAEgZ9SGYgPHVwOQM2XwMfCRFhUwAJPXJjBm5AcX9mHT52dWMxJGVJAwYmYnoCDjQBewYnI3R1bzozYnQNBiplUBx7MBYDFRI3AlcFExVdcAYGIGNINCkhdlUwGxpLeAV5MFtmEgU0V2YaOiF2VTABBXZ1BnkgAmYuciNqXBYaJQMcEXorSkEeGUByWB8gGnR0AA0QZGcjLBdmADEZJlAAFDwrUlUAAgdrAQEjK3VZNBkldQAAJ0JnfgQCPHBJOCQWZV4lGTV9WgUnQ2d7AHooFVskJBxDDB0RFGl4Zn03aWljL0p5WD4 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

ukankingwithea.com/asd100.bin

104.21.16.1

200 OK

102 kB

URL GET
ukankingwithea.com/asd100.bin
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: binary/octet-stream
server: cloudflare
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 632710
last-modified: Fri, 28 Mar 2025 04:28:37 GMT
cf-ray: 92b0b8c48e4ccab1-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

104.26.0.140

200 OK

80 kB

URL GET
megaup.net/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:48 GMT
content-type: font/woff2
content-length: 80148
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: "62594310-13914"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jechGEBZwsGrCOpzvp81CSsp9wy5B%2BZlXex9rZZ6%2BJI9vhogO8Tcx7WRf2Laj69xrADLq%2FTh0uYEy%2BcaCoiW33eYhZaWLugXkJDpm1Q6YkaGkblUGOALCbAdUsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8c82d25b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2659&min_rtt=422&rtt_var=3226&sent=434&recv=172&lost=0&retrans=1&sent_bytes=512993&recv_bytes=4377&delivery_rate=66554037&cwnd=216&unsent_bytes=0&cid=473884aa05529f0f&ts=2301&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css

104.26.0.140

200 OK

77 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
77 kB (76922 bytes)
Hash
9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-12c7a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPGSvwGARnKRIKZ18kq91Jjrr5uaB%2FuSRKZmzBI6%2FSXor9cAfBlDFny2TdyCOr5RheYRy5XhjCwAqLBQNoB%2B2LXrOKDJzpZy4SRudNrlkZrtqtvp2SO3mpZVYxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3dadb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=663&min_rtt=422&rtt_var=161&sent=162&recv=98&lost=0&retrans=0&sent_bytes=184043&recv_bytes=3873&delivery_rate=39388601&cwnd=196&unsent_bytes=0&cid=473884aa05529f0f&ts=717&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css

104.26.0.140

200 OK

3.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/lightbox.min.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (4346), with no line terminators
Size
3.9 kB (3889 bytes)
Hash
569fda5171f960b5f17a7f219ebbfce8
00c5980c3d7f1186409dd7bca6efe168aaf123b5
1f1ba95edeff0d0da398b23e1ef0832985223e0d2facd1b0136c87be7bd935ea

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f31"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FbNdQIm%2F%2FDaBOTI2WsMFZRQnR5FGeKzXIZptOBcWuNpLQN1%2FJxN1zMlNowtiXB%2BbF7QwyGTjRFG7ha28mNLLSJcoahMExhL0euZu62X%2Btw7xXIat7RwoDN1Onw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3db5b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=643&min_rtt=422&rtt_var=112&sent=143&recv=91&lost=0&retrans=0&sent_bytes=165848&recv_bytes=3873&delivery_rate=39388601&cwnd=178&unsent_bytes=0&cid=473884aa05529f0f&ts=713&x=0"
X-Firefox-Spdy: h2

megaup.net/sw.js

104.26.0.140

200 OK

103 kB

URL GET
megaup.net/sw.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (103036 bytes)
Hash
9ee51131e416458b88d6da4e6e6959ca
a558b24bcf81763754e35a5fa5e46c6d6ad5f8d4
db3608f955dd3404bc375f0a0a7a5c8e23515e7ad1a0b9078c246e92e4050734

HTTP Headers

GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 22:15:30 GMT
vary: Accept-Encoding
etag: W/"63a23402-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzvJ1u9Io6u7Lh7saULaOVy5kLlGhrfMLnJlFIgQ%2BwuWAuGDCys9pnmrwZqCYjkxvCiCdWIhBv2fD1RRQRRcyiB8Uhr5MpT8Jp%2FUnpJAPm23Mc4y9Wpt7QvzJOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e19b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=6319&min_rtt=422&rtt_var=11009&sent=335&recv=156&lost=0&retrans=0&sent_bytes=380021&recv_bytes=3873&delivery_rate=66554037&cwnd=196&unsent_bytes=0&cid=473884aa05529f0f&ts=937&x=0"
X-Firefox-Spdy: h2

earningseriegents.org/TFlNOFRjZi5LaQIyA2ENfDIJXTkkDC55Fns4fHptDQEfSQIUNmtMPShkdQphdWh8HiQlPXALZmoqOVkgOSpwCmR8bmtROio2cApyOmR9Fm1ia2MOcjlkYApyOCksX2l9fz1MICBkfA9gf257AGx+YHwNYg

104.21.64.1

204 No Content

0 B

URL POST
earningseriegents.org/TFlNOFRjZi5LaQIyA2ENfDIJXTkkDC55Fns4fHptDQEfSQIUNmtMPShkdQphdWh8HiQlPXALZmoqOVkgOSpwCmR8bmtROio2cApyOmR9Fm1ia2MOcjlkYApyOCksX2l9fz1MICBkfA9gf257AGx+YHwNYg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /TFlNOFRjZi5LaQIyA2ENfDIJXTkkDC55Fns4fHptDQEfSQIUNmtMPShkdQphdWh8HiQlPXALZmoqOVkgOSpwCmR8bmtROio2cApyOmR9Fm1ia2MOcjlkYApyOCksX2l9fz1MICBkfA9gf257AGx+YHwNYg HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Fri, 04 Apr 2025 12:13:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asCu0OZgQFEM0%2FRb0jr27NtYVgHjNWRkD8H3Df2BkXy%2FP5WFaZYW5kkQsCyrG6F7pFGL5cEliCHxBtVfrcBPpTZcG0w7OpagqsWMrzHYvTjv3iN1rQHrL3FH7jG0MbuajXbyo9oixLs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 92b0b8ce6a6d62c1-HAM
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

earningseriegents.org/QTFWT2JuDjU8XwxnFAQ3LEITLjoxXQMoBi5UAQkEA1wyezgHVnA7CyUMbn1XeABnaRIoVWt8UGdCIi4WNEJrfVJxBHAmDCdea31ScQdmf1d3AnN4ISlFIj8RZAIXalAHFGQJEC9cOT9MIl47alAHWDNqUQdHc3wmdRRkeQFkAhJ/E3ZCLjYwM2Q4HycWXDsYK3FHByw6FGllOgAbRBgQAXZBFDsVchw6KlAjYhA5Chh6JygLLQRvBQYoUmM2KiQcZyckCXoAPBd5Wz8BABVIYC4EE1ZlGy1wazUiUBlWGSM4dFgQPFcSWWEVMDVGIx0aL0sXOhIEUCQ9WwpjDhwaMXsFCzoHYXt7JhNWYxZPBQcfCQY5RgMYPRR/EQ1VAAkcKFN3fSMNIRlDJwdWJmsaAyERADQoExZgORUSA1c4dyt1ZSMVWwVJLAA3EHYCJTgXZDgaUChTARAXKn0fBk93eGcENw8IbiMILHRkLToAYjwQUTRYPR4DJQA5AyQrRh0sNnBeFHlWA348djJ0XCQ8CXMIJClQJwV7Ij01fg45MwNfFHcHdGNhfTYgAAYbNRhSBhwWE0EUJwYDQCUBDigFMR4JeWRnPhQDZzo8OzJ+Gx43cEQseFAbVz59VCNuN34GJ18/ATokQiIbMxFpNAJSI2QQOy4CQWAEDnFWLyxQeHM1eCgXbmQ3DwV5IANPI1JjLgY3BBQqNHZeOBZPd3Q8OCEmAB0OJTFQexYUcH0QKwR0ZxkmC3BhAgxQFHcvFioYWDQ9DRZcFC4xInkuYgd4Ah8nBRhpDh0zDUkgBFIFWRdqUHdHZ2pRBQZvalB3R2RqUQUGZ3pTdxRhDAw0XTpqVQIHYH1RdANie1J5CGF6WnIJZX9WZ0drf0x4H2RhVGdEa2JQZ0UmLgV8AHA/FjVda35VdQJheVp5AmB/UHU

104.21.64.1

204 No Content

0 B

URL POST
earningseriegents.org/QTFWT2JuDjU8XwxnFAQ3LEITLjoxXQMoBi5UAQkEA1wyezgHVnA7CyUMbn1XeABnaRIoVWt8UGdCIi4WNEJrfVJxBHAmDCdea31ScQdmf1d3AnN4ISlFIj8RZAIXalAHFGQJEC9cOT9MIl47alAHWDNqUQdHc3wmdRRkeQFkAhJ/E3ZCLjYwM2Q4HycWXDsYK3FHByw6FGllOgAbRBgQAXZBFDsVchw6KlAjYhA5Chh6JygLLQRvBQYoUmM2KiQcZyckCXoAPBd5Wz8BABVIYC4EE1ZlGy1wazUiUBlWGSM4dFgQPFcSWWEVMDVGIx0aL0sXOhIEUCQ9WwpjDhwaMXsFCzoHYXt7JhNWYxZPBQcfCQY5RgMYPRR/EQ1VAAkcKFN3fSMNIRlDJwdWJmsaAyERADQoExZgORUSA1c4dyt1ZSMVWwVJLAA3EHYCJTgXZDgaUChTARAXKn0fBk93eGcENw8IbiMILHRkLToAYjwQUTRYPR4DJQA5AyQrRh0sNnBeFHlWA348djJ0XCQ8CXMIJClQJwV7Ij01fg45MwNfFHcHdGNhfTYgAAYbNRhSBhwWE0EUJwYDQCUBDigFMR4JeWRnPhQDZzo8OzJ+Gx43cEQseFAbVz59VCNuN34GJ18/ATokQiIbMxFpNAJSI2QQOy4CQWAEDnFWLyxQeHM1eCgXbmQ3DwV5IANPI1JjLgY3BBQqNHZeOBZPd3Q8OCEmAB0OJTFQexYUcH0QKwR0ZxkmC3BhAgxQFHcvFioYWDQ9DRZcFC4xInkuYgd4Ah8nBRhpDh0zDUkgBFIFWRdqUHdHZ2pRBQZvalB3R2RqUQUGZ3pTdxRhDAw0XTpqVQIHYH1RdANie1J5CGF6WnIJZX9WZ0drf0x4H2RhVGdEa2JQZ0UmLgV8AHA/FjVda35VdQJheVp5AmB/UHU
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /QTFWT2JuDjU8XwxnFAQ3LEITLjoxXQMoBi5UAQkEA1wyezgHVnA7CyUMbn1XeABnaRIoVWt8UGdCIi4WNEJrfVJxBHAmDCdea31ScQdmf1d3AnN4ISlFIj8RZAIXalAHFGQJEC9cOT9MIl47alAHWDNqUQdHc3wmdRRkeQFkAhJ/E3ZCLjYwM2Q4HycWXDsYK3FHByw6FGllOgAbRBgQAXZBFDsVchw6KlAjYhA5Chh6JygLLQRvBQYoUmM2KiQcZyckCXoAPBd5Wz8BABVIYC4EE1ZlGy1wazUiUBlWGSM4dFgQPFcSWWEVMDVGIx0aL0sXOhIEUCQ9WwpjDhwaMXsFCzoHYXt7JhNWYxZPBQcfCQY5RgMYPRR/EQ1VAAkcKFN3fSMNIRlDJwdWJmsaAyERADQoExZgORUSA1c4dyt1ZSMVWwVJLAA3EHYCJTgXZDgaUChTARAXKn0fBk93eGcENw8IbiMILHRkLToAYjwQUTRYPR4DJQA5AyQrRh0sNnBeFHlWA348djJ0XCQ8CXMIJClQJwV7Ij01fg45MwNfFHcHdGNhfTYgAAYbNRhSBhwWE0EUJwYDQCUBDigFMR4JeWRnPhQDZzo8OzJ+Gx43cEQseFAbVz59VCNuN34GJ18/ATokQiIbMxFpNAJSI2QQOy4CQWAEDnFWLyxQeHM1eCgXbmQ3DwV5IANPI1JjLgY3BBQqNHZeOBZPd3Q8OCEmAB0OJTFQexYUcH0QKwR0ZxkmC3BhAgxQFHcvFioYWDQ9DRZcFC4xInkuYgd4Ah8nBRhpDh0zDUkgBFIFWRdqUHdHZ2pRBQZvalB3R2RqUQUGZ3pTdxRhDAw0XTpqVQIHYH1RdANie1J5CGF6WnIJZX9WZ0drf0x4H2RhVGdEa2JQZ0UmLgV8AHA/FjVda35VdQJheVp5AmB/UHU HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Fri, 04 Apr 2025 12:13:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jv3VjlZk1Py9mraAwOtGkBYyiVBbXQV%2FFjsNQTllY3JREMqOQVNOnHGgXrsi7zI6uWM%2FE4Rpd9FT%2FoWkGFI0ql5C8phaVCsyirVIwQ0uokFHBQUpiWAjs8loNaciBK%2BBxAlQQBeH8tk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 92b0b8f95ee462c1-HAM
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

megaup.net/themes/spirit/assets/frontend/js/flickity.min.js

104.26.0.140

200 OK

54 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/flickity.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
Size
54 kB (53873 bytes)
Hash
8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-d271"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0xpBigwx3BLuO1iQ68f2J8EXD5aL6dEGNhSBiWKsizYTcklXTcwb3zIwVWwbX1jSae7f8iDy4zfmJvyGlYLJTPbaK7IikqJPvm53jufVCqiXeKeizvBMt7wt2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4df5b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=745&min_rtt=422&rtt_var=73&sent=217&recv=122&lost=0&retrans=0&sent_bytes=247790&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=720&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 10:12:20 GMT
expires: Fri, 03 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 93687
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

142.250.74.35

200 OK

25 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24984, version 1.0
Size
25 kB (24984 bytes)
Hash
303a79d404d97ccbb3d803088fc387d8
66e3525b79a1a58a63fe0934f31676dd40c7f033
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 09:31:51 GMT
expires: Fri, 03 Apr 2026 09:31:51 GMT
cache-control: public, max-age=31536000
age: 96116
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

undefined/MVN5ZXpQMRoIRVBuG0MPQz9EQEh3dksjHgJgGwQRWSMPVQtJOx9LGV08DAEcQzwXEVRfNg1ASHchGh8wYwoSICtpB0EgHFY3GyssCGYoNB5eBkonLGA6NC0wAWYfKztkNDsOMBRhPyE5YBs/IQljHxFUOVMXNA48dDQ7KAB0ADgNI2EdEQkQeyQjCzgBNEg9SXcFIQ87fBkSUS9/Eg4MLlYdSiQDZAE9Vyx0HSgrHn4/QVUyZwpJJzlWNy8fLHQdOywqYRJJUj1dZ0AkSGMRHSIofDAvPDtoBhZXPV0kSCEuaBI/VzRiHw4GImhiMxIrSSsRN0l4Kz9XV38ANw0KUglIPxFgGztVL3kWNSc9ZxsaDz9pCkgsAHMBHQwzAhE4JxQIABgjI3AKKDARdBUSQEhzAUooS3AUPzEZZB49PCx/OCg0MwIQAygtZxdNBCB0FUk8PHdiITQwAhVKHTkXOQoKFEFuKAAdSwMoFRsBFBQSEGAlHQ

