megaup.net/372/fg-optional-mp-zombie-01.bin
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/372/fg-optional-mp-zombie-01.bin
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /372/fg-optional-mp-zombie-01.bin HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 14 Oct 2022 19:41:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/372/fg-optional-mp-zombie-01.bin
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ef1ca48ca7fd21239a2a11fcfc6366b
ee44232c27fb39d25ac901df2247c3ffd2c5bcca
e9bad8be490429a84a567acd710f97a402bcf7b4ba4e47f2bed27cada418c439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BAD8BE490429A84A567ACD710F97A402BCF7B4BA4E47F2BED27CADA418C439"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7913
Expires: Fri, 14 Oct 2022 21:53:07 GMT
Date: Fri, 14 Oct 2022 19:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ac5efdb9326bde16c3b797cf1bcc9df
68442a3b6df156ef1db3776ab34504bd94cfaaa4
7ea6ddecc2f499b9523ab0fc41ccd8c818af7479820c13615ad846be9fa49504
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EA6DDECC2F499B9523AB0FC41CCD8C818AF7479820C13615AD846BE9FA49504"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16026
Expires: Sat, 15 Oct 2022 00:08:20 GMT
Date: Fri, 14 Oct 2022 19:41:14 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 40 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d1889980ccbfc4d812e5ac0e9721110a
1acf4a9c7c104c6044795db9ddf655e833be7dfe
574ccffc2d8170d5decf9cd2739555e19bd1ef2373a2b4863e81b9c421b097f2
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: LXSvFxun8eaY3-nEbXS1AVac69MQcCBq9wbBnrwjVpInynPLPxeabA==
content-encoding: gzip
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 19:32:26 GMT
age: 528
content-type: application/json
content-length: 40410
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bce7a9c1ff7500c4cfad5c3a3581a939
74b8dadf6ead0ce5d1d72e40a2eac554c5f5430c
6c840089371a0e25d60d0d76d6400348b0cdfb5967876c7b88e2b4a2aaf01a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9557
Expires: Fri, 14 Oct 2022 22:20:31 GMT
Date: Fri, 14 Oct 2022 19:41:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GkeYV90Xj4uiQ9oB58k9tRAC+hrosH5tscro5GVDVTgPlfmM0p1RBQBuydJrpv1s9lh9fzGdrrM=
x-amz-request-id: ZNFPKTRBET6T8ZYC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 14 Oct 2022 19:02:16 GMT
age: 2338
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 14 Oct 2022 18:49:52 GMT
Expires: Fri, 14 Oct 2022 19:16:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QtnL_CtsgsK5GaK-IJJQIHZU3_cM--NIyiUlnckJODyzcqPxN4BvAA==
Age: 3082
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bfa37425baea3d3a933a0a4e11e98dd8
ee506dad4552a15a9e673d6daba0f86cee4fec77
c45a5b81ce449656275aef6759a75d959736fb33987dc6e787a150c210b86e90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2022 19:41:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 11:25:45 GMT
Expires: Fri, 21 Oct 2022 11:25:44 GMT
Etag: "ee506dad4552a15a9e673d6daba0f86cee4fec77"
Cache-Control: max-age=574469,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a2ca94aed7b4f3-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 14 Oct 2022 19:07:43 GMT
Cache-Control: max-age=3600
Expires: Fri, 14 Oct 2022 19:47:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1ZrhaSsFh7PATj_bFr7AwdSW4DGAV3rKoo9HZgq6eD6MDbBPgDhElA==
Age: 2011
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 1.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
File type ASCII text, with CRLF line terminators
Hash 04a93b7f623513be3c1e38a6be96dfa7
fed5ebbd6e9ce3b2d9ccb999455ef7209198bc1d
0268e8271013f31d35d18f2ea7c5ff771ad788ed8ed751932989db384913e042
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 1.3 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
File type ASCII text, with CRLF line terminators
Hash 6f371d603b15640247411697468f0fc6
213885af4f98bfa4cdddc1b886c12923a358b770
e6f8995277dddd080aa4f408df464ce5e08666461080939368289d8bbcae059d
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6c8c599da15186bda28a94f0bb20656b
fe2605bcee301a4dac00399109ca1b6bd08dff7f
74e6fa45e8e1695e31924d374de895ecc05564c71dc4b14a8eea6f61860d0c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Oct 2022 19:41:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 15-Oct-2022 19:41:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 15-Oct-2022 19:41:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Oct 2022 19:41:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 15-Oct-2022 19:41:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 15-Oct-2022 19:41:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1962)
Hash 0a4f77227b7b2f3090444123d1480aa0
6a656ca47621b711531caa4957abe61efd985b6a
f527ed88427b287c65f8274c4b73ea68f85f09b2e4d4c170bb89cafcfdfb4c55
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 14 Oct 2022 19:41:14 GMT
expires: Fri, 14 Oct 2022 19:41:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 14 Oct 2022 18:31:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1920
Cache-Control: max-age=133057
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:14 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 08:38:51 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6c8c599da15186bda28a94f0bb20656b
fe2605bcee301a4dac00399109ca1b6bd08dff7f
74e6fa45e8e1695e31924d374de895ecc05564c71dc4b14a8eea6f61860d0c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 2ff9e093c9092860481e7f37cc4e20aa
ee1cce98fc83b392d7865eb6736862a661b6ebf1
c18fa2f6e25dff3de97b1deaabdcd16945ceedcaedc17241b5881e4fb0655082
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C18FA2F6E25DFF3DE97B1DEAABDCD16945CEEDCAEDC17241B5881E4FB0655082"
Last-Modified: Thu, 13 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17758
Expires: Sat, 15 Oct 2022 00:37:13 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 2ff9e093c9092860481e7f37cc4e20aa
ee1cce98fc83b392d7865eb6736862a661b6ebf1
c18fa2f6e25dff3de97b1deaabdcd16945ceedcaedc17241b5881e4fb0655082
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C18FA2F6E25DFF3DE97B1DEAABDCD16945CEEDCAEDC17241B5881E4FB0655082"
Last-Modified: Thu, 13 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17758
Expires: Sat, 15 Oct 2022 00:37:13 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Oct 2022 19:41:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 2ff9e093c9092860481e7f37cc4e20aa
ee1cce98fc83b392d7865eb6736862a661b6ebf1
c18fa2f6e25dff3de97b1deaabdcd16945ceedcaedc17241b5881e4fb0655082
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C18FA2F6E25DFF3DE97B1DEAABDCD16945CEEDCAEDC17241B5881E4FB0655082"
Last-Modified: Thu, 13 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17758
Expires: Sat, 15 Oct 2022 00:37:13 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 44f092ce3a2c4a6ad05a1f841cf7f1a5
3a1d2d2638446cd07300c8e4b3b5064adafa8bcc
cd9445340e15a97ca1d11c9663b4d16c1d05206c5761a8bbf78dc3f4b1bd677f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2133
Cache-Control: max-age=118175
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Etag: "6348dda5-117"
Expires: Sun, 16 Oct 2022 04:30:50 GMT
Last-Modified: Fri, 14 Oct 2022 03:55:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
megaup.net/imageads/005.gif
200 OK 216 kB URL HTTP/2 megaup.net/imageads/005.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 216 kB (216289 bytes)
Hash 5c5bf0825af3dd18a10beb7823a61adc
3bd9d6cee30c45793947a14123413cfcfb75f966
67c74c7464572c528046ee559cdb616fa751c830083c30785f54ad6423fc5dfb
GET /imageads/005.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/gif
content-length: 216289
last-modified: Thu, 02 Aug 2018 19:05:08 GMT
vary: Accept-Encoding
etag: "5b6355e4-34ce1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dsoodbye.xyz/dVJqWnpabQkpRy84KBAgGDY4GBREBz8MKzc3Bm8fICUgf0gzClsPXAE7DmdNQ2NbYkxTIgM+R0R0GS4bAScZZ0tTOwQ8FUh0HGdLW2FedEhMfFp8D0hjTC4KFDVXa1wFJh42R0RkXG9NQmRebU5MYlw
204 No Content 0 B URL HTTP/2 dsoodbye.xyz/dVJqWnpabQkpRy84KBAgGDY4GBREBz8MKzc3Bm8fICUgf0gzClsPXAE7DmdNQ2NbYkxTIgM+R0R0GS4bAScZZ0tTOwQ8FUh0HGdLW2FedEhMfFp8D0hjTC4KFDVXa1wFJh42R0RkXG9NQmRebU5MYlw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dVJqWnpabQkpRy84KBAgGDY4GBREBz8MKzc3Bm8fICUgf0gzClsPXAE7DmdNQ2NbYkxTIgM+R0R0GS4bAScZZ0tTOwQ8FUh0HGdLW2FedEhMfFp8D0hjTC4KFDVXa1wFJh42R0RkXG9NQmRebU5MYlw HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF3rpC6VP0bd%2F4zmNCnkKWFFCW8Gio%2BralyDPYnzJq15yhrB4XuE%2FApS69g4smlw78MaCamVvKYHsp%2BPIohc57GbsJqNwr0IZI5wNWo4M95X7vABRByc1ysH4hGGYiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca990b89b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dsoodbye.xyz/MGc1RUwfWFY2cWIzfHYYdiFPBx12Xmx2GXMmfXQrViZ8ASoCJhMxJVRaDXd5CVYEYzxZAwh2fhYUQSQ4RRQIdGpZCVMqcRYRCHViCEkEdWIAQUB4fRYTRSQrDVYTNThECwh0egZSAnJ6BFABfH0H
204 No Content 0 B URL HTTP/2 dsoodbye.xyz/MGc1RUwfWFY2cWIzfHYYdiFPBx12Xmx2GXMmfXQrViZ8ASoCJhMxJVRaDXd5CVYEYzxZAwh2fhYUQSQ4RRQIdGpZCVMqcRYRCHViCEkEdWIAQUB4fRYTRSQrDVYTNThECwh0egZSAnJ6BFABfH0H
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MGc1RUwfWFY2cWIzfHYYdiFPBx12Xmx2GXMmfXQrViZ8ASoCJhMxJVRaDXd5CVYEYzxZAwh2fhYUQSQ4RRQIdGpZCVMqcRYRCHViCEkEdWIAQUB4fRYTRSQrDVYTNThECwh0egZSAnJ6BFABfH0H HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdgACWUc5%2FHVqaBxGJPptF4nDxvzBW3bXqCwvkEQ%2F98Z%2FoXVHmIECIdWi%2F87XDLfWV9SHm4wo%2Bf0h8tGcCDuHg3PL8X%2Bk8F%2FV1Iq3RucE%2FMd5%2B8D70iJTSIncwMYiIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca991ba9b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dsoodbye.xyz/VWh3cVZ6VxQCawMGLTwCZzIaIB5kUCFDBBYOLwkHDD0tRzJkMVEFPzFVTkVvbV5DVyY8DEpAbnMbAxAiIBtKQHA8BhEea3MeSkB4ZUZFX2ZzHUpAcCEYFhZrZE4HBSI5VUZHYGBfQEdiYlxOQmU
204 No Content 0 B URL HTTP/2 dsoodbye.xyz/VWh3cVZ6VxQCawMGLTwCZzIaIB5kUCFDBBYOLwkHDD0tRzJkMVEFPzFVTkVvbV5DVyY8DEpAbnMbAxAiIBtKQHA8BhEea3MeSkB4ZUZFX2ZzHUpAcCEYFhZrZE4HBSI5VUZHYGBfQEdiYlxOQmU
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VWh3cVZ6VxQCawMGLTwCZzIaIB5kUCFDBBYOLwkHDD0tRzJkMVEFPzFVTkVvbV5DVyY8DEpAbnMbAxAiIBtKQHA8BhEea3MeSkB4ZUZFX2ZzHUpAcCEYFhZrZE4HBSI5VUZHYGBfQEdiYlxOQmU HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cCtNgK5dbTA688v%2B9xJVQKF7RpUHxTuhpr6jIfANtS35jbuXr52Edk9DeR771XMApLL84C9l47Whoxz33%2FHTZMCKFp1WzFhJiGcjQknXj9c481k4%2FrIwyR20ctHCGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca992bc9b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 1.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash bc2be29997bc7e1eb382f008e90611a9
4e3c307ff8e3aa91fdb1a92bf834c321837e740e
a1941e8f75bc8763e128e982b2d64e2eb6a387c953028c876ca308a63f16050e
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dsoodbye.xyz/a0JNVUZEfS4mewkvfBwUWjIaAnVeZ38THwcyLDAoPTAaOT5SJhoYYB8rKWhxXXZ8YXdNMiQxe1pkPiEnHzc+aHdNKyMzKVZkO2h3RXF5e3RSbH1zM1ZzayE2CiVwZGAbNjk5e1p0e2BxXHR5YnJSdng
204 No Content 0 B URL HTTP/2 dsoodbye.xyz/a0JNVUZEfS4mewkvfBwUWjIaAnVeZ38THwcyLDAoPTAaOT5SJhoYYB8rKWhxXXZ8YXdNMiQxe1pkPiEnHzc+aHdNKyMzKVZkO2h3RXF5e3RSbH1zM1ZzayE2CiVwZGAbNjk5e1p0e2BxXHR5YnJSdng
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a0JNVUZEfS4mewkvfBwUWjIaAnVeZ38THwcyLDAoPTAaOT5SJhoYYB8rKWhxXXZ8YXdNMiQxe1pkPiEnHzc+aHdNKyMzKVZkO2h3RXF5e3RSbH1zM1ZzayE2CiVwZGAbNjk5e1p0e2BxXHR5YnJSdng HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taQq13fhhM8oT3XfHLmKiwCmcab5qSdf0LKy7lY8d2Zu3GrhJB6kjkKwNGYoRO%2F1FVpYBKMgyhko19jLlkQmdrEAipsFis5VgzLw7BDz5P%2B7NxmPbmKI2HvGDLqzfiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca993bebb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 2ff9e093c9092860481e7f37cc4e20aa
ee1cce98fc83b392d7865eb6736862a661b6ebf1
c18fa2f6e25dff3de97b1deaabdcd16945ceedcaedc17241b5881e4fb0655082
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C18FA2F6E25DFF3DE97B1DEAABDCD16945CEEDCAEDC17241B5881E4FB0655082"
Last-Modified: Thu, 13 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17758
Expires: Sat, 15 Oct 2022 00:37:13 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
dsoodbye.xyz/bFRMNlVDay9FaD8uCk43XDx1dD4IMSlYJi4GIANgDzMKcA0kP2pCPAhpdARgVWV9ECUFMHEFZ0onOFchGSdxBGVcY2pfOwo7cQRzGml8GG1CZXwYZUohcQdzGCQtUWhdcjxCIQBpfQBjWWN7AGFbYHUHbA
204 No Content 0 B URL HTTP/2 dsoodbye.xyz/bFRMNlVDay9FaD8uCk43XDx1dD4IMSlYJi4GIANgDzMKcA0kP2pCPAhpdARgVWV9ECUFMHEFZ0onOFchGSdxBGVcY2pfOwo7cQRzGml8GG1CZXwYZUohcQdzGCQtUWhdcjxCIQBpfQBjWWN7AGFbYHUHbA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bFRMNlVDay9FaD8uCk43XDx1dD4IMSlYJi4GIANgDzMKcA0kP2pCPAhpdARgVWV9ECUFMHEFZ0onOFchGSdxBGVcY2pfOwo7cQRzGml8GG1CZXwYZUohcQdzGCQtUWhdcjxCIQBpfQBjWWN7AGFbYHUHbA HTTP/1.1
Host: dsoodbye.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4vZr%2FdsUB%2BW0JJT6YDYmjpmzjpJxBsyARryMgF5IlY2n3%2BU50tqiy%2Bs5BnJY%2BglUdDx4%2BbL1daGjhC5A3NJpF7qeQea6FghK0VTGL1hy9vnd0SBGCz47WUWS3FvgIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca993c00b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rearlyinthes.xyz/MVBIeHlQMisVRlBtKl4MQzx1XUt3dXo+HVw9MhMfVWh6DxhIPmYbFV4lLB4LXj48VhdUJG1KP0AeDio1fD0SIDZIBh0vLHBpBA9AVBIlPgBwYSsrKVs4LDs8YyAYIBZ/Mh89I1QCLDcaW2kBOR5dOyouTXkHIjZLdxEGGTcCCQwpP2QnAylAYhUhOU5pAXgyMGIGHzlIeGkCLhpyFSE9CHUnPBo1WBotOxVnKC0gK2UXJSoMcBYRGzV5PwwpDlIHKh87ZgcMSBVjKHwqI18kAyAeeBwuKSN1EjAiDHAWEj8wXGQKMg4AORIpM2EVHyJOZwEGIClIfRkgL3kaJR0OfwcKPy8GEXg1PmsTeRo/dxUxMjxBFAoQM0gSDR88Ujp8KC9GdiILFl8gdQ4xWgl9KjJAKg
200 OK 1.2 kB URL HTTP/2 rearlyinthes.xyz/MVBIeHlQMisVRlBtKl4MQzx1XUt3dXo+HVw9MhMfVWh6DxhIPmYbFV4lLB4LXj48VhdUJG1KP0AeDio1fD0SIDZIBh0vLHBpBA9AVBIlPgBwYSsrKVs4LDs8YyAYIBZ/Mh89I1QCLDcaW2kBOR5dOyouTXkHIjZLdxEGGTcCCQwpP2QnAylAYhUhOU5pAXgyMGIGHzlIeGkCLhpyFSE9CHUnPBo1WBotOxVnKC0gK2UXJSoMcBYRGzV5PwwpDlIHKh87ZgcMSBVjKHwqI18kAyAeeBwuKSN1EjAiDHAWEj8wXGQKMg4AORIpM2EVHyJOZwEGIClIfRkgL3kaJR0OfwcKPy8GEXg1PmsTeRo/dxUxMjxBFAoQM0gSDR88Ujp8KC9GdiILFl8gdQ4xWgl9KjJAKg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3009), with no line terminators
Hash 29df846b197dfd726c3a457c284536b2
b5fddb9895e4e237ba9d7dd1fecd833a8483fb84
430d8527eb94954b80e59146fa3f2885f1ef69e583355a6bb7ab43119d14f1d3
GET /MVBIeHlQMisVRlBtKl4MQzx1XUt3dXo+HVw9MhMfVWh6DxhIPmYbFV4lLB4LXj48VhdUJG1KP0AeDio1fD0SIDZIBh0vLHBpBA9AVBIlPgBwYSsrKVs4LDs8YyAYIBZ/Mh89I1QCLDcaW2kBOR5dOyouTXkHIjZLdxEGGTcCCQwpP2QnAylAYhUhOU5pAXgyMGIGHzlIeGkCLhpyFSE9CHUnPBo1WBotOxVnKC0gK2UXJSoMcBYRGzV5PwwpDlIHKh87ZgcMSBVjKHwqI18kAyAeeBwuKSN1EjAiDHAWEj8wXGQKMg4AORIpM2EVHyJOZwEGIClIfRkgL3kaJR0OfwcKPy8GEXg1PmsTeRo/dxUxMjxBFAoQM0gSDR88Ujp8KC9GdiILFl8gdQ4xWgl9KjJAKg HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1170
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: qvH30IxyMVv7NCWOIPMRIX0rjDwOZ6zZwG5K6CYnw7zCXJbChlobfA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
200 OK 5.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash 4f71f54df5f06ef0c419ca2d971bf6f3
229ccc1ed298a0f41bf448a5933311829366f41b
14c894fcc6ad7dc10a0d5aecc4b5ee57eb29e7e9b5f0c26a7e32a2e22eaa2c21
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
rearlyinthes.xyz/cklQZm0TKzMLUhN0MkAYACVtQ180bGIgCR8kKg0LFnFiEQwLJ34FAR08NAAfHSckSAMXPXVUKzEdFzQ1IRwjEC4IIiYCKRUHHVU/Siw8MAAREWEXKRsYPSw5ChMAD1xFBjdWGDgIaBYjC30YLl8dGBw1XEAvFS9aOQoFFDoqDCMsPksTCgtVAwIRPBwUHmBSKzYuOQIEFS0dIigZACgjAT4NOBcoJhNgLAQ/LAAPOBwFBSABNnplDzs6A2cDXyMqCggFBy8pPBQXeiMBKSYiaCtfHh4KHCsILDoSBRQeZUNfNAM+LFoXM2Q1DhwmGwI7OHw1MScCHz1LDgcFOV49PQ4oUy4eEz4DJQZxBjEJRis+Uzg/GhFTJiMAZCs6R2xiJCQffHVUKygRKCUkHBtmQAcBJj4WUBstYBAECyQUAz4LBwQ
200 OK 1.2 kB URL HTTP/2 rearlyinthes.xyz/cklQZm0TKzMLUhN0MkAYACVtQ180bGIgCR8kKg0LFnFiEQwLJ34FAR08NAAfHSckSAMXPXVUKzEdFzQ1IRwjEC4IIiYCKRUHHVU/Siw8MAAREWEXKRsYPSw5ChMAD1xFBjdWGDgIaBYjC30YLl8dGBw1XEAvFS9aOQoFFDoqDCMsPksTCgtVAwIRPBwUHmBSKzYuOQIEFS0dIigZACgjAT4NOBcoJhNgLAQ/LAAPOBwFBSABNnplDzs6A2cDXyMqCggFBy8pPBQXeiMBKSYiaCtfHh4KHCsILDoSBRQeZUNfNAM+LFoXM2Q1DhwmGwI7OHw1MScCHz1LDgcFOV49PQ4oUy4eEz4DJQZxBjEJRis+Uzg/GhFTJiMAZCs6R2xiJCQffHVUKygRKCUkHBtmQAcBJj4WUBstYBAECyQUAz4LBwQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash da2a6f27de0d970e3901ea7a33e66c78
a88d10bf0c2999422fb68584dabccfe3be3f6462
686d0afe3834b3b272d2443071db159fe9821848c2c12c7c305dafef90222bc5
GET /cklQZm0TKzMLUhN0MkAYACVtQ180bGIgCR8kKg0LFnFiEQwLJ34FAR08NAAfHSckSAMXPXVUKzEdFzQ1IRwjEC4IIiYCKRUHHVU/Siw8MAAREWEXKRsYPSw5ChMAD1xFBjdWGDgIaBYjC30YLl8dGBw1XEAvFS9aOQoFFDoqDCMsPksTCgtVAwIRPBwUHmBSKzYuOQIEFS0dIigZACgjAT4NOBcoJhNgLAQ/LAAPOBwFBSABNnplDzs6A2cDXyMqCggFBy8pPBQXeiMBKSYiaCtfHh4KHCsILDoSBRQeZUNfNAM+LFoXM2Q1DhwmGwI7OHw1MScCHz1LDgcFOV49PQ4oUy4eEz4DJQZxBjEJRis+Uzg/GhFTJiMAZCs6R2xiJCQffHVUKygRKCUkHBtmQAcBJj4WUBstYBAECyQUAz4LBwQ HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: M-JKTfBvLQfYElE-naYCDEFr2gk1JkC2trU_v1eTsCVfmaRpqGHI1w==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1850162
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyymQRP24t8VlU1ZOqh2SjdXok2%2BkO8atDWDHn2hsOazfOJqKYVWYLtNVSLe8S5CNf%2Ffj%2FLSBpKWUvuXHi5oRNd9jxL%2FU29uQ7kaZw%2BlWkBWS6GmImIEnY4yk%2BrDsMwLxWQ5qz9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2ca9a4ff1b4ee-OSL
X-Firefox-Spdy: h2
rearlyinthes.xyz/V0p0Vmk2KBc7VjZ3FnAcJSZJc1sRb0YQDTonDj0PM3JGIQguJFo1BTg/EDAbOCQAeAcyPlFkLxMeMyYaNSAhICsGAz0VAzAONxAkFC8YYw0ALSYnKBVyNgETLxI6PDsyBSAXTGUMMmceIwUTMQ8OPT0mOj86JB0vMyknEAIjCDUiPRIzHxMtZgcxNw4kAzAXAWMeNjEMACMQDioVLicYKAIOM2YKJw0hOQsBAjEeKC8YFx8oDgQnIQocEkQcDBICQTc7FRMxMDxuLDgUK3J4NgEOFgIjLAIEGSIhLxkMPjckBgRAAlhvOTEeXDYCHDE4MTMAAD4VPkwHWXomFxQ6JBowIT82KyIxGA8LIm8+OzISFDFmGiw6XAMAJjEjFAwbZj1mfhsSIScPLBMBFikiJU89ORs4GWoQLj0cDRkNPwgHLgUAJxQ
200 OK 1.2 kB URL HTTP/2 rearlyinthes.xyz/V0p0Vmk2KBc7VjZ3FnAcJSZJc1sRb0YQDTonDj0PM3JGIQguJFo1BTg/EDAbOCQAeAcyPlFkLxMeMyYaNSAhICsGAz0VAzAONxAkFC8YYw0ALSYnKBVyNgETLxI6PDsyBSAXTGUMMmceIwUTMQ8OPT0mOj86JB0vMyknEAIjCDUiPRIzHxMtZgcxNw4kAzAXAWMeNjEMACMQDioVLicYKAIOM2YKJw0hOQsBAjEeKC8YFx8oDgQnIQocEkQcDBICQTc7FRMxMDxuLDgUK3J4NgEOFgIjLAIEGSIhLxkMPjckBgRAAlhvOTEeXDYCHDE4MTMAAD4VPkwHWXomFxQ6JBowIT82KyIxGA8LIm8+OzISFDFmGiw6XAMAJjEjFAwbZj1mfhsSIScPLBMBFikiJU89ORs4GWoQLj0cDRkNPwgHLgUAJxQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash a1e67100d88e4f3c71b0ec00c7a147ff
3ebcf64117a86b5d9d94424b16516a173ee67250
5044d33c98be698b412004a828f288dae1c49089fdd048a7f764408a6a9ed291
GET /V0p0Vmk2KBc7VjZ3FnAcJSZJc1sRb0YQDTonDj0PM3JGIQguJFo1BTg/EDAbOCQAeAcyPlFkLxMeMyYaNSAhICsGAz0VAzAONxAkFC8YYw0ALSYnKBVyNgETLxI6PDsyBSAXTGUMMmceIwUTMQ8OPT0mOj86JB0vMyknEAIjCDUiPRIzHxMtZgcxNw4kAzAXAWMeNjEMACMQDioVLicYKAIOM2YKJw0hOQsBAjEeKC8YFx8oDgQnIQocEkQcDBICQTc7FRMxMDxuLDgUK3J4NgEOFgIjLAIEGSIhLxkMPjckBgRAAlhvOTEeXDYCHDE4MTMAAD4VPkwHWXomFxQ6JBowIT82KyIxGA8LIm8+OzISFDFmGiw6XAMAJjEjFAwbZj1mfhsSIScPLBMBFikiJU89ORs4GWoQLj0cDRkNPwgHLgUAJxQ HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: KxiFfVPLaHlbsp_dCGnSmL73hX9pJnjzKexlttmP2xt8eyAm9C8iQA==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GafVisTW6TOEHyvSXkLGuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jAOiqpRYux5Fc3cqOdgYt9lU8E0=
rearlyinthes.xyz/MXI1MnJQEFZfTVBPVxQHQx4IF0B3Vwd0FlwfT1kUVUoHRRNIHBtRHl4HUVQAXhxBHBxUBhAANEcRBHgoaBx4YyJlEXBmM1JFZWRLfSByYANkQkFkPXIde3ojfwR9RTBzOExoBHwFZGMoSR1hYiRkH3xFKH4jBmNDcAoFZxACSn16IHMEVHcjYjRPcBlnHmB6O1srf2YaUgBlWh1SOnZRAHMFd2Q4SxpTehpGHXhzRlc3W1YAezdvVitfCmRjQ0IDVHQ8ZiN3cEpkN3hUPUsRbXFDaxVUYAJ9IGQDBGceb3M3eQpkYwV0GVN0N0ghWGBBZB5FZSt2X150NFkzAHwZVTB7ZTBBJwV8NmhAWWYkWjRcYgVCMHNYIwM1WWgwdzV3ZypkPAV+NAgxE1gBXhxFDzRTQGFGRGAFVgcxQDw
200 OK 1.2 kB URL HTTP/2 rearlyinthes.xyz/MXI1MnJQEFZfTVBPVxQHQx4IF0B3Vwd0FlwfT1kUVUoHRRNIHBtRHl4HUVQAXhxBHBxUBhAANEcRBHgoaBx4YyJlEXBmM1JFZWRLfSByYANkQkFkPXIde3ojfwR9RTBzOExoBHwFZGMoSR1hYiRkH3xFKH4jBmNDcAoFZxACSn16IHMEVHcjYjRPcBlnHmB6O1srf2YaUgBlWh1SOnZRAHMFd2Q4SxpTehpGHXhzRlc3W1YAezdvVitfCmRjQ0IDVHQ8ZiN3cEpkN3hUPUsRbXFDaxVUYAJ9IGQDBGceb3M3eQpkYwV0GVN0N0ghWGBBZB5FZSt2X150NFkzAHwZVTB7ZTBBJwV8NmhAWWYkWjRcYgVCMHNYIwM1WWgwdzV3ZypkPAV+NAgxE1gBXhxFDzRTQGFGRGAFVgcxQDw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash 2fd76280995c59097edab3005af5eb92
74de71243299718245d8bc2ecae1d33598d32758
05b90ca99b0a9c009a3ee3e529cad26bf6bb19f59f049a4c4cbd03f1f9ee4692
GET /MXI1MnJQEFZfTVBPVxQHQx4IF0B3Vwd0FlwfT1kUVUoHRRNIHBtRHl4HUVQAXhxBHBxUBhAANEcRBHgoaBx4YyJlEXBmM1JFZWRLfSByYANkQkFkPXIde3ojfwR9RTBzOExoBHwFZGMoSR1hYiRkH3xFKH4jBmNDcAoFZxACSn16IHMEVHcjYjRPcBlnHmB6O1srf2YaUgBlWh1SOnZRAHMFd2Q4SxpTehpGHXhzRlc3W1YAezdvVitfCmRjQ0IDVHQ8ZiN3cEpkN3hUPUsRbXFDaxVUYAJ9IGQDBGceb3M3eQpkYwV0GVN0N0ghWGBBZB5FZSt2X150NFkzAHwZVTB7ZTBBJwV8NmhAWWYkWjRcYgVCMHNYIwM1WWgwdzV3ZypkPAV+NAgxE1gBXhxFDzRTQGFGRGAFVgcxQDw HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1177
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: nSCzoVYCg_uQkeOpTHhYWTPW6xDeXppHYIHw3T-PEej1MdSq0MIUng==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ebf2534c4889148bd8d3fc2f6838389
4dbb7caf77eb121a4164065b893d6a0f869a94d5
25d12b306e077a68af2386647c2eeb9976a9363121da9e732e15fe880f822bcd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25D12B306E077A68AF2386647C2EEB9976A9363121DA9E732E15FE880F822BCD"
Last-Modified: Fri, 14 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sat, 15 Oct 2022 00:22:15 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1665776475029
200 OK 26 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1665776475029
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash 4c0f95d070b0e7dab04679d188529f27
dbc66542bcac7095cd14a2974a3e81668e73b179
c9d165972270c2de267de993c00cf30661225cd994bb31b2a86f5a0682d36677
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1665776475029 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDsyRDY2KveCG7w0xLH5AAZ4VrF4MfYqKMit2O6iCKlozyYjSfNYJjuWtpDWv%2Bgf88gS0d5LYTkMQJ%2FWGmOOxYj4TQrGhtaLQjFjtnyLasRp%2FhUfh41x7R2zLBzlfHFUK1ptP5L8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca996e3eb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Fri, 14 Oct 2022 19:29:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ox4wbzYh5HbgRPCJ66BTwErR8xmsvCeD0i1XP7b9i1pOapEhswmi1A==
age: 720
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3693b869a30652f2e5cededbf71e80e8
01ff56e45ff18ee14a80bd5b4e1c8152349d32e4
3973913ec49401d91d2a5e30cf8470b70def89e4333d24b1c073694feea14953
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=166123
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Etag: "63498ec0-1d7"
Expires: Sun, 16 Oct 2022 17:49:58 GMT
Last-Modified: Fri, 14 Oct 2022 16:30:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
imp9.bidgear.com/rec?t=1&z=6192&uuid=8abb019a322042cc88a87d278204f59c&p=28&g=NO&token=4a44335432&tbg=1665776475
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=8abb019a322042cc88a87d278204f59c&p=28&g=NO&token=4a44335432&tbg=1665776475
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=8abb019a322042cc88a87d278204f59c&p=28&g=NO&token=4a44335432&tbg=1665776475 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTRT6GP%2FQzEC%2FPpgg7XN2Xdhg%2BKKGRtete%2Bnz3ysSdpmAfdYPKnstpHHzFedGZHHijIlEUXvbcQX0mjUN8KlONvvXQ2MOaSa2yqIGJlVYU9dp7FlaqhAW8gCaSRvLqBPPok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca9a4ff8b4ee-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3820e68819e3478c9524c9d426016dd1
ec2ff6c8f6976d578bee8fd03e804ebd96a75904
8c6a1c774384a4a22dad78eb7bd76535527f02e06a936578eda9d15088a90b74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 14 Oct 2022 18:41:09 GMT
expires: Fri, 14 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 3606
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 282 B IP
Hash 9bba19315698943cdcaff383ab7b5663
7406ef2b70549f8c28a7e554cf549c2d479d54d8
fce904a2e198103d8e7013413a3e3287a0417347bbf5dcc5c6869836c07ec397
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2022 19:41:15 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 09:53:50 GMT
Expires: Tue, 18 Oct 2022 09:53:49 GMT
Etag: "7406ef2b70549f8c28a7e554cf549c2d479d54d8"
Cache-Control: max-age=309753,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a2ca99f884b4f3-OSL
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash d19d4d3c9994a4ede38144cdb282bd0a
db5e0312d8e282e31e837762422d6f4f8d387880
25bd768d579e2cfde83914e8e168416f86678913ad50ff9552c6782e61354988
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25BD768D579E2CFDE83914E8E168416F86678913AD50FF9552C6782E61354988"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Fri, 14 Oct 2022 20:42:30 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3820e68819e3478c9524c9d426016dd1
ec2ff6c8f6976d578bee8fd03e804ebd96a75904
8c6a1c774384a4a22dad78eb7bd76535527f02e06a936578eda9d15088a90b74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/CTGRXSUsvCzkvdDgNM3R8elVmcX1qDiQmJTxZPi17Og0uJA8pNy4HH2oQLS12fEI7KCUrWXEsJS9ZZm8qKAZqfW04FDgidigdMDEkIxElLDhqETZ0JiMePiUnLUFlD35iVHJ7e2QcZnhufyZye3sgDTk8M2lWZzFzejthfW5/JnJ7ez4ScnoKdVJ5eWJpVm-cuