megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1NO90/m18Snc2_--_Fullindirsene.NET_--.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Sep 2022 20:03:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14955
Expires: Sun, 11 Sep 2022 00:12:52 GMT
Date: Sat, 10 Sep 2022 20:03:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 19:06:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vfseJzJobEcTUxGI9VWeFWH93K9YgOnjpNFSjWDHjnCEzEBJLy_Viw==
Age: 3407
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jG_ATp6mGSI3-SLtF3ekcj3iu_H8w3cQ8IxLlN_uCaMNeHHWsH9kyw==
age: 45985
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 2432402cea2409ee9cb09021066f7b77
41195a0bba3cadce1570f092a72a6f3da8ffc8c9
2f87fc5b58dd419324e2b7385fadfcda2288642fadf46b77598a0f4e597733ec
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:03:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 00:41:16 GMT
Expires: Fri, 16 Sep 2022 00:41:15 GMT
Etag: "41195a0bba3cadce1570f092a72a6f3da8ffc8c9"
Cache-Control: max-age=448057,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748ac49e39bab4fd-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 19:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 20:00:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cQ7i53ovtLow9AG9RmU7VThbZCOxty6WEHyug2hS7g2Pie2QKuth3Q==
Age: 450
ocsp.digicert.com/
200 OK 471 B IP
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:03:37 GMT
Last-Modified: Sat, 10 Sep 2022 18:46:31 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 4.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
Hash 8e18024d40c6a6e1f214ffc72086a12e
5e9c61337a5ab919dba1e339ed6d2f90725ac59b
078fe3e974fca0678b613144eff144e534cf217885a56f96965a41b69ddad7f1
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1615)
Hash 8c6492e75eae4e1fbaa5722f7857566e
a4348c9fddc29de4863eae5f3a61dfd36be94948
eb2e771c2b10ca56f99152c4d15f9ec84e44e85d4063e4a37edf95489f6ca548
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 20:03:37 GMT
expires: Sat, 10 Sep 2022 20:03:37 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 35 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 6748de3716679c051486a181dffab90d
d26b9680b16026ec398d97e2e39a07ca9b7cfd89
a2a3fd142284c45b40b2ccfce1c87b405e371b067531f9767dae53132bc71cc3
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 20 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
File type ASCII text, with CRLF line terminators
Hash ddd6a2545580ca5e885c36e9f7e58f42
3640240d5178fabcbd05dbb3939a6648bbf4b785
882251e260c48bded088f8eee97bfba4315c03af8f0fbb3bb1c6cd523f78a853
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 109 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
File type ASCII text, with very long lines (840)
Size 109 kB (109024 bytes)
Hash 4af0651ecd04af0e226230fb5cd55fd3
01a3ef5b4a088a1b1529ba2796bdbb641023111b
59acb124c200bb59b7fba706ed1ac0ab12242f06a460cf554625b9f064ee7274
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 20:03:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 11-Sep-2022 20:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 11-Sep-2022 20:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 20:03:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 11-Sep-2022 20:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 11-Sep-2022 20:03:37 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188795 bytes)
Hash bdbb78c7ef398fcda5c9f7d0c2db5003
386e71c9b9b4c950f87ce66d7cb172e5827ce08f
36d6d1d5dc6cb132c5ff0bf56a340c945958eaf2a3b3a3b2db0688c8876b14b9
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188795
date: Sat, 10 Sep 2022 20:03:37 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: G64_XdwmDGEGxyLOTyZ0LYxa8-NGPry9nNk0qqRMZRpFBtPAhFJFZA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
Hash 270b3bc4f1ddb838fc69f77cff6e4c36
8d3d7c7603526337d72c9e02f438a6d4f2520878
a3538d49cc8b739165d86b2a8da81ec89e1228d4cd287314ed9037e6a5b9b530
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h4C0ddU/u04D120CRKWhlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 33/RUujoRABhRWseijL0qmaV4BQ=
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 5.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 886dc87980d84fb03b1da049400044e7
9d37b18530612b7e1a9029ad24654c095a4d96fc
c6dab63146debec12e048caf9887171a64a99bafb6cb0220c7f8d0a217f560f0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 20:03:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
pectthatmye.shop/dThQaG8UWjMFUBQFMk4aB1RtTV0zHWIuCxhVKgMJEQBiHw4MVn4LAxpNNA4dGlYkRgEQTHVaKTldBwQVJm0FCS0dCCYNCEV5Fls9DGxhACwWYB4OLgJ5PSMYGW0VAQgidgFQJzp5PxwlI21pOBdEbQFaVwV/EQs6EX8dCy0NemAMKU1xFhEbQWwFUCc6az87OTR9ZCUHMHAXAhhGfREMOSV7Ai0tN08qJC0gfhUFF0ZoYRALEG8SJDgjSygMKh11ASkbEmthAwk8eyMlKiNiZww+M2oCOjUPbAUQLjYKEiQ4JH11WiksfT8HPBsBIjs6N281WzoQfBJFLhxzPBANO2AkWTwzVBQNJyNxBC0pQHEoKQ0zUWgZLiBAEixcDWgCWCEDdRU6NlNSIwcBBQUxCTw5XiQZICF0
200 OK 1.2 kB URL HTTP/2 pectthatmye.shop/dThQaG8UWjMFUBQFMk4aB1RtTV0zHWIuCxhVKgMJEQBiHw4MVn4LAxpNNA4dGlYkRgEQTHVaKTldBwQVJm0FCS0dCCYNCEV5Fls9DGxhACwWYB4OLgJ5PSMYGW0VAQgidgFQJzp5PxwlI21pOBdEbQFaVwV/EQs6EX8dCy0NemAMKU1xFhEbQWwFUCc6az87OTR9ZCUHMHAXAhhGfREMOSV7Ai0tN08qJC0gfhUFF0ZoYRALEG8SJDgjSygMKh11ASkbEmthAwk8eyMlKiNiZww+M2oCOjUPbAUQLjYKEiQ4JH11WiksfT8HPBsBIjs6N281WzoQfBJFLhxzPBANO2AkWTwzVBQNJyNxBC0pQHEoKQ0zUWgZLiBAEixcDWgCWCEDdRU6NlNSIwcBBQUxCTw5XiQZICF0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Hash 0ee784d7b9860b856852a50165c60c31
0dae6738281c4bc6b3542aa70689c1b30a844b52
a03d17f0fa56746adf0b0d089044be801d22a43f86dbb1c62f6bf9a1c270da56
GET /dThQaG8UWjMFUBQFMk4aB1RtTV0zHWIuCxhVKgMJEQBiHw4MVn4LAxpNNA4dGlYkRgEQTHVaKTldBwQVJm0FCS0dCCYNCEV5Fls9DGxhACwWYB4OLgJ5PSMYGW0VAQgidgFQJzp5PxwlI21pOBdEbQFaVwV/EQs6EX8dCy0NemAMKU1xFhEbQWwFUCc6az87OTR9ZCUHMHAXAhhGfREMOSV7Ai0tN08qJC0gfhUFF0ZoYRALEG8SJDgjSygMKh11ASkbEmthAwk8eyMlKiNiZww+M2oCOjUPbAUQLjYKEiQ4JH11WiksfT8HPBsBIjs6N281WzoQfBJFLhxzPBANO2AkWTwzVBQNJyNxBC0pQHEoKQ0zUWgZLiBAEixcDWgCWCEDdRU6NlNSIwcBBQUxCTw5XiQZICF0 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: lHqmQYF8osa43TqVzzAUclZamew0lAcPUsu36R0OciIsLr7Rhb3fwA==
X-Firefox-Spdy: h2
pectthatmye.shop/d2JDZ1AWACAKbxZfIUElBQ5+QmIxR3EhNBoPOQw2E1pxEDEODG0EPBgXJwEiGAw3ST4SFmZVFiEwFj0lLTYaChsmIwckBDIUAAs3OAEtJTQhI3YNHDVSCDAUIVUKNjMzJyoUMTFQCh4zNFsSMhQAIwsMHjQyOi0EITACFxoAIwAkYjoIAiYJOwYEJgA2NBFTMxwFETU5GBYWHzQ/LypTETMnDlQcACAHNiklVQIQIDouAAgTNSANVBExFg8lPTVSGwxhOAYLAxwhDBEANDFWCT8pBBgFDBEyBhdSByJQLx0zHBYUAxc1UhsPNDY7CzImLyMBFTQcTycmEj83KyQnLQYICh4UKzQ1YRNTdjESRDRwNGEUJQoeaBQjBSYhJwk3PzM/GjQ2FiIzDi8kEUQpFD8ZEn4oMkI1LhMiIxV1JmURGwUX
200 OK 1.2 kB URL HTTP/2 pectthatmye.shop/d2JDZ1AWACAKbxZfIUElBQ5+QmIxR3EhNBoPOQw2E1pxEDEODG0EPBgXJwEiGAw3ST4SFmZVFiEwFj0lLTYaChsmIwckBDIUAAs3OAEtJTQhI3YNHDVSCDAUIVUKNjMzJyoUMTFQCh4zNFsSMhQAIwsMHjQyOi0EITACFxoAIwAkYjoIAiYJOwYEJgA2NBFTMxwFETU5GBYWHzQ/LypTETMnDlQcACAHNiklVQIQIDouAAgTNSANVBExFg8lPTVSGwxhOAYLAxwhDBEANDFWCT8pBBgFDBEyBhdSByJQLx0zHBYUAxc1UhsPNDY7CzImLyMBFTQcTycmEj83KyQnLQYICh4UKzQ1YRNTdjESRDRwNGEUJQoeaBQjBSYhJwk3PzM/GjQ2FiIzDi8kEUQpFD8ZEn4oMkI1LhMiIxV1JmURGwUX
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3026), with no line terminators
Hash 07b2f742d5aaf8eb26d45d6b24455593
9f13d581718ff4352e8ec07f0180faca63c50cd8
d5ef8499298a5ad1f81c779b12109e2c4fb47cb3e1d9dadea905b93cb186b180
GET /d2JDZ1AWACAKbxZfIUElBQ5+QmIxR3EhNBoPOQw2E1pxEDEODG0EPBgXJwEiGAw3ST4SFmZVFiEwFj0lLTYaChsmIwckBDIUAAs3OAEtJTQhI3YNHDVSCDAUIVUKNjMzJyoUMTFQCh4zNFsSMhQAIwsMHjQyOi0EITACFxoAIwAkYjoIAiYJOwYEJgA2NBFTMxwFETU5GBYWHzQ/LypTETMnDlQcACAHNiklVQIQIDouAAgTNSANVBExFg8lPTVSGwxhOAYLAxwhDBEANDFWCT8pBBgFDBEyBhdSByJQLx0zHBYUAxc1UhsPNDY7CzImLyMBFTQcTycmEj83KyQnLQYICh4UKzQ1YRNTdjESRDRwNGEUJQoeaBQjBSYhJwk3PzM/GjQ2FiIzDi8kEUQpFD8ZEn4oMkI1LhMiIxV1JmURGwUX HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: H9WsTDY1nq3tXwer1v1AaQendR2e6eJ6sXtH6Y0Vz-Q1OAkITdDfVA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
File type ASCII text, with very long lines (23470)
Hash 2628d88efe2d9dc8f6adfecf53941df6
d2e552ab226249930b26aaa3bdd6d0120da4f903
87f9d9b0385941875202c79320f3390bd2a8aec74cb09842b066a808859b3cb0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 2.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash 8490b76ec5bdae41053a1f938214ad6a
771b1b02d47a1cd442a1d8dcfc2faf7fb6de0534
2968c2e9a967bf58b70ad1065b62bcfe842ebdb1b5fb47907bec8e5f72c9af77
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 3.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
Hash ed1a3c8d3bb8da56e6060e9e4ac7a19b
def801c3b2fd230c8625d861e200bbed81bff6ec
e4fa57a4aba423eb1fa5a81ed6f8736b1a6fa870d5b30f6fa3b18c130442de5b
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 20 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
File type ASCII text, with very long lines (768)
Hash 3023ccfc3ef173e88507d563b1940445
91ef6b5cf70dd2e3df6ce03be5c8ace3725d6eba
15177e00c96d39723c6e22e96d9763a84efc518740b747d3cc6e9521cf152c88
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
lcreatessque.xyz/aTVwcDFGChMDDCRYQQZgWXA2J10FBRUhQQtjHjIEK2MAKFIhYFYEWA0ISEIEUARBVkEAUU1DA09GBBFFHEZNQgFZAlYZXw9aTUIXHwhAXglHDF5BFxwIQVZFGVQXTQBPRQQEXVQERkYDUQFAQgFRBURH
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/aTVwcDFGChMDDCRYQQZgWXA2J10FBRUhQQtjHjIEK2MAKFIhYFYEWA0ISEIEUARBVkEAUU1DA09GBBFFHEZNQgFZAlYZXw9aTUIXHwhAXglHDF5BFxwIQVZFGVQXTQBPRQQEXVQERkYDUQFAQgFRBURH
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aTVwcDFGChMDDCRYQQZgWXA2J10FBRUhQQtjHjIEK2MAKFIhYFYEWA0ISEIEUARBVkEAUU1DA09GBBFFHEZNQgFZAlYZXw9aTUIXHwhAXglHDF5BFxwIQVZFGVQXTQBPRQQEXVQERkYDUQFAQgFRBURH HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ESSRLboe9u80kUQ%2Bc7qo1P4INXMQo81LBw%2FIsasPexXEmwiFlxasCMLiqIXe1%2FsZ%2Bv0zI5wg0W9XlgXDMrljGKm4o3PpWAs6XEwhoZej4lmztsphqdYIRIpSQDjHI8Bw0Gf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4a40de50b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 30 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1a7b0b6b7a7690cff84536f5bdc4b9f6
90cbf0a0549fcc70fdecd9c47041677ac64c98fc
15557867f5a7e8914564addf667c87d98a0b0bf4b9fc13c620c7f1e72c489d3c
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 708 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
File type ASCII text, with very long lines (1285)
Hash c63d77e0fd41daafb620c89a9735522e
89d098bde920e3bdbb810bf06abe530b1fc3737b
c7d9a559dfe55c2d4f9e6d0f72601ab12797e768dfe95f41d59d5aa496a6cb70
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
lcreatessque.xyz/Q2pyNkpsVRFFdycvOwcEcho6VS0WLysGEDkuM3g6EQQrewgEJ1RCIydXRQB7clJEEDoqDk8HbDAeE0I/MFdDECMtDB0LbDVXQxh5d0RADmRyTAcLe2UeAlctfltURj43Bk8HfHVYSgJ6cVpKBnlw
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/Q2pyNkpsVRFFdycvOwcEcho6VS0WLysGEDkuM3g6EQQrewgEJ1RCIydXRQB7clJEEDoqDk8HbDAeE0I/MFdDECMtDB0LbDVXQxh5d0RADmRyTAcLe2UeAlctfltURj43Bk8HfHVYSgJ6cVpKBnlw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Q2pyNkpsVRFFdycvOwcEcho6VS0WLysGEDkuM3g6EQQrewgEJ1RCIydXRQB7clJEEDoqDk8HbDAeE0I/MFdDECMtDB0LbDVXQxh5d0RADmRyTAcLe2UeAlctfltURj43Bk8HfHVYSgJ6cVpKBnlw HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FpRq48Wac7me%2BxLZuAqeLDGeOvJZRLjgR4RAB8%2FmA4wTwT%2Blr8d%2BKWsMu3KqgkNUG4TkdWM4r15dXKUFnEra7qjt04NqPkQs1hy8QRVpud8C455DoiZI2fUtV4rcze%2FyHyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4a3fdcd0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lcreatessque.xyz/d3BXNXFYTzRGTDg1AVkoGz0WUyclIw10CUcmAXccNEMVZyQwE3FBGBNNYANFRkRmEwEeFGoEVwQENkEEBE1mExgZFjgIVwFNZhtCQ15lDV9GViIIQFEEJ1QWSkFxRQUDHGoER0FCbwFBRUBvBUZG
204 No Content 0 B URL HTTP/2 lcreatessque.xyz/d3BXNXFYTzRGTDg1AVkoGz0WUyclIw10CUcmAXccNEMVZyQwE3FBGBNNYANFRkRmEwEeFGoEVwQENkEEBE1mExgZFjgIVwFNZhtCQ15lDV9GViIIQFEEJ1QWSkFxRQUDHGoER0FCbwFBRUBvBUZG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d3BXNXFYTzRGTDg1AVkoGz0WUyclIw10CUcmAXccNEMVZyQwE3FBGBNNYANFRkRmEwEeFGoEVwQENkEEBE1mExgZFjgIVwFNZhtCQ15lDV9GViIIQFEEJ1QWSkFxRQUDHGoER0FCbwFBRUBvBUZG HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geImNyj2qdVfIbROFj5IBKYmcs2RkZIiw2j0tyhHWHXJ4GyqYf1gwtK4b9hCm0U5oNMWZwT6NZlroEekCIaxeU5%2BzWL%2BhpoE2mIjVNXQ1dbFE158rxpvttkAogpLkADF7mWt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4a40de60b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 274 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
Size 274 kB (274036 bytes)
Hash e58e745b9bcc587ca1e5dbf328363261
939277128a58cdd8af77548dee40fb8bf77a3eb2
8be700ef2c6c5379f02e81556b631722f5a2abdb223f10e75199d0aac0d3e507
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10519
Expires: Sat, 10 Sep 2022 22:58:57 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Fri, 23 Sep 2022 09:44:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1505906
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmWjxJXaN3Oc6AQ1H%2F0jXUJBhOzMjZCfVgyXbkZ8fMTAt1eoDx4WX1r47%2BWklCPhWTIS0XMugli79bbRarAlowBfh7qBADJWcsC%2Fu%2FjgapEzdI0WUQd9rBDg23Ob8p8w2yPUCY8B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ac4a51974b506-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 65 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash 3b3a4abd8c48f98c8bbe182db09f070e
00f6b9af8ede5400f28959ecea0a7422262a1d34
45a23e98fec3b73b823afcedbbb72ecd6cd9d4e781a4d20c208b070647616daf
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/VRUZuZTYmKQADCTEvClgOcnBdVA5jLB0KWDV7IQcDEisaF2IycC9QUDwAHkNCPyJTVRApJwACC2MjAAYLdGAPAVR4ckgRRiotUxdHMi4ADEM3LwBDQyR7AwpMLCoCBBN3AFtLBmB0Xk1OdHdLVnRgdF4JXyszFkAEdT5WU2lzcktWdGB0XhdAYHUvXABrdk-dABHUhCwZdKmNcIwR1d15VB3V3S1cGIy8cAFAqPktXcHxwQFUQMHtf
200 OK 466 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/VRUZuZTYmKQADCTEvClgOcnBdVA5jLB0KWDV7IQcDEisaF2IycC9QUDwAHkNCPyJTVRApJwACC2MjAAYLdGAPAVR4ckgRRiotUxdHMi4ADEM3LwBDQyR7AwpMLCoCBBN3AFtLBmB0Xk1OdHdLVnRgdF4JXyszFkAEdT5WU2lzcktWdGB0XhdAYHUvXABrdk-dABHUhCwZdKmNcIwR1d15VB3V3S1cGIy8cAFAqPktXcHxwQFUQMHtf
IP
File type ASCII text, with very long lines (604), with no line terminators
Hash 6f3a36e2647944f84d69edc0e57a6bbd
86fb74a5a0f43b9c6dc7de2e60937af7cf60663a
67ab70b41001dd8736eb58a207fbe377964b9f1b28ada78a71f8eab6e7d03ab7
GET /VRUZuZTYmKQADCTEvClgOcnBdVA5jLB0KWDV7IQcDEisaF2IycC9QUDwAHkNCPyJTVRApJwACC2MjAAYLdGAPAVR4ckgRRiotUxdHMi4ADEM3LwBDQyR7AwpMLCoCBBN3AFtLBmB0Xk1OdHdLVnRgdF4JXyszFkAEdT5WU2lzcktWdGB0XhdAYHUvXABrdk-dABHUhCwZdKmNcIwR1d15VB3V3S1cGIy8cAFAqPktXcHxwQFUQMHtf HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 466
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UrSGAhGuDMc5_6Ik7znznNx6cAILVFIw-B6fKrE_7tHBbEhcMIZhYg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/aVTlOVDM2ViAyDCFQKmkLZwx3ZQJzUz07XSUEFB9KAlwdOAUCSAplX2NcCXJHL11zZBU5WCAzDnNcIDcOZB8vMFFoDWggQzpScyFdMVwoPV0wXWghUmhUIS5aOVUvcQETDGBkFmcJZiwCZBx9FhZnCSI9XSBBa2YDLQF4CwVhHH0WFmcJPCIWZnh3Yh1lEG-tmAzJcLT9ccAsIZgNkCX5lA2QcfGRVPEsrMlwtHHwSCmMXfnJGaAg
200 OK 361 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/aVTlOVDM2ViAyDCFQKmkLZwx3ZQJzUz07XSUEFB9KAlwdOAUCSAplX2NcCXJHL11zZBU5WCAzDnNcIDcOZB8vMFFoDWggQzpScyFdMVwoPV0wXWghUmhUIS5aOVUvcQETDGBkFmcJZiwCZBx9FhZnCSI9XSBBa2YDLQF4CwVhHH0WFmcJPCIWZnh3Yh1lEG-tmAzJcLT9ccAsIZgNkCX5lA2QcfGRVPEsrMlwtHHwSCmMXfnJGaAg
IP
File type ASCII text, with very long lines (460), with no line terminators
Hash aa51aa1e157f8db4d6a2ade2de3ddb49
77ef912eda1c8fa43aec5e9f7efa7dc4f0c0c2ed
652323b800fe377fbf78216225a1964553cdb61ba34ddead732d548fd4e63c78
GET /aVTlOVDM2ViAyDCFQKmkLZwx3ZQJzUz07XSUEFB9KAlwdOAUCSAplX2NcCXJHL11zZBU5WCAzDnNcIDcOZB8vMFFoDWggQzpScyFdMVwoPV0wXWghUmhUIS5aOVUvcQETDGBkFmcJZiwCZBx9FhZnCSI9XSBBa2YDLQF4CwVhHH0WFmcJPCIWZnh3Yh1lEG-tmAzJcLT9ccAsIZgNkCX5lA2QcfGRVPEsrMlwtHHwSCmMXfnJGaAg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 361
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IhTlRmE9Uv28MjXRZSwru4PsOS3TtkwNGb-OxI_qDPghpb_8UKj9AQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/sWU54UEQ6IRY2ey0nHG1zb3pJZHV/JAs/KilzMhULazZPNzI/OAh2MCMqRWBiNS8WN3l/KxYzeWhoGTQmZHpeJDQ2JUUiNS4mFjkxKycWdjE4cxU/PjAiFDFhawhNfnR8fEh4PGh/XWMGfHxIPC03OwB1dmk2QGYbb3pdYwZ8fEgiMnx9OWlyd35RdXZpKR-0zLzZrShZ2aX9IYHVpf11idD8nCjUiNjZdYgJgeFZgYixzSQ
200 OK 597 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/sWU54UEQ6IRY2ey0nHG1zb3pJZHV/JAs/KilzMhULazZPNzI/OAh2MCMqRWBiNS8WN3l/KxYzeWhoGTQmZHpeJDQ2JUUiNS4mFjkxKycWdjE4cxU/PjAiFDFhawhNfnR8fEh4PGh/XWMGfHxIPC03OwB1dmk2QGYbb3pdYwZ8fEgiMnx9OWlyd35RdXZpKR-0zLzZrShZ2aX9IYHVpf11idD8nCjUiNjZdYgJgeFZgYixzSQ
IP
File type ASCII text, with very long lines (831), with no line terminators
Hash 49a023251e598f3bae9afc52d0a172c8
5b44646f381e5f13490d0b34a85ded59be481c24
df4ec9190986ec807208ce19f3e65f33074e88370b4b1cdeb6fc33eb78cb1c4b
GET /sWU54UEQ6IRY2ey0nHG1zb3pJZHV/JAs/KilzMhULazZPNzI/OAh2MCMqRWBiNS8WN3l/KxYzeWhoGTQmZHpeJDQ2JUUiNS4mFjkxKycWdjE4cxU/PjAiFDFhawhNfnR8fEh4PGh/XWMGfHxIPC03OwB1dmk2QGYbb3pdYwZ8fEgiMnx9OWlyd35RdXZpKR-0zLzZrShZ2aX9IYHVpf11idD8nCjUiNjZdYgJgeFZgYixzSQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 597
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vf7NI75qRlx8jdxr2-NvoBJFfLOgEhYZURdrkq3XvFKu9pdqnpYZKQ==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 1.6 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash 6cba93352cb56ae335f534471a49a031
3d0256819bbe1107f331b2eace44868d7f8a8c0a
5c627e998752663949a5f52ad4297de2f949b90e2e1f8c4ecf64b5955c1185a9
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=eb5bb5dd2d9b458f8f44259d9fc995f7&p=28&g=NO&token=4a44335432&tbg=1662840218
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=eb5bb5dd2d9b458f8f44259d9fc995f7&p=28&g=NO&token=4a44335432&tbg=1662840218
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=eb5bb5dd2d9b458f8f44259d9fc995f7&p=28&g=NO&token=4a44335432&tbg=1662840218 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDKPVQWzRJIzYlHt5RlI6W4Z1jgKh%2FaWYmmxCJ1U%2By8fArfAsfSKPaGhxHaSrZkDCXBGz0yEpacjvovJrRs9eR9QoyWqR6HsBQpicdZe58VUj2RIaDJqKsaHc0HZX1GgxZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4a5197db506-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:03:38 GMT
Last-Modified: Sat, 10 Sep 2022 19:30:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b54e6d6aec12c9461c80214645f8751e
29985a910baba6739e06bcecd94c558bdf91e694
70a38c43ce6a2a439905472b51e49314e324754ff9585cda816f29ddb1d81829
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70A38C43CE6A2A439905472B51E49314E324754FF9585CDA816F29DDB1D81829"
Last-Modified: Thu, 08 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12843
Expires: Sat, 10 Sep 2022 23:37:41 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 18:41:12 GMT
expires: Sat, 10 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4946
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/LeWlzSUUaBh0veg0AF3RyT1hCcXNfAwAmKwlUEigWNQ8HOAotJVU9Px1UQ28pGAcUdGMcBxB0dF8IFyt4TU8HOSoSVAE4MhEHGjw3EAdVPCREBBwzLBUFEmx3P1xdeWBLWVsxdEhMQAtgS1kfICsMEVZ7dQFRRRZzTUxAC2BLWQE/YEooSn9rSUBWe3UeDB-AiKlxbNXt1SFlDeHVITEF5IxAbFi8qAUxBD3xPR0NvMERY
200 OK 606 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/LeWlzSUUaBh0veg0AF3RyT1hCcXNfAwAmKwlUEigWNQ8HOAotJVU9Px1UQ28pGAcUdGMcBxB0dF8IFyt4TU8HOSoSVAE4MhEHGjw3EAdVPCREBBwzLBUFEmx3P1xdeWBLWVsxdEhMQAtgS1kfICsMEVZ7dQFRRRZzTUxAC2BLWQE/YEooSn9rSUBWe3UeDB-AiKlxbNXt1SFlDeHVITEF5IxAbFi8qAUxBD3xPR0NvMERY
IP
File type ASCII text, with very long lines (834), with no line terminators
Hash 4ae157b8a4231627763c8a91881e5a5b
57a9b9229f4d2a6d26b21442431fed97a128fb3d
7553358377bbf781154b7c6d4876cb1a1cfe51c9e2f80178a7252cffc7b5e3cd
GET /LeWlzSUUaBh0veg0AF3RyT1hCcXNfAwAmKwlUEigWNQ8HOAotJVU9Px1UQ28pGAcUdGMcBxB0dF8IFyt4TU8HOSoSVAE4MhEHGjw3EAdVPCREBBwzLBUFEmx3P1xdeWBLWVsxdEhMQAtgS1kfICsMEVZ7dQFRRRZzTUxAC2BLWQE/YEooSn9rSUBWe3UeDB-AiKlxbNXt1SFlDeHVITEF5IxAbFi8qAUxBD3xPR0NvMERY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pectthatmye.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 606
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I54Xrn6Tz2htw2MuiK2FD74S75-hqISncY3_VOeRJf1Im7Oi2YWO3w==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Sat, 10 Sep 2022 21:37:29 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Sat, 10 Sep 2022 21:37:29 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j96&a=1607837099&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&ul=en-us&de=UTF-8&dt=m18Snc2%20--%20Fullindirsene.NET%20--.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=2047020108&gjid=1878037720&cid=409001132.1662840208&tid=UA-108868042-1&_gid=905376860.1662840208&_r=1>m=2ou970&z=1006906756
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1607837099&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&ul=en-us&de=UTF-8&dt=m18Snc2%20--%20Fullindirsene.NET%20--.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=2047020108&gjid=1878037720&cid=409001132.1662840208&tid=UA-108868042-1&_gid=905376860.1662840208&_r=1>m=2ou970&z=1006906756
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1607837099&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&ul=en-us&de=UTF-8&dt=m18Snc2%20--%20Fullindirsene.NET%20--.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=2047020108&gjid=1878037720&cid=409001132.1662840208&tid=UA-108868042-1&_gid=905376860.1662840208&_r=1>m=2ou970&z=1006906756 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Sat, 10 Sep 2022 20:03:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pectthatmye.shop/utx?cb=f0sRMyDXmtnP&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=f0sRMyDXmtnP&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=f0sRMyDXmtnP&top=megaup.net&tid=761186 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 10 Sep 2022 20:04:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: qrJdrn3mDr4TY9Nd8s_HB5DliAZtBmjmSEQpqTnUM0VQW7ozOPmDBw==
X-Firefox-Spdy: h2
pectthatmye.shop/utx?cb=pwfnNlOYjo5r&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=pwfnNlOYjo5r&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=pwfnNlOYjo5r&top=megaup.net&tid=825911 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 10 Sep 2022 20:04:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: kF7dg3bkZFiLsYXWVilFOwDi-Fz1pGEtT3oVZBQ_I1ayG3Cng8SR3Q==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Sat, 10 Sep 2022 21:37:29 GMT
Date: Sat, 10 Sep 2022 20:03:38 GMT
Connection: keep-alive
syndication.exdynsrv.com/v1/api.php
200 OK 2.3 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5194), with no line terminators
Hash 71bdb0e728203be38a03a5d7efe57a68
6e281a03b23db6abf41424078c388c17c29eb7df
7357a23bf556020f669df454ac5b642b8d5fbe76f71e2f94be0312b9db5304a7
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 298
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 20:03:38 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Sat, 10 Sep 2022 20:03:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g55LX2ogxMCZMym5KE0s964pg1H4VA56gQ5g5LX_Ig5pE16rshdquA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a8b934802b39ce62326f039ac83cd96
dbfe44bfbec869b99291881ce7c2539d34d7ca9c
c1d5a7058b585d2207c7162b7d0ed62443426b9b2e1262391ad3118884bda651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:03:38 GMT
Last-Modified: Sat, 10 Sep 2022 19:30:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 281 B IP
Hash f4bcbc6206dff24a91fa517e746c90a0
056bbe74180f46aba870c1e675d518c1c8143fba
cd68ab97526b228a4683f7ce006ac22be04df2e705aaca892a1eaae1203e59a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 20:03:38 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 21:53:51 GMT
Expires: Fri, 16 Sep 2022 21:53:50 GMT
Etag: "056bbe74180f46aba870c1e675d518c1c8143fba"
Cache-Control: max-age=524411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748ac4a4ea20b4fd-OSL
pectthatmye.shop/utx?cb=bH2KmpGf1tJj&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=bH2KmpGf1tJj&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=bH2KmpGf1tJj&top=megaup.net&tid=876318 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 10 Sep 2022 20:04:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: izuoQcGYZ1bzuXuQFweBcU4R-0j8ayZ5fUIHJdgSWhyplFPDp2c0CA==
X-Firefox-Spdy: h2
pectthatmye.shop/utx?cb=mAOfdujmUav7&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?cb=mAOfdujmUav7&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=mAOfdujmUav7&top=megaup.net&tid=764141 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 10 Sep 2022 20:04:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: mfUBmz1a3POogngEjA67CAz3eHWOcoj64LUG_pU73ROfwlqkKoiU_w==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8iheYod/b2W+/FRQP0BNn/XIRXEGhDm9mFhdTJFR3qqtLSGSiNjHdcRxJj5poPDeaTWZ2w8PjE4zxvr7V18d8Xi9wZ6NAtEY2xGopAbMwzoAzw6VJG4qDq1NEgh0KGhBXs43NRMR8QBJenu/3ywNCGO+2EpKwwel7m4sqsVBia16+SPDqcYrszZesyk34PyJdMZOMGMP2rwFlUzHBxLfCMA5h/67Pn3MHbvJrWPjuoGAzGnY9uyX1Jr1Ko9oSyq+1+AgUp/T6BbX4WBhUAQAA
200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8iheYod/b2W+/FRQP0BNn/XIRXEGhDm9mFhdTJFR3qqtLSGSiNjHdcRxJj5poPDeaTWZ2w8PjE4zxvr7V18d8Xi9wZ6NAtEY2xGopAbMwzoAzw6VJG4qDq1NEgh0KGhBXs43NRMR8QBJenu/3ywNCGO+2EpKwwel7m4sqsVBia16+SPDqcYrszZesyk34PyJdMZOMGMP2rwFlUzHBxLfCMA5h/67Pn3MHbvJrWPjuoGAzGnY9uyX1Jr1Ko9oSyq+1+AgUp/T6BbX4WBhUAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEMRC8iheYod/b2W+/FRQP0BNn/XIRXEGhDm9mFhdTJFR3qqtLSGSiNjHdcRxJj5poPDeaTWZ2w8PjE4zxvr7V18d8Xi9wZ6NAtEY2xGopAbMwzoAzw6VJG4qDq1NEgh0KGhBXs43NRMR8QBJenu/3ywNCGO+2EpKwwel7m4sqsVBia16+SPDqcYrszZesyk34PyJdMZOMGMP2rwFlUzHBxLfCMA5h/67Pn3MHbvJrWPjuoGAzGnY9uyX1Jr1Ko9oSyq+1+AgUp/T6BbX4WBhUAQAA HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 20:03:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22631ced9ac0b028.293401581247706686%22%3B%7D; expires=Mon, 09 Sep 2024 20:03:38 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22631ced9ac0b028.293401581247706686%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Mon, 09 Sep 2024 20:03:38 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg
200 OK 21 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 08d3d91aef96f39036fb8e2c2384dbfe
886d0b1e550dc5e1e5c1903e762b95656239f32d
893ba0ad90251cc9896a4e0161a7184b35a2cc89f5618183adbf07e20689f77d
GET /library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/jpeg
content-length: 21446
last-modified: Sat, 30 Jul 2022 00:39:56 GMT
etag: "62e47ddc-53c6"
expires: Sun, 30 Jul 2023 00:47:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690680274
server: CDN77-Turbo
x-77-nzt: AblMCQ2KdvD/SGU4AA
x-77-nzt-ray: BvNyHWRmzIQ
x-cache: HIT
x-age: 3695944
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
200 OK 621 kB URL HTTP/2 static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 621 kB (621339 bytes)
Hash c8694e7d5d3b9a928d4d57026ac2b68b
169b9f311167e19bd5061b53fc7e4f528e3ba7a9
0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a
GET /a-ads-banners/406740/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: sTJUoC3MYblqG+38J7lRm3irwd1DQ/3CsWa4rp9wvjhYkJVSxcDV/IM1C4XWhmD7PwGLEyxAw8s=
x-amz-request-id: R3R3GCRYD4DFJV13
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:17:39 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: CpzkFSVTHlSKMdhV9N03JaP1PcAFvRyH
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 38 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
File type ASCII text, with very long lines (28941)
Hash 2b8ad38798e4783b120ce022b1a9cdbf
15be48b8bd5207114a85b8eefdabc688c6e82ff5
d2ed09e1a28009f0d0ec78ec2a44ad12dfe4eefcab60c999f309972f41f19023
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8a3f147ac37bcccd79750e4229a8d99b
f76459233b24f681045ed0476a63d95a0f12623e
6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pectthatmye.shop/utx?tid=832633&top=megaup.net&cb=LZHStB5rjQa7
204 No Content 0 B URL HTTP/2 pectthatmye.shop/utx?tid=832633&top=megaup.net&cb=LZHStB5rjQa7
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=LZHStB5rjQa7 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 20:03:38 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 10 Sep 2022 20:04:38 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: vZRQpqdqR5898y3hcDPx371bDFC47Rhhif1RgiBmUW3cf2EfTs597g==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash f11fff9aab06e289e444a66f40db2762
e63651cdff60d966f251151eaf627198e7a314a4
3f7414102696e97c76a4b883c8d051a56863ccc884526e79863fedc1cfcf6d62
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Sep 2022 20:03:39 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-436052600%3A1662840219023028&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoHgdwpcNBJ7BcfQqVjgYrd9JOf-4d0vy0r28tlxXJ2hyNiztyxWTtC4XAcos1NMxI5bAXb
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-s4w-PbkNUHeeays2M4sJ6Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:Hc9lz0lQg53gLCzGPOt7rvsMVqkT3g:dd6CBvNxM4vFhG8Y;Path=/;Expires=Mon, 09-Sep-2024 20:03:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (377)
Hash c1cc8d8f45c681dc87fa960ed9d6ea28
65892e76d9872ce9105c7291b79e2cd8ec8e0537
e91643894cbd17757569327776f7a85e5800d344ebcdd1dd8f43b3852c2765f0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Sep 2022 20:03:39 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S134427203%3A1662840219038004&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWot1imz83jDs_Dm2y-5cmrfzSXo3zBRCFMOdLAHLe1I9O6VqmwnCPLbh9UVGHYY9G_YBzfH
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-XWXAshic4cCQz1q6gtK5XQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:kxLENfotu9qDKIx_4fDYHDt9a5rqJw:at9AOkGcVrUifcIs;Path=/;Expires=Mon, 09-Sep-2024 20:03:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0a933ad1c12216f71ddccbbfe864cfca
9bc93e16531b51a3e103a8739d2d2dd8ffb4fae6
b6c337ae7e99a312b15c0536b3c9001b06ead6181b6490a8012f0cfe35961dfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6C337AE7E99A312B15C0536B3C9001B06EAD6181B6490A8012F0CFE35961DFA"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6044
Expires: Sat, 10 Sep 2022 21:44:23 GMT
Date: Sat, 10 Sep 2022 20:03:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/
200 OK 1.5 kB IP
File type ASCII text, with no line terminators
Hash eed9b8f181359d374dbee3c0ce07db5b
31f5082b7ae696a52debcfb07fe2dd201565575c
d57ee6b934beb6f8c8b6d86d1f57935a6502d537d52c411d9121ccd0d394b12a
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: text/plain
set-cookie: csu=915151681930331@1@1662840218; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZvgT%2BqvIVREFudMmpT3BOHK668%2FNVQrMuwRmmrHzWGTAk72%2BI6Xe16ffePCfqYovfXEHcGK7ratG8RGVvBiV2cHdwylAwt1h%2BN4tTfmgQqrL%2BeKW%2BAM8dexVtHnobtP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4a64d1eb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
evenuewasadi.xyz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: evenuewasadi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 386
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4; _ga=GA1.2.409001132.1662840208; _gid=GA1.2.905376860.1662840208; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:39 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9758
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:03:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9758
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:03:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9758
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:03:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:18 GMT
age: 78621
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: f2Av7EDI_l1jZfe0kR6K2yQNzxbBXdcXJGycIZbOTp4ZkCuusLk4Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:47 GMT
age: 79972
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: CjZw9xgHd4_7KvhiiZEIBivRgoQeh1BYxEc_bOBbTvWoqHgTPq0sSA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 05:37:01 GMT
age: 51998
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:56:34 GMT
age: 79625
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
evenuewasadi.xyz/bGowWTk3SAhqC1pZA3sVTkgce19YDglsCAkOHWoJXFMdbQFbDB1hX1pfHWEIDlNRbg4JWwU6X05GEmwPWwtSPwxfRwdgWAlHBGlaX0cJaQsIRwhqC1QMVj9dWlNTOBtASEMuG0BIVS9cAh9VLlgfC1QwFxQTSnsVTlsAdwxORlY4VR8PHD9YABlVdV8NBkM8ZA
200 OK 22 kB URL HTTP/2 evenuewasadi.xyz/bGowWTk3SAhqC1pZA3sVTkgce19YDglsCAkOHWoJXFMdbQFbDB1hX1pfHWEIDlNRbg4JWwU6X05GEmwPWwtSPwxfRwdgWAlHBGlaX0cJaQsIRwhqC1QMVj9dWlNTOBtASEMuG0BIVS9cAh9VLlgfC1QwFxQTSnsVTlsAdwxORlY4VR8PHD9YABlVdV8NBkM8ZA
IP
Hash ddca976449585e6ebf28d96fae973263
0800e4e8aae9dbbb20e73e2f3d67852d3cbc6851
2498b7403c807946a64e77cc1e5d37b269b3927d1e399f120ac7f2bcc44158a7
GET /bGowWTk3SAhqC1pZA3sVTkgce19YDglsCAkOHWoJXFMdbQFbDB1hX1pfHWEIDlNRbg4JWwU6X05GEmwPWwtSPwxfRwdgWAlHBGlaX0cJaQsIRwhqC1QMVj9dWlNTOBtASEMuG0BIVS9cAh9VLlgfC1QwFxQTSnsVTlsAdwxORlY4VR8PHD9YABlVdV8NBkM8ZA HTTP/1.1
Host: evenuewasadi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 763134a37a85e692d9f9a16142b97b52=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8446-41P2i3QmVlpfVLlumozZ31eI7x0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:51:58 GMT
age: 79901
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pectthatmye.shop/floater?cs=cXlMNDRGTnoDDElPdQcMRk50BwA&abt=0&red=1&sm=83&k=download%20file%20m18snc2%20fullindirsene&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=915151681930331&agec=1662840218&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=149.7005988023952&ref=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_sHxF=1662840208785&crc=1
200 OK 4.0 kB URL HTTP/2 pectthatmye.shop/floater?cs=cXlMNDRGTnoDDElPdQcMRk50BwA&abt=0&red=1&sm=83&k=download%20file%20m18snc2%20fullindirsene&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=915151681930331&agec=1662840218&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=149.7005988023952&ref=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_sHxF=1662840208785&crc=1
IP
File type ASCII text, with very long lines (6307), with no line terminators
Hash 98a496cbf3a684af1a3cf908cd1412a9
d1aed183abb09f9a01fbe0586ff44a6aa060b6f0
8a820944e128202ad780f8ecfe79ecd81ccb0cb838d00ec6450efc7a6f9a9f4f
GET /floater?cs=cXlMNDRGTnoDDElPdQcMRk50BwA&abt=0&red=1&sm=83&k=download%20file%20m18snc2%20fullindirsene&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=915151681930331&agec=1662840218&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=149.7005988023952&ref=https%3A%2F%2Fmegaup.net%2F1NO90%2Fm18Snc2_--_Fullindirsene.NET_--.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_sHxF=1662840208785&crc=1 HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3970
date: Sat, 10 Sep 2022 20:03:39 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=7329fc9f-2cd8-4566-9bad-00322b67b67d
csu=915151681930331
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: klKlHgD1AVtZyOmRqOumI96biKep548zjv39mRM9nLh187CTZPMJhw==
X-Firefox-Spdy: h2
evenuewasadi.xyz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: evenuewasadi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
evenuewasadi.xyz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: evenuewasadi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 280fd91cd25fe9977fbbc0e7d2a71726
15ae5fa7da890ec923ba28b79630d8c53e1d35eb
04aad150e8412f7cbc24d810d0edc8001c8b68364a56edcd424e44b4cb503c0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17492
Expires: Sun, 11 Sep 2022 00:55:13 GMT
Date: Sat, 10 Sep 2022 20:03:41 GMT
Connection: keep-alive
xml.serve-servee.com/thumbnail?i=7iDnfj49umA_0&imgt=icon
302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=7iDnfj49umA_0&imgt=icon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=7iDnfj49umA_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 10 Sep 2022 20:03:41 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=271Yz423IcBkdUFpllKzU%2FwiWBgQtDdgg6MiE6kyfVac6XYgUpnxHLS1aJGhr3EUg6Z3QM4mINGbShgwhbJJMb8Yy5Gs3l3R9CKuUBPBnQngf%2Fo9l4OKlUnjGUzpAT9HWn%2FjLxkkMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4b95ea40b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 280fd91cd25fe9977fbbc0e7d2a71726
15ae5fa7da890ec923ba28b79630d8c53e1d35eb
04aad150e8412f7cbc24d810d0edc8001c8b68364a56edcd424e44b4cb503c0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17492
Expires: Sun, 11 Sep 2022 00:55:13 GMT
Date: Sat, 10 Sep 2022 20:03:41 GMT
Connection: keep-alive
static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
200 OK 89 kB URL HTTP/2 static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
IP
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 0994ec31361ea569c5549063145bfdd2
9b270e9f7a346a0f0f60a978e154f49740350270
e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:41 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1662840221.cds208.sk1.h2,1662840221.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDInri6Q8Fkck%2Fr%2BZAi%2BVSHG8GnkMztCdcq1T914xr0Om95%2B9lOSNbjAd085zBBZNQra0DxkcnNT2p6wWarf8e9gFXf5v%2B%2BzMnTA9g1VVoC3q6ox86MIMowrTKf%2F6Xw2VVzZ1Flrmtpemg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ac4ba2fc60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4; _ga=GA1.2.409001132.1662840208; _gid=GA1.2.905376860.1662840208; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:44 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a14cec2825b9bcb3df9709fcd0426b4b
461758a5e3b80e82d3df84e6d382482d63de0c5f
136cdcd6b251b8a84799bb7e6168d90cc9e88e3410b24ded72e34a31e757c2e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "136CDCD6B251B8A84799BB7E6168D90CC9E88E3410B24DED72E34A31E757C2E0"
Last-Modified: Fri, 09 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15298
Expires: Sun, 11 Sep 2022 00:18:43 GMT
Date: Sat, 10 Sep 2022 20:03:45 GMT
Connection: keep-alive
casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXlRWvKww3hRk0j0zmfS4yOKajQSzm2XXRU9KdVV18kx3V1PVNT3JKSjInmTEgz9OlS%2FZBHX99Qe4SmfBQ0DI3CKauydFYc8yY0zwQfFeve8dvlffV%2B9vuWPWguNH89f0BqUpn5ltBc3n3gzDS80lyt2wOYx6b%2Fe6l5pm8GK%2F1wqeb76qxJqeaQdhEIRB2FwgoxI9nJmAoOJeP2z1g1a33QpnuxgaD%2BsasLwBOThmT4Lk%2BNyDxgWQqJFn384ru1bq4oWrmUt5qQ0Gcu92vpbrKkd2ViamgSTfO5mGtocL96Hzu1OK0IPTwZjGrPHTfcT53gkxxIOdKbc4hcoRy8dQDWqotAbxGkK%2FB5KHDBAS15eRZ7vXtan4%2Br8on6Bjdu7h36BqzM79dgF59vWVlIbNWzp1JencYph40LAGrdQo3D7KDQaq9iHKd0HyZzbzcAl5trNsUw2Sfro7UQ1KaqRqBG4Z3OQQg0sacEUDmTxqijAM5wIpeBD1hejIORX3ZBDyuSTkYdCL4MSE3ghlMYJIRxBmE4XZxBqNYNwHIFvDcQ8qPAq7G7Vn%2B2EIJQ4u%2F%2F7pJD4Dp6Nmuy%2BTtpKyI0TMheKxnJ2d6ySh6EVRELdjxHRwecY9fu32M6tIiUHxgx%2F%2BZNOAzT1y57dzQx5GHbCT2DayPLh8OrXqYSWDLRkG0qNSDJVlqDhDRQxVyVAN%2FF2Z2rb1uzK1Lg5Pcvskd%2FxWccyemOrxl3gLa%2BqomQSiHSX9bqcddfv9OJLduU4v6kkRykh1IwlL%2F21N9hFw28AGjdlTv%2F6BYuIU%2BRFivg%2Bb7kPQs%2BDuInjlwVc9NnIPqb8R3DqeFkbrpCV0hqI8j3K9sZUes6enVHqf3PnfiwrjURiPd%2BgBw0p6Z%2FumrtjOTV1Z9t1yUVJGG3xim1slL9WjX7ym1itt5OK8HX3%2BspgAk%2FLe68qWSzyXlK9Y9uUVklKZBW2EYt8v2jdUfMPZ1SvO5K5YuvHKwmJWGGUt6bwGp8OrH0PQmJ3%2F8Jfpf7j41UsgU8M4j8ydKgTSNUSxCVuc9axmMOnZPS4YKue3TTs%2Ba048kJ5JDR77LfsjLHmUlv0DAAD%2F%2FwEAAP%2F%2FlvOnuVQEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662840219&pid=91283&sub2=icon&auid=29df2edd3ccbaceabd5573f1c6880b2b&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
307 Temporary Redirect 0 B URL HTTP/1.1 casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXlRWvKww3hRk0j0zmfS4yOKajQSzm2XXRU9KdVV18kx3V1PVNT3JKSjInmTEgz9OlS%2FZBHX99Qe4SmfBQ0DI3CKauydFYc8yY0zwQfFeve8dvlffV%2B9vuWPWguNH89f0BqUpn5ltBc3n3gzDS80lyt2wOYx6b%2Fe6l5pm8GK%2F1wqeb76qxJqeaQdhEIRB2FwgoxI9nJmAoOJeP2z1g1a33QpnuxgaD%2BsasLwBOThmT4Lk%2BNyDxgWQqJFn384ru1bq4oWrmUt5qQ0Gcu92vpbrKkd2ViamgSTfO5mGtocL96Hzu1OK0IPTwZjGrPHTfcT53gkxxIOdKbc4hcoRy8dQDWqotAbxGkK%2FB5KHDBAS15eRZ7vXtan4%2Br8on6Bjdu7h36BqzM79dgF59vWVlIbNWzp1JencYph40LAGrdQo3D7KDQaq9iHKd0HyZzbzcAl5trNsUw2Sfro7UQ1KaqRqBG4Z3OQQg0sacEUDmTxqijAM5wIpeBD1hejIORX3ZBDyuSTkYdCL4MSE3ghlMYJIRxBmE4XZxBqNYNwHIFvDcQ8qPAq7G7Vn%2B2EIJQ4u%2F%2F7pJD4Dp6Nmuy%2BTtpKyI0TMheKxnJ2d6ySh6EVRELdjxHRwecY9fu32M6tIiUHxgx%2F%2BZNOAzT1y57dzQx5GHbCT2DayPLh8OrXqYSWDLRkG0qNSDJVlqDhDRQxVyVAN%2FF2Z2rb1uzK1Lg5Pcvskd%2FxWccyemOrxl3gLa%2BqomQSiHSX9bqcddfv9OJLduU4v6kkRykh1IwlL%2F21N9hFw28AGjdlTv%2F6BYuIU%2BRFivg%2Bb7kPQs%2BDuInjlwVc9NnIPqb8R3DqeFkbrpCV0hqI8j3K9sZUes6enVHqf3PnfiwrjURiPd%2BgBw0p6Z%2FumrtjOTV1Z9t1yUVJGG3xim1slL9WjX7ym1itt5OK8HX3%2BspgAk%2FLe68qWSzyXlK9Y9uUVklKZBW2EYt8v2jdUfMPZ1SvO5K5YuvHKwmJWGGUt6bwGp8OrH0PQmJ3%2F8Jfpf7j41UsgU8M4j8ydKgTSNUSxCVuc9axmMOnZPS4YKue3TTs%2Ba048kJ5JDR77LfsjLHmUlv0DAAD%2F%2FwEAAP%2F%2FlvOnuVQEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662840219&pid=91283&sub2=icon&auid=29df2edd3ccbaceabd5573f1c6880b2b&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXlRWvKww3hRk0j0zmfS4yOKajQSzm2XXRU9KdVV18kx3V1PVNT3JKSjInmTEgz9OlS%2FZBHX99Qe4SmfBQ0DI3CKauydFYc8yY0zwQfFeve8dvlffV%2B9vuWPWguNH89f0BqUpn5ltBc3n3gzDS80lyt2wOYx6b%2Fe6l5pm8GK%2F1wqeb76qxJqeaQdhEIRB2FwgoxI9nJmAoOJeP2z1g1a33QpnuxgaD%2BsasLwBOThmT4Lk%2BNyDxgWQqJFn384ru1bq4oWrmUt5qQ0Gcu92vpbrKkd2ViamgSTfO5mGtocL96Hzu1OK0IPTwZjGrPHTfcT53gkxxIOdKbc4hcoRy8dQDWqotAbxGkK%2FB5KHDBAS15eRZ7vXtan4%2Br8on6Bjdu7h36BqzM79dgF59vWVlIbNWzp1JencYph40LAGrdQo3D7KDQaq9iHKd0HyZzbzcAl5trNsUw2Sfro7UQ1KaqRqBG4Z3OQQg0sacEUDmTxqijAM5wIpeBD1hejIORX3ZBDyuSTkYdCL4MSE3ghlMYJIRxBmE4XZxBqNYNwHIFvDcQ8qPAq7G7Vn%2B2EIJQ4u%2F%2F7pJD4Dp6Nmuy%2BTtpKyI0TMheKxnJ2d6ySh6EVRELdjxHRwecY9fu32M6tIiUHxgx%2F%2BZNOAzT1y57dzQx5GHbCT2DayPLh8OrXqYSWDLRkG0qNSDJVlqDhDRQxVyVAN%2FF2Z2rb1uzK1Lg5Pcvskd%2FxWccyemOrxl3gLa%2BqomQSiHSX9bqcddfv9OJLduU4v6kkRykh1IwlL%2F21N9hFw28AGjdlTv%2F6BYuIU%2BRFivg%2Bb7kPQs%2BDuInjlwVc9NnIPqb8R3DqeFkbrpCV0hqI8j3K9sZUes6enVHqf3PnfiwrjURiPd%2BgBw0p6Z%2FumrtjOTV1Z9t1yUVJGG3xim1slL9WjX7ym1itt5OK8HX3%2BspgAk%2FLe68qWSzyXlK9Y9uUVklKZBW2EYt8v2jdUfMPZ1SvO5K5YuvHKwmJWGGUt6bwGp8OrH0PQmJ3%2F8Jfpf7j41UsgU8M4j8ydKgTSNUSxCVuc9axmMOnZPS4YKue3TTs%2Ba048kJ5JDR77LfsjLHmUlv0DAAD%2F%2FwEAAP%2F%2FlvOnuVQEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662840219&pid=91283&sub2=icon&auid=29df2edd3ccbaceabd5573f1c6880b2b&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: casualproof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 10 Sep 2022 20:03:45 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 748796baa445687fcaf1920f787cf7b5
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Sat, 10 Sep 2022 21:33:59 GMT
Date: Sat, 10 Sep 2022 20:03:46 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
last-modified: Sat, 10 Sep 2022 19:52:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puDXXp8TF4tFR%2FakqbvmCV3xZg%2F7KH5OJzzUbsHmDrv4%2Bc%2B%2Fv0CAsMHw7SRppl8KppfLd7gCFpPN6jbfVGCUJlmD6Ki3YUrC2%2B2w7%2FvwkucIkFmTur9h56abPZ16XLRb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ac4a65d2db4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
last-modified: Sat, 10 Sep 2022 19:52:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKfx8T9vGRtxzKJVPoeYF74gsVEIi517J1VmJFkkVdcj%2FNTJV9MqwiTtqSdPUhzq9ZCzTcERLuVpgoyVUtNp%2FfnqqypDeQlIug9Ie9BNlv%2FlL6XBICL7Md3GQHfOsmuf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ac4a64d25b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WeUbeYp3EhWmg7a+IWGwNsavP9ZKJHla3c2+PuQeASrj7hgGfAp6Ojz0LHDcmxQCpX0yXlhiLMeG0jFU1h3sVw==
date: Sat, 10 Sep 2022 20:03:38 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
last-modified: Sat, 10 Sep 2022 19:52:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTRFlZJWIgcKkxtDQGrtfk86RjlGaNfOqBLlk9YIh9XwIu2g8tTTpCCDEUhtJm6RNem1hat2YT2TAVpjRisel%2BoCbdRoz%2FmxshRVkBb%2Bq%2FhD408%2F55nAuCe1%2BVpfxYYW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ac4a64d2ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
200 OK 0 B URL HTTP/2 megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
IP
GET /1NO90/m18Snc2_--_Fullindirsene.NET_--.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=brpuntip0gvkocgipf7ldmntc4; expires=Sun, 11-Sep-2022 20:03:37 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:03:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 654
last-modified: Sat, 10 Sep 2022 19:52:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5qNQV8MaCR7aDAUzBWJok%2FlmF2ynQimRSLtAX4ms1vO%2FGHfngT0UH%2Brbvio8Fwcs7eqpjsMxTc4xhxwr3BdnXVTHz7sFswU2ggwq8XWGBDFfVvrHtPoHOpN98Rp1pte"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ac4a64d17b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1NO90/m18Snc2_--_Fullindirsene.NET_--.rar
Connection: keep-alive
Cookie: filehosting=brpuntip0gvkocgipf7ldmntc4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:03:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
142.250.74.72
23.109.82.168
78.46.33.196
104.21.86.231
185.76.9.16
95.101.11.115
93.184.220.29
157.240.200.35