0.0.0.0

0 B

URL GET
undefined/MVN5ZXpQMRoIRVBuG0MPQz9EQEh3dksjHgJgGwQRWSMPVQtJOx9LGV08DAEcQzwXEVRfNg1ASHchGh8wYwoSICtpB0EgHFY3GyssCGYoNB5eBkonLGA6NC0wAWYfKztkNDsOMBRhPyE5YBs/IQljHxFUOVMXNA48dDQ7KAB0ADgNI2EdEQkQeyQjCzgBNEg9SXcFIQ87fBkSUS9/Eg4MLlYdSiQDZAE9Vyx0HSgrHn4/QVUyZwpJJzlWNy8fLHQdOywqYRJJUj1dZ0AkSGMRHSIofDAvPDtoBhZXPV0kSCEuaBI/VzRiHw4GImhiMxIrSSsRN0l4Kz9XV38ANw0KUglIPxFgGztVL3kWNSc9ZxsaDz9pCkgsAHMBHQwzAhE4JxQIABgjI3AKKDARdBUSQEhzAUooS3AUPzEZZB49PCx/OCg0MwIQAygtZxdNBCB0FUk8PHdiITQwAhVKHTkXOQoKFEFuKAAdSwMoFRsBFBQSEGAlHQ
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MVN5ZXpQMRoIRVBuG0MPQz9EQEh3dksjHgJgGwQRWSMPVQtJOx9LGV08DAEcQzwXEVRfNg1ASHchGh8wYwoSICtpB0EgHFY3GyssCGYoNB5eBkonLGA6NC0wAWYfKztkNDsOMBRhPyE5YBs/IQljHxFUOVMXNA48dDQ7KAB0ADgNI2EdEQkQeyQjCzgBNEg9SXcFIQ87fBkSUS9/Eg4MLlYdSiQDZAE9Vyx0HSgrHn4/QVUyZwpJJzlWNy8fLHQdOywqYRJJUj1dZ0AkSGMRHSIofDAvPDtoBhZXPV0kSCEuaBI/VzRiHw4GImhiMxIrSSsRN0l4Kz9XV38ANw0KUglIPxFgGztVL3kWNSc9ZxsaDz9pCkgsAHMBHQwzAhE4JxQIABgjI3AKKDARdBUSQEhzAUooS3AUPzEZZB49PCx/OCg0MwIQAygtZxdNBCB0FUk8PHdiITQwAhVKHTkXOQoKFEFuKAAdSwMoFRsBFBQSEGAlHQ HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVvsvLZOQANh4Kv8VeYHpLUfQ5zoCpx6r-NE_831C8LxkiSmJLTMkyP0ATRQIUIreIOb6a25pA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S118398110%3A1743768828997975

64.233.164.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVvsvLZOQANh4Kv8VeYHpLUfQ5zoCpx6r-NE_831C8LxkiSmJLTMkyP0ATRQIUIreIOb6a25pA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S118398110%3A1743768828997975
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintD9:9E:60:22:6F:83:0B:DE:8F:D6:FF:6C:5B:83:B4:22:4D:58:97:82
ValidityThu, 20 Mar 2025 11:18:50 GMT - Thu, 12 Jun 2025 11:18:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVvsvLZOQANh4Kv8VeYHpLUfQ5zoCpx6r-NE_831C8LxkiSmJLTMkyP0ATRQIUIreIOb6a25pA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S118398110%3A1743768828997975 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:49 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-HPYm8OsDmnl0aZzdzVjb0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._0nmwHM1LT0.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

104.26.0.140

200 OK

536 B

URL GET
megaup.net/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
PNG image data, 57 x 57, 8-bit colormap, non-interlaced
Size
536 B (536 bytes)
Hash
0019444f6b6df5b4b5ed32b6b469caab
4232370d10ab54ef9bda57aa9dcb813036047b35
0509f6df067face535f028cd86200748952227161f8f244aa7864e7848553562

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:48 GMT
content-type: image/png
content-length: 536
cf-bgj: h2pri,csam-hash
etag: "67ae2e78-218"
last-modified: Thu, 13 Feb 2025 17:40:08 GMT
referrer-policy: no-referrer, strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Bruec2Dx%2FKvphmOITTSvegePce1HSYnlKKDMOGHSR1jITN2hjET1zYkNUmDLPvbh3aUp86j%2FGDSOvnYoiJAYaKR2%2F5K3MhibKD0BgVIdYRW%2BRdT0k4olwUX4cQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8cab9bfb4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1006&min_rtt=422&rtt_var=509&sent=494&recv=192&lost=0&retrans=1&sent_bytes=593870&recv_bytes=4597&delivery_rate=66554037&cwnd=218&unsent_bytes=0&cid=473884aa05529f0f&ts=2717&x=0"
X-Firefox-Spdy: h2

136.243.78.216

302 Found

0 B

URL GET
334.mbvnclickipp2.xyz/ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o
IP
136.243.78.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerLet's Encrypt
Subjectmbvnclickipp2.xyz
Fingerprint43:47:B5:DB:0F:97:D8:06:59:F6:28:BC:9B:67:74:3A:8C:C3:3D:56
ValidityMon, 24 Mar 2025 23:35:44 GMT - Sun, 22 Jun 2025 23:35:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ic?sid=3&data=xpLI09wh6um69S_int9IPXXJs_keWLR7lfZRVpe-uzK8-QtXmK1nywV4Ka3Sg1fJHJfdTtBkR5yGjeAz5-IDLhnxwrkgcjXOyCaVZ_yOJmciFcVq4BpT3w4YRHDT9uVddLDHUc0ItFT36z311KIksroGuWwrYhCKQ5ZjrY05KfQ2_oWr1hp31RhFJKR6BeD1NQg62IWem8Gh_FKk9pr4erO2guJ5vTGzU8fB8sPG1LJklnd_TdI2Fleth2NoOWO7fu4F7nClwhgNaUwvrGhGv2bygvmywZ75gtEHpgNPkvOrcmmX5MDNvP_gUVInFY7o HTTP/1.1
Host: 334.mbvnclickipp2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 04 Apr 2025 12:13:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://eu.xml.rexsrv.com/icon?sid=30bad0daeff106dcdaa9405c5eb43174&rnd=83308374

megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css

104.26.0.140

200 OK

59 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (58929), with CRLF line terminators
Size
59 kB (59119 bytes)
Hash
879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-e6ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0R%2FDTmmwiWE7nXC3v4v8ZoRbIKO03Yu5AIWFBTZ%2FerJLl6SL6LH6KmsfAQwdjkA6um1hFPcORZC7cpnHW4Y4CucawkRI8lJ9BBTF%2FZz1YlUJIUrm2K4jPatMzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4dc0b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=963&min_rtt=422&rtt_var=657&sent=199&recv=101&lost=0&retrans=0&sent_bytes=230522&recv_bytes=3873&delivery_rate=39388601&cwnd=180&unsent_bytes=0&cid=473884aa05529f0f&ts=718&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

104.26.0.140

200 OK

87 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86713 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-152b9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BtRTg3VNDOd2S1zufDn%2BYePgc49EuClgZOv8mMOaNnhi%2BjfT7kfyMGtgR3S%2BefA1QwtjCCI1ctJN%2BxvUab0Tq%2F8QBYMcxKiCFOu6A65tZ8e6ZBSYTc6Q2PvQok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4debb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=823&min_rtt=422&rtt_var=370&sent=248&recv=136&lost=0&retrans=0&sent_bytes=281202&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=726&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js

104.26.0.140

200 OK

14 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-3626"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHpFB2blwQ%2FEOnMNoe6Gt%2BFKJtECpIN1urfef7sgST0Rm5h47g3I3TQDslIsqjIQGlIR6p0rT%2FDV8jecoQTEdwLCSiYPzdg6LtiKOMyIl%2BZFCg7HBKuijF94%2BYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be6e14b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=917&min_rtt=422&rtt_var=253&sent=300&recv=146&lost=0&retrans=0&sent_bytes=343032&recv_bytes=3873&delivery_rate=66554037&cwnd=194&unsent_bytes=0&cid=473884aa05529f0f&ts=731&x=0"
X-Firefox-Spdy: h2

earningseriegents.org/QzNpQXFsDAoyTBZ1BTkkFF8HIBoNWzFzGTNhPgMSGnRQBisVXE81GCcOUHVIewVdZwEqV1RwSWVAHSAFNkBUcFcqXQ8uTGVFVHBfcx1bb0RlRlRwVzdDCCZMchUZNQUvDlh2RXAEX3lJcQRacEk

104.21.64.1

204 No Content

0 B

URL GET
earningseriegents.org/QzNpQXFsDAoyTBZ1BTkkFF8HIBoNWzFzGTNhPgMSGnRQBisVXE81GCcOUHVIewVdZwEqV1RwSWVAHSAFNkBUcFcqXQ8uTGVFVHBfcx1bb0RlRlRwVzdDCCZMchUZNQUvDlh2RXAEX3lJcQRacEk
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /QzNpQXFsDAoyTBZ1BTkkFF8HIBoNWzFzGTNhPgMSGnRQBisVXE81GCcOUHVIewVdZwEqV1RwSWVAHSAFNkBUcFcqXQ8uTGVFVHBfcx1bb0RlRlRwVzdDCCZMchUZNQUvDlh2RXAEX3lJcQRacEk HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 04 Apr 2025 12:13:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92b0b8c4cea7ca79-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css

104.26.0.140

200 OK

6.0 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/jquery.steps.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (6783), with no line terminators
Size
6.0 kB (6019 bytes)
Hash
626118c4eb04e35167d4bda4a48fb38c
967f7a62e92fffeb23bb7fcb1c9c3e8e815d4fa5
564e28257793342ba9736768e994a339f4690bf2dfe8b441bebe06923f77f16e

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-1783"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGSYrLdg%2FnJ3VH1kPcuMQuMm13G%2FIsaqZXzoLUNX2EyBiNAm97SJuAnqKWgw1PH1Xu4a7ygRiCIycr2hd1J6%2BC2xpIojhzCiAroB8az8yQSmWUOA2twiFequVRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3dbdb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=854&min_rtt=422&rtt_var=345&sent=210&recv=105&lost=0&retrans=0&sent_bytes=243875&recv_bytes=3873&delivery_rate=39388601&cwnd=180&unsent_bytes=0&cid=473884aa05529f0f&ts=718&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/theme.css

104.26.0.140

200 OK

207 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/theme.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
207 kB (206626 bytes)
Hash
06cc8983a538a05dddf526b3b7e732aa
2414173a1660589ebbba8bdc6e3d1237df6063db
27e49bfa89404d352fa4627719f2a9a3ea5c2759c2bc74e7567ff98b5a996758

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 18:30:52 GMT
vary: Accept-Encoding
etag: W/"67ab975c-32722"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=48ng0th7qcD%2F%2BHBjSio6w5Xg53r5x6TZ%2F7KpAozWKvZvBjH1vUxD61LHjgIbamKT93Er7GnsLdGgJ06OjZxdJdJv6thkEDQCkopbDY6n90y7L2KJXjySG0U%2BN%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4dbfb4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1049&min_rtt=422&rtt_var=893&sent=173&recv=99&lost=0&retrans=0&sent_bytes=197436&recv_bytes=3873&delivery_rate=39388601&cwnd=196&unsent_bytes=0&cid=473884aa05529f0f&ts=717&x=0"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 10:12:20 GMT
expires: Fri, 03 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 93687
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.10

200 OK

39 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
ASCII text, with very long lines (1572)
Size
39 kB (39341 bytes)
Hash
1570f79838476e473326cd7a3fb1d06b
81ce3aa01918d85e18534934cd967f35a7558f1a
f0a8682f65670a4a8fd9a982d1b3a36521a2e74d47cece7d3b1f84f262c8b51c

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Apr 2025 12:13:46 GMT
date: Fri, 04 Apr 2025 12:13:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/js/typed.min.js

104.26.0.140

200 OK

3.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/js/typed.min.js
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
JavaScript source, ASCII text, with very long lines (4016), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
774397f3c0e528c9236aa2aa52e7f00d
8827256327d046805954084e9b5002247e073ceb
d2b259a9bb83973272b1e93c242646451df16bc3860ac6c8f3689df92ad98140

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: application/javascript
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-f6d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ffh3dyRr0iCv3nOhINd%2BaX6h09vejo6X1FW2rSvalVp5x6NsgN%2Feqgd25LRFQ%2BcCD1968V3XyfI735TFib6LJwQ0zTanorWuwCBly87zEZWGZ%2FvjR1h6RiaxX9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4df8b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=834&min_rtt=422&rtt_var=110&sent=213&recv=112&lost=0&retrans=0&sent_bytes=245751&recv_bytes=3873&delivery_rate=39388601&cwnd=180&unsent_bytes=0&cid=473884aa05529f0f&ts=719&x=0"
X-Firefox-Spdy: h2

ukankingwithea.com/

104.21.16.1

500 Internal Server Error

183 B

URL GET
ukankingwithea.com/
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint02:7E:37:44:90:B9:05:B4:82:CD:5A:71:84:A1:C8:84:66:33:BC:78
ValiditySat, 01 Mar 2025 13:28:14 GMT - Fri, 30 May 2025 14:26:54 GMT

File type
HTML document, ASCII text, with no line terminators
Size
183 B (183 bytes)
Hash
7320c1db3ab6706d7a944a0983212848
04882537a81a139c1c8802c77c05b863060c5dd0
7d5514f4c18b076095cba3eb17ab3be2c482b80454aab16367ed502a7d8d46c6

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
date: Fri, 04 Apr 2025 12:13:47 GMT
content-type: text/html
server: cloudflare
cf-cache-status: DYNAMIC
cf-ray: 92b0b8c46e0bcab1-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint2B:35:DB:61:55:FE:A9:5F:3D:C3:C0:C2:B9:5E:BA:4D:D1:45:81:CA
ValidityThu, 20 Mar 2025 11:20:40 GMT - Thu, 12 Jun 2025 11:20:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:H1MZSr2TPuLYubGlnad6_rKHSt4y7g:IsCVgnzx6ZWekKg0; Expires=Sun, 04-Apr-2027 12:13:48 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:48 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXH0vVsmBgy8UVlqLQTUMSDzMzRYmnz0UkRXqyLUl9f3juOEfeix30ov1PVv_m9ykXY3gkQV0Abo4g
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-CJTOy_ZmzsCkbCMRhcSsFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kmtendationfore.org/multi?cs=NUVBMzYNcHELAAxycQAFAX11Agc&abt=0&red=1&sm=76&k=schedule%203f13%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=-2&fs=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_Zt8n=1743768829181&crc=1

3.164.230.47

200 OK

15 B

URL GET
kmtendationfore.org/multi?cs=NUVBMzYNcHELAAxycQAFAX11Agc&abt=0&red=1&sm=76&k=schedule%203f13%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=-2&fs=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_Zt8n=1743768829181&crc=1
IP
3.164.230.47:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerAmazon
Subjectkmtendationfore.org
Fingerprint1D:04:BE:FF:DA:46:50:36:23:B0:DB:DE:97:5B:D1:19:8D:F3:12:0B
ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 27 Apr 2026 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
d39207bea620cffa8e65d3b12e8f1547
220ebce5a61ee5d771133e1cd20c469443ccfd76
f058a19c34ccdfbb47e68ba58b254ffa5d774fdaeeaa0b1fb9f19d3c055c0a21

HTTP Headers

GET /multi?cs=NUVBMzYNcHELAAxycQAFAX11Agc&abt=0&red=1&sm=76&k=schedule%203f13%200xdeadcode&v=1.0.60.4&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=-2&fs=1&mbkb=110.98779134295228&ref=https%3A%2F%2Fmegaup.net%2Fc0805c6ceb60ac4473d2725392c238b4%2FSchedule.I.v0.3.3f13-0xdeadcode.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_Zt8n=1743768829181&crc=1 HTTP/1.1
Host: kmtendationfore.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain
content-length: 41
date: Fri, 04 Apr 2025 12:13:49 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=VN2IvGkHdcfdOPXc0JJ5BduW0HDXD9ZathcqT+JWhD59yJlm6ZB6FRnJ52qPt264X8OZ3wLgdxw5DDrSCvOEg0vXXohjJF1mg9NaMAC23751dyvtBnS33t903zzm; Expires=Fri, 11 Apr 2025 12:13:49 GMT; Path=/
AWSALBCORS=VN2IvGkHdcfdOPXc0JJ5BduW0HDXD9ZathcqT+JWhD59yJlm6ZB6FRnJ52qPt264X8OZ3wLgdxw5DDrSCvOEg0vXXohjJF1mg9NaMAC23751dyvtBnS33t903zzm; Expires=Fri, 11 Apr 2025 12:13:49 GMT; Path=/; SameSite=None
csu=6d353c1b-0934-4c29-bfb7-d660b00b7727
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1db03b964c596a103fbc1af4b6ebb7c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: MZ0MHm4hAS5fTJnT-XYlZml-IWOvsCmahN8wzW0jnCIm3B13cy320Q==
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/flickity.css

104.26.0.140

200 OK

2.5 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/flickity.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (2779), with no line terminators
Size
2.5 kB (2521 bytes)
Hash
4040ddc4592357aa95e5b03666bb80b6
b191ec1fcbdba4b6226b810d2642e7f2bf0a62b1
9d0cf79eed67f5ec9cb724a396f7dd7f11e3bce37ae2b1b60605fdf3b873ac08

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-9d9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sBYJyU1PxJJSIHelkWL%2BZ52s0%2BxOjIB82tKKnJP8XOkwi1OwRBInB8BmFDd3VoDHfrW3fyCRua0EkJnVHHCtoV1IGCJi4YlhUz6jb4z6%2B1Bn%2BDs5PKr%2FZZ1HBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3db8b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=646&min_rtt=422&rtt_var=143&sent=140&recv=90&lost=0&retrans=0&sent_bytes=164608&recv_bytes=3873&delivery_rate=39388601&cwnd=176&unsent_bytes=0&cid=473884aa05529f0f&ts=707&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/custom.css

104.26.0.140

200 OK

8.9 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/custom.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (9784), with no line terminators
Size
8.9 kB (8936 bytes)
Hash
c50f9610960dafcc645bf7eb021524a8
e5785e9f90fb01ff449433f699ef3758f1f5783b
67ee3e100881d490b2e95cfd8f03574ab24d95bcc8effa11b9726188249b8dae

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Tue, 11 Feb 2025 19:56:14 GMT
vary: Accept-Encoding
etag: W/"67abab5e-22e8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsfNjRXAzsn3pXjYJCGrToj41Et2wVWjRcEijuqzhT6CXL65CYZcc9xzpvD0LhFWbFceV9qbc7D1p4wZQpo51MlGlWnniC65thNXzJG20ADl%2F3znbmcbiPWSsdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4dc1b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=702&min_rtt=422&rtt_var=48&sent=229&recv=128&lost=0&retrans=0&sent_bytes=262576&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=721&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css

104.26.0.140

200 OK

739 B

URL GET
megaup.net/themes/spirit/assets/frontend/css/mu-waiting-upload.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
ASCII text, with very long lines (817), with no line terminators
Size
739 B (739 bytes)
Hash
581dfeffe488c736df5f5405cf0dd175
f04eeb2da59fccaf703f5430cae7cd469ece1ebd
6331340282e34137079cbc55d211e8cbfd95970de3e8cdd414c3bc1714940f63

HTTP Headers

GET /themes/spirit/assets/frontend/css/mu-waiting-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Mon, 17 Feb 2025 00:39:28 GMT
vary: Accept-Encoding
etag: W/"67b28540-2e3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OF1yyfssk0U0lyQao6%2F6i%2BDYizdOHy%2FdpuPTKp49dZ1CXNeqr%2BzHAXlW3b2KPFnS303cYLh25MoYUdvhinQ8l53cIV22gTLJ7nhVUyBNYZMLwCF0shxZnbiUYpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4dc2b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=663&min_rtt=422&rtt_var=161&sent=159&recv=98&lost=0&retrans=0&sent_bytes=183159&recv_bytes=3873&delivery_rate=39388601&cwnd=196&unsent_bytes=0&cid=473884aa05529f0f&ts=717&x=0"
X-Firefox-Spdy: h2

earningseriegents.org/WktvdUN1dAwGfj8cJT8XHTMiInA2fDkgejsuAUwaDic5QiY2c0kBKj52V0d2Y3peUzMzL1JGcXw4GxQ3LzhSR3NqfUkcLTwkUkVmbQhZRXJuf11QdBkjGwEzKW5cNGZoDUpHBWl4W1suOD0BFi8zKAQcMyp5QQ06IG5dMyo5blwzMDMvSkYHaW5dQyc7Pw5QcB4zHzkKanIYHXUvJllMEAUiAQF6Exs3LQkpFAQQFBYZWBklABk5BSZ3PhU+e3caGy0uEXoBDDQMfyQUcAksXhMJEgEJERcuCQQndiMMBRACIH5CPAcWIwENNCggCBYpAgQWNiIMETAMDBAmDBwFOR0eQQEqH1wCdwMZJzEXYz45EScWDycgIGoCGzMXaX0VRnJrACYeMCgkKAAULTk2HQARGlovKSgSX0AIPBpdKiwNOV4dM2l6PR0FEAA9QwE/D147Ej19XTwUPyZXMisFDSQeeio5WxAxFXkIAAlvPTsyOQ9zCTd7KRsoRA8QIAMbJwUfCzxxHCcKAStoBQA6FBV8CQB3HHwBNi8tIwg7Ig88GQcEMgwZRyEjLBkYOi0RWEAkLg4nBSQUGwQDDCgoAhgbbwYrOzUKFAggFRMlKSx0NW5YNnBifFtNcWJ5XEZmbQhZQ3Fpfl1Bd2pzVkJ2YnhXRnNubRlIc3RyQUdtbG0aSG5obRsFIj12XlMzLj8DSHJtf1xCdWJzXEd7bXo

104.21.64.1

204 No Content

0 B

URL POST
earningseriegents.org/WktvdUN1dAwGfj8cJT8XHTMiInA2fDkgejsuAUwaDic5QiY2c0kBKj52V0d2Y3peUzMzL1JGcXw4GxQ3LzhSR3NqfUkcLTwkUkVmbQhZRXJuf11QdBkjGwEzKW5cNGZoDUpHBWl4W1suOD0BFi8zKAQcMyp5QQ06IG5dMyo5blwzMDMvSkYHaW5dQyc7Pw5QcB4zHzkKanIYHXUvJllMEAUiAQF6Exs3LQkpFAQQFBYZWBklABk5BSZ3PhU+e3caGy0uEXoBDDQMfyQUcAksXhMJEgEJERcuCQQndiMMBRACIH5CPAcWIwENNCggCBYpAgQWNiIMETAMDBAmDBwFOR0eQQEqH1wCdwMZJzEXYz45EScWDycgIGoCGzMXaX0VRnJrACYeMCgkKAAULTk2HQARGlovKSgSX0AIPBpdKiwNOV4dM2l6PR0FEAA9QwE/D147Ej19XTwUPyZXMisFDSQeeio5WxAxFXkIAAlvPTsyOQ9zCTd7KRsoRA8QIAMbJwUfCzxxHCcKAStoBQA6FBV8CQB3HHwBNi8tIwg7Ig88GQcEMgwZRyEjLBkYOi0RWEAkLg4nBSQUGwQDDCgoAhgbbwYrOzUKFAggFRMlKSx0NW5YNnBifFtNcWJ5XEZmbQhZQ3Fpfl1Bd2pzVkJ2YnhXRnNubRlIc3RyQUdtbG0aSG5obRsFIj12XlMzLj8DSHJtf1xCdWJzXEd7bXo
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /WktvdUN1dAwGfj8cJT8XHTMiInA2fDkgejsuAUwaDic5QiY2c0kBKj52V0d2Y3peUzMzL1JGcXw4GxQ3LzhSR3NqfUkcLTwkUkVmbQhZRXJuf11QdBkjGwEzKW5cNGZoDUpHBWl4W1suOD0BFi8zKAQcMyp5QQ06IG5dMyo5blwzMDMvSkYHaW5dQyc7Pw5QcB4zHzkKanIYHXUvJllMEAUiAQF6Exs3LQkpFAQQFBYZWBklABk5BSZ3PhU+e3caGy0uEXoBDDQMfyQUcAksXhMJEgEJERcuCQQndiMMBRACIH5CPAcWIwENNCggCBYpAgQWNiIMETAMDBAmDBwFOR0eQQEqH1wCdwMZJzEXYz45EScWDycgIGoCGzMXaX0VRnJrACYeMCgkKAAULTk2HQARGlovKSgSX0AIPBpdKiwNOV4dM2l6PR0FEAA9QwE/D147Ej19XTwUPyZXMisFDSQeeio5WxAxFXkIAAlvPTsyOQ9zCTd7KRsoRA8QIAMbJwUfCzxxHCcKAStoBQA6FBV8CQB3HHwBNi8tIwg7Ig88GQcEMgwZRyEjLBkYOi0RWEAkLg4nBSQUGwQDDCgoAhgbbwYrOzUKFAggFRMlKSx0NW5YNnBifFtNcWJ5XEZmbQhZQ3Fpfl1Bd2pzVkJ2YnhXRnNubRlIc3RyQUdtbG0aSG5obRsFIj12XlMzLj8DSHJtf1xCdWJzXEd7bXo HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Fri, 04 Apr 2025 12:13:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t03GKOXh2x99modRqbNFYl0BahrkDkTgQoeHilL4jm8gbYqkzZ1vSoOlZ82fcuHoQNkiJYMh9XwdI7cXY6Ux%2FTd6%2F46PXgn5t47XDID7hwRv9fJz6XAe5JcPZ6BfEYsDQLq7ddLcP6Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 92b0b8e58d1562c1-HAM
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png

104.26.0.140

200 OK

7.1 kB

URL GET
megaup.net/themes/spirit/assets/images/logo/logo-whitebg.png
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7137 bytes)
Hash
5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018

HTTP Headers

GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: image/png
content-length: 7137
cf-bgj: h2pri,csam-hash
etag: "67a6e29c-1be1"
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
referrer-policy: no-referrer, strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVce%2BSuot90tV5ji2ywp2E446D6jYCsZba1RbJx2DbwmAJrafjuIAgmwWkSQaWqug6%2FEdWyiULbQsJUf3qIrXY2%2BweyG%2FwDZ7nNcRT3jYHw%2Bm0PidVbNta8m1tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4dddb4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=869&min_rtt=422&rtt_var=468&sent=233&recv=130&lost=0&retrans=0&sent_bytes=265134&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=723&x=0"
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVtRXZccPqFyNlpqUHwjD2HOvago8NBU4XHDmmhscJffE9pBFI5AqE1Zyg9qrdIweqHwvjgV9g

64.233.164.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVtRXZccPqFyNlpqUHwjD2HOvago8NBU4XHDmmhscJffE9pBFI5AqE1Zyg9qrdIweqHwvjgV9g
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint2B:35:DB:61:55:FE:A9:5F:3D:C3:C0:C2:B9:5E:BA:4D:D1:45:81:CA
ValidityThu, 20 Mar 2025 11:20:40 GMT - Thu, 12 Jun 2025 11:20:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXH0vVtRXZccPqFyNlpqUHwjD2HOvago8NBU4XHDmmhscJffE9pBFI5AqE1Zyg9qrdIweqHwvjgV9g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:OlhUTrSu6LSn4N5CF5RC1DL451Nf0g:HKYYo1AGMCOMwIbk;Path=/;Expires=Sun, 04-Apr-2027 12:13:48 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Apr 2025 12:13:49 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXH0vVvsvLZOQANh4Kv8VeYHpLUfQ5zoCpx6r-NE_831C8LxkiSmJLTMkyP0ATRQIUIreIOb6a25pA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S118398110%3A1743768828997975
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-NoTOuFQehwuTWLKm4NhbnA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 420
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

565 B

URL GET
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
283d5dd736e10a0a1b9a4054df3d4598
26a5edb8227ac0ac198ac98dab634e7cd90dee00
71e870cc32e88d059f7d4ed2cf2d71856f78c367d48853f6fb13ad3120e1530e

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Apr 2025 12:13:46 GMT
date: Fri, 04 Apr 2025 12:13:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Apr 2025 10:12:20 GMT
expires: Fri, 03 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 93687
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

undefined/clhhVXgTOgI4RxNlA3MNADRccEo0fVMTHEFrAzQTGigXZQkKMAd7Gx43FDEeADcPIVYcPRVwSjQJM2QcRzwbABM9GgIHOxgVRGc6Og0OGxs1HioHH0MwKyILIQ1SOk46GiMANRs8ORIuMyICBzU3Dwg+FiAaUBI0MWxEZz4mMxYeMQg7MRQ/NzIgLTU7PFIQLjQ0EjIZHmAyAgEgKTITPicRGwM9IyAsLzIKAQIWPDdoJS0UNwgyGDI0HQU9MRowKgI7FSwkFwwoEg8fND8JIyUiQyAnFy9KPyQXFCATIhQzJz8FZjcjaTIXSxY1MgMTNAEMBE8nPwVmMTB1IA85QRYYBhInCQUCGzAJMBMRKBwVBjpBOw0RSTsfIzgiOQkZIUsUNBkTOiEZGBIQCjk4OC1XaicHKSRqO2UUNRo5DwEhaAUBNBsNAhAuHX1TExsZKxkXMCAyN2UbJhUMJTFUMhI6FgJlCyYTCx5YLDUGFhlg

0.0.0.0

0 B

URL GET
undefined/clhhVXgTOgI4RxNlA3MNADRccEo0fVMTHEFrAzQTGigXZQkKMAd7Gx43FDEeADcPIVYcPRVwSjQJM2QcRzwbABM9GgIHOxgVRGc6Og0OGxs1HioHH0MwKyILIQ1SOk46GiMANRs8ORIuMyICBzU3Dwg+FiAaUBI0MWxEZz4mMxYeMQg7MRQ/NzIgLTU7PFIQLjQ0EjIZHmAyAgEgKTITPicRGwM9IyAsLzIKAQIWPDdoJS0UNwgyGDI0HQU9MRowKgI7FSwkFwwoEg8fND8JIyUiQyAnFy9KPyQXFCATIhQzJz8FZjcjaTIXSxY1MgMTNAEMBE8nPwVmMTB1IA85QRYYBhInCQUCGzAJMBMRKBwVBjpBOw0RSTsfIzgiOQkZIUsUNBkTOiEZGBIQCjk4OC1XaicHKSRqO2UUNRo5DwEhaAUBNBsNAhAuHX1TExsZKxkXMCAyN2UbJhUMJTFUMhI6FgJlCyYTCx5YLDUGFhlg
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /clhhVXgTOgI4RxNlA3MNADRccEo0fVMTHEFrAzQTGigXZQkKMAd7Gx43FDEeADcPIVYcPRVwSjQJM2QcRzwbABM9GgIHOxgVRGc6Og0OGxs1HioHH0MwKyILIQ1SOk46GiMANRs8ORIuMyICBzU3Dwg+FiAaUBI0MWxEZz4mMxYeMQg7MRQ/NzIgLTU7PFIQLjQ0EjIZHmAyAgEgKTITPicRGwM9IyAsLzIKAQIWPDdoJS0UNwgyGDI0HQU9MRowKgI7FSwkFwwoEg8fND8JIyUiQyAnFy9KPyQXFCATIhQzJz8FZjcjaTIXSxY1MgMTNAEMBE8nPwVmMTB1IA85QRYYBhInCQUCGzAJMBMRKBwVBjpBOw0RSTsfIzgiOQkZIUsUNBkTOiEZGBIQCjk4OC1XaicHKSRqO2UUNRo5DwEhaAUBNBsNAhAuHX1TExsZKxkXMCAyN2UbJhUMJTFUMhI6FgJlCyYTCx5YLDUGFhlg HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

theharityhild.buzz/T3RnTXY0VhQ6KToGC29MbRwTOQY8TkhiGyoTBjgGYRoCOVk8A0knBW1YRT4bKVZdfFptBwo7VHVWU2NFbVhFORcoKw4pVHVWX35EeUdUb1ptBxIvKSYQVW9MbRJffkUsRFMvW3kRVy9bexAFfVt2QF96WylCAigTLBEELhUsEUUw

0.0.0.0

0 B

URL GET
theharityhild.buzz/T3RnTXY0VhQ6KToGC29MbRwTOQY8TkhiGyoTBjgGYRoCOVk8A0knBW1YRT4bKVZdfFptBwo7VHVWU2NFbVhFORcoKw4pVHVWX35EeUdUb1ptBxIvKSYQVW9MbRJffkUsRFMvW3kRVy9bexAFfVt2QF96WylCAigTLBEELhUsEUUw
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /T3RnTXY0VhQ6KToGC29MbRwTOQY8TkhiGyoTBjgGYRoCOVk8A0knBW1YRT4bKVZdfFptBwo7VHVWU2NFbVhFORcoKw4pVHVWX35EeUdUb1ptBxIvKSYQVW9MbRJffkUsRFMvW3kRVy9bexAFfVt2QF96WylCAigTLBEELhUsEUUw HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

edbyherslende.org/eG13alEZDxQHbhlQFUwkCgFKT2M+SEUsNUteFQs6EB0BWiAABRFEMhQCAg43CgIZHn8WCANPYz5UJhALIDwcBTYvORwBNSwJESdiQVQTOzUVCBkSPSoEIgQdMFgVJzgtHzkBC00hNFJiPSlHEhsrXDALNkwCPVomLg4ZDRYdL0YBARIBJAs/Mh47WzJNJy8OPS0XHAI1SyQmJDghAhENGwAjHQUiIDoYWhosOy4gOx9IRSgcSTgbMBVABDQQPgwgNBowNxQ5HDIgLx4IGQgANS01CT0kGgg1FEdTHDojGwk4KV4yWAcBCEQnCCJfE18QKiMbCTtIHCAtfD5fFVkTSA4ZKGc3GjUAC0sGNS9jLhQ4LgQsNzYkZhssPV8yFSMaKBYbATsTExwiMA5lOjwlBDJLHQ0oYxwXFVkUPyAkGWUyATZeHhVUDwkWIhURB2E/DiMOYhsKUQAiFwMHVx0aCQ0oYUooOSA

3.164.240.3

200 OK

3.1 kB

URL GET
edbyherslende.org/eG13alEZDxQHbhlQFUwkCgFKT2M+SEUsNUteFQs6EB0BWiAABRFEMhQCAg43CgIZHn8WCANPYz5UJhALIDwcBTYvORwBNSwJESdiQVQTOzUVCBkSPSoEIgQdMFgVJzgtHzkBC00hNFJiPSlHEhsrXDALNkwCPVomLg4ZDRYdL0YBARIBJAs/Mh47WzJNJy8OPS0XHAI1SyQmJDghAhENGwAjHQUiIDoYWhosOy4gOx9IRSgcSTgbMBVABDQQPgwgNBowNxQ5HDIgLx4IGQgANS01CT0kGgg1FEdTHDojGwk4KV4yWAcBCEQnCCJfE18QKiMbCTtIHCAtfD5fFVkTSA4ZKGc3GjUAC0sGNS9jLhQ4LgQsNzYkZhssPV8yFSMaKBYbATsTExwiMA5lOjwlBDJLHQ0oYxwXFVkUPyAkGWUyATZeHhVUDwkWIhURB2E/DiMOYhsKUQAiFwMHVx0aCQ0oYUooOSA
IP
3.164.240.3:443
ASN
#16509 AMAZON-02

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerAmazon
Subjectedbyherslende.org
Fingerprint2C:FD:47:4A:65:A0:A1:42:40:1B:9C:30:EE:B3:88:58:37:0E:58:6F
ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 27 Apr 2026 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3085), with no line terminators
Size
3.1 kB (3059 bytes)
Hash
c2dfd4675213d744f5a1013afa3b34c2
a0c97655674eb7ae25966c41167e76779dab214d
c69612db07422e08bf0b6bd7de75dbd247569b39191672cb5c01d53e156781e7

HTTP Headers

GET /eG13alEZDxQHbhlQFUwkCgFKT2M+SEUsNUteFQs6EB0BWiAABRFEMhQCAg43CgIZHn8WCANPYz5UJhALIDwcBTYvORwBNSwJESdiQVQTOzUVCBkSPSoEIgQdMFgVJzgtHzkBC00hNFJiPSlHEhsrXDALNkwCPVomLg4ZDRYdL0YBARIBJAs/Mh47WzJNJy8OPS0XHAI1SyQmJDghAhENGwAjHQUiIDoYWhosOy4gOx9IRSgcSTgbMBVABDQQPgwgNBowNxQ5HDIgLx4IGQgANS01CT0kGgg1FEdTHDojGwk4KV4yWAcBCEQnCCJfE18QKiMbCTtIHCAtfD5fFVkTSA4ZKGc3GjUAC0sGNS9jLhQ4LgQsNzYkZhssPV8yFSMaKBYbATsTExwiMA5lOjwlBDJLHQ0oYxwXFVkUPyAkGWUyATZeHhVUDwkWIhURB2E/DiMOYhsKUQAiFwMHVx0aCQ0oYUooOSA HTTP/1.1
Host: edbyherslende.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1206
date: Fri, 04 Apr 2025 12:13:47 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=Aib4atVy/HAYIzxVZwqqzDUSo+HqBn6lR/QIQWutyYqq22NJzjUx8UZ+YW3hOx/dkZ+7OgIg73EBLptyu6hpLsQoJ2qLA3d+IBlluZf7W6kvA+Jm1PaBUme/dkGW; Expires=Fri, 11 Apr 2025 12:13:47 GMT; Path=/
AWSALBCORS=Aib4atVy/HAYIzxVZwqqzDUSo+HqBn6lR/QIQWutyYqq22NJzjUx8UZ+YW3hOx/dkZ+7OgIg73EBLptyu6hpLsQoJ2qLA3d+IBlluZf7W6kvA+Jm1PaBUme/dkGW; Expires=Fri, 11 Apr 2025 12:13:47 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2d4ccfc38ee1229022124d55e34be376.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: P_Vo544GNL_UpGMogaccOtFBD3iRfhGN7hD3W0cHTgyMYp9kmKlnBA==
X-Firefox-Spdy: h2

earningseriegents.org/MUpjb2oedQAcV2cOBBY4dBAEKytnMwcoJ38IDSFPAwg6PlpwLlAmTEUjB1JdB3tSV1wXOgoLVwBsEBsLRT8QUlsXIw0JBQxsFVJbH3lXQVkHZFdJHwx7RRsaUC1eXkxBPhcDVwB9V1xdB3JbXV0De1s

104.21.64.1

204 No Content

0 B

URL GET
earningseriegents.org/MUpjb2oedQAcV2cOBBY4dBAEKytnMwcoJ38IDSFPAwg6PlpwLlAmTEUjB1JdB3tSV1wXOgoLVwBsEBsLRT8QUlsXIw0JBQxsFVJbH3lXQVkHZFdJHwx7RRsaUC1eXkxBPhcDVwB9V1xdB3JbXV0De1s
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MUpjb2oedQAcV2cOBBY4dBAEKytnMwcoJ38IDSFPAwg6PlpwLlAmTEUjB1JdB3tSV1wXOgoLVwBsEBsLRT8QUlsXIw0JBQxsFVJbH3lXQVkHZFdJHwx7RRsaUC1eXkxBPhcDVwB9V1xdB3JbXV0De1s HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 04 Apr 2025 12:13:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 92b0b8c46dfaca79-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

earningseriegents.org/V0N4Tml4fBs9VDMuKgc/EwE8FjE/KTsbKzQmSi0sBhU2eDAwDl46ADN+QHxcbnJJaBk+J0V9W3EwDC8dIjBFfFlndl4nBzEsRXxZZ3VIf11jcV15Kj83DD4acnA5a1sRZkoIWmR3ViMLIS0bIgA0KBE+GWVtADcTcnE+JwpycD49ADNmSwpacnFOKggjIl19LS8zNAdZbjQQeBw6dUEdNj4tDHcgBxsgBBoIKB0ZJQV0FCgzBRUIK0QiOTN2RAY3ICMiZi0BOT9jCBl9OjByHgQhHSUcGh0VKCp7EBApHQ8TYm4xCiU/LQA5GzwkGyQxGDo7Lz8NHAEBIzogEQgKATJMDBkDcA96MAULPBpQIhUcKiUTCy0tWR43PhpaYTlLf1gcChM9GzgEDRkeJRoQDSIGdiIkGw5zTQUPBnEnIT4lchA+WmYREAgjHBFODAwTcjYfDmFxMRkMOns/JjYRCBN3GSV3HTwmZSQNBFwhFz80PG8lOnYaBwRJAiM8LxYqNgMnMXwvOyYMJlsZLDcZJmAlDXovYC07Ih4/JDYvPCA1CgkBEDVKLBAwNRU3Hg10TSkdEgsIKScHKA4BGzQuFRZcGgc2ODkIJC0YIDkFIXkGcnQ7fVFgd0B8UWVwS2teFHVOfFpicUx6WW96T3tRZHtLfl1xNUV+R25tSmBfcTZFY1txNwgvDmpyXj4dIy9Ff15jcE94UW9wSn5bYg

104.21.64.1

204 No Content

0 B

URL POST
earningseriegents.org/V0N4Tml4fBs9VDMuKgc/EwE8FjE/KTsbKzQmSi0sBhU2eDAwDl46ADN+QHxcbnJJaBk+J0V9W3EwDC8dIjBFfFlndl4nBzEsRXxZZ3VIf11jcV15Kj83DD4acnA5a1sRZkoIWmR3ViMLIS0bIgA0KBE+GWVtADcTcnE+JwpycD49ADNmSwpacnFOKggjIl19LS8zNAdZbjQQeBw6dUEdNj4tDHcgBxsgBBoIKB0ZJQV0FCgzBRUIK0QiOTN2RAY3ICMiZi0BOT9jCBl9OjByHgQhHSUcGh0VKCp7EBApHQ8TYm4xCiU/LQA5GzwkGyQxGDo7Lz8NHAEBIzogEQgKATJMDBkDcA96MAULPBpQIhUcKiUTCy0tWR43PhpaYTlLf1gcChM9GzgEDRkeJRoQDSIGdiIkGw5zTQUPBnEnIT4lchA+WmYREAgjHBFODAwTcjYfDmFxMRkMOns/JjYRCBN3GSV3HTwmZSQNBFwhFz80PG8lOnYaBwRJAiM8LxYqNgMnMXwvOyYMJlsZLDcZJmAlDXovYC07Ih4/JDYvPCA1CgkBEDVKLBAwNRU3Hg10TSkdEgsIKScHKA4BGzQuFRZcGgc2ODkIJC0YIDkFIXkGcnQ7fVFgd0B8UWVwS2teFHVOfFpicUx6WW96T3tRZHtLfl1xNUV+R25tSmBfcTZFY1txNwgvDmpyXj4dIy9Ff15jcE94UW9wSn5bYg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectearningseriegents.org
FingerprintF2:1E:68:72:0E:2A:D4:EB:77:5B:FE:CA:F8:97:AA:8F:72:4E:E4:28
ValidityMon, 17 Feb 2025 11:02:00 GMT - Sun, 18 May 2025 11:58:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /V0N4Tml4fBs9VDMuKgc/EwE8FjE/KTsbKzQmSi0sBhU2eDAwDl46ADN+QHxcbnJJaBk+J0V9W3EwDC8dIjBFfFlndl4nBzEsRXxZZ3VIf11jcV15Kj83DD4acnA5a1sRZkoIWmR3ViMLIS0bIgA0KBE+GWVtADcTcnE+JwpycD49ADNmSwpacnFOKggjIl19LS8zNAdZbjQQeBw6dUEdNj4tDHcgBxsgBBoIKB0ZJQV0FCgzBRUIK0QiOTN2RAY3ICMiZi0BOT9jCBl9OjByHgQhHSUcGh0VKCp7EBApHQ8TYm4xCiU/LQA5GzwkGyQxGDo7Lz8NHAEBIzogEQgKATJMDBkDcA96MAULPBpQIhUcKiUTCy0tWR43PhpaYTlLf1gcChM9GzgEDRkeJRoQDSIGdiIkGw5zTQUPBnEnIT4lchA+WmYREAgjHBFODAwTcjYfDmFxMRkMOns/JjYRCBN3GSV3HTwmZSQNBFwhFz80PG8lOnYaBwRJAiM8LxYqNgMnMXwvOyYMJlsZLDcZJmAlDXovYC07Ih4/JDYvPCA1CgkBEDVKLBAwNRU3Hg10TSkdEgsIKScHKA4BGzQuFRZcGgc2ODkIJC0YIDkFIXkGcnQ7fVFgd0B8UWVwS2teFHVOfFpicUx6WW96T3tRZHtLfl1xNUV+R25tSmBfcTZFY1txNwgvDmpyXj4dIy9Ff15jcE94UW9wSn5bYg HTTP/1.1
Host: earningseriegents.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Fri, 04 Apr 2025 12:13:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsAg33PNDSOYk3cBSk23oIdajUBMgIX6i7GY%2Bc1ekeXQnRrueLYGxTjKqC3hHyau5wX7szOFAuEQREPFrOtvB8ryNiEOa2C2wYMHB9NYoD9HdGcxYubJzBbM0IRY%2BStMjfL2wbmK9D0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 92b0b8e04c6f62c1-HAM
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

0.0.0.0

0 B

URL GET
rnmop.com/ie?v=4&c=0q7sxyRrUnPEWmmWI0vQcXUX3ubZuN_c7pBtw3-le2bSFvhYKqgil59Jdic5yHe-1hFHKVsu8jiNbTy6afRg3TO1Zcm2XgOlZ5iFs5Sh7ZRtwuRxnzAupEarr9KRXSxpJSDXFP-4DRg5Y-D6IFdxwUW_UNGB7A8Jg16LuBCXrqH4gZLLCP1bgqWQoZpBfn8I4TuZ9DxzOUQGTjZVUnU2ibW_ukLII-6I1KUN98ljmE2bXASj_3uikQad1oLFjwKcT1oB64BOj9P5mrsk29rf2f4-m_tOXvQBnB8e5R72Ta1PTWYcPStRpBhdBqsNli4gQk8U1qvBVlsYsOMQU1uz72Zfh26b_a1dfniNXestTQPXbM0bUFtLCp6Kl0gyc29Bc7JV_2xmDHvL-bc5adv5BeV7onY-6EjwCg1KAGpa-Yv1LFdf5VOii1PTC2UFyYHYibroWmBaScHx-e93IhgYXXRQLxvK0DhA&v1=79&v2=71516
IP
0.0.0.0:0
ASN
#0

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ie?v=4&c=0q7sxyRrUnPEWmmWI0vQcXUX3ubZuN_c7pBtw3-le2bSFvhYKqgil59Jdic5yHe-1hFHKVsu8jiNbTy6afRg3TO1Zcm2XgOlZ5iFs5Sh7ZRtwuRxnzAupEarr9KRXSxpJSDXFP-4DRg5Y-D6IFdxwUW_UNGB7A8Jg16LuBCXrqH4gZLLCP1bgqWQoZpBfn8I4TuZ9DxzOUQGTjZVUnU2ibW_ukLII-6I1KUN98ljmE2bXASj_3uikQad1oLFjwKcT1oB64BOj9P5mrsk29rf2f4-m_tOXvQBnB8e5R72Ta1PTWYcPStRpBhdBqsNli4gQk8U1qvBVlsYsOMQU1uz72Zfh26b_a1dfniNXestTQPXbM0bUFtLCp6Kl0gyc29Bc7JV_2xmDHvL-bc5adv5BeV7onY-6EjwCg1KAGpa-Yv1LFdf5VOii1PTC2UFyYHYibroWmBaScHx-e93IhgYXXRQLxvK0DhA&v1=79&v2=71516 HTTP/1.1
Host: rnmop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

megaup.net/themes/spirit/assets/frontend/css/stack-interface.css

104.26.0.140

200 OK

3.2 kB

URL GET
megaup.net/themes/spirit/assets/frontend/css/stack-interface.css
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (3300), with no line terminators
Size
3.2 kB (3160 bytes)
Hash
14002041c2d418a3ecc6b276ae3dc062
cda0d86ede2595dbe1c3588b0ac659ec1e2392dc
84c7d996599bf5e430bdcb7093c34565b1cef2ab48fcd30cec9b4f72b28a084c

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 10:04:00 GMT
vary: Accept-Encoding
etag: W/"62594310-c58"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1uvjFc0HyU95lzX5lOYJp8s5wW3NzWVbhwiDzP%2FQuN1e1i9VhfDsNMcyXxnRBxpHVTTzpHV84LIagUcOQQIwMCH3tf%2FFg1xTrv7ikjT2iGSu0fnVOga1jTEXqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be3db1b4f9-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=646&min_rtt=422&rtt_var=143&sent=137&recv=90&lost=0&retrans=0&sent_bytes=163076&recv_bytes=3873&delivery_rate=39388601&cwnd=176&unsent_bytes=0&cid=473884aa05529f0f&ts=707&x=0"
X-Firefox-Spdy: h2

megaup.net/themes/spirit/assets/images/logo/logo.png

104.26.0.140

200 OK

5.9 kB

URL GET
megaup.net/themes/spirit/assets/images/logo/logo.png
IP
104.26.0.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
Certificate
IssuerGoogle Trust Services
Subjectmegaup.net
FingerprintD1:0D:1F:7C:74:36:FE:3E:F0:18:C3:17:61:6A:99:81:06:7C:A8:26
ValidityThu, 27 Feb 2025 16:36:48 GMT - Wed, 28 May 2025 17:30:06 GMT

File type
PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5900 bytes)
Hash
fa360a47a62ae74a0a3d8c0f3e6f7f12
168c72a918b04b735f8e0f8a72223a16f0eda358
1d3a3c84dd36871d1009693761f441537117d5ee62c8e775d7d52c77d4c46de4

HTTP Headers

GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/c0805c6ceb60ac4473d2725392c238b4/Schedule.I.v0.3.3f13-0xdeadcode.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=7mvigp446687ln7oqam8iemt5o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 04 Apr 2025 12:13:46 GMT
content-type: image/png
content-length: 5900
cf-bgj: h2pri,csam-hash
etag: "67a6e29c-170c"
last-modified: Sat, 08 Feb 2025 04:50:36 GMT
referrer-policy: no-referrer, strict-origin-when-cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zd2KyjhXKxFmzGtNlNkGCrd3PLEctGEqrkIGEzTwj%2Bze6rkALFIWyyI8bNGOWMxRGbNbJJ%2BuKnK%2Fui7D8tmNS2T1%2BlKLk1fKeGBzpswwsRv0dKFKqSj57Y8HT1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92b0b8be4de3b4f9-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=823&min_rtt=422&rtt_var=370&sent=272&recv=136&lost=0&retrans=0&sent_bytes=313070&recv_bytes=3873&delivery_rate=66554037&cwnd=192&unsent_bytes=0&cid=473884aa05529f0f&ts=726&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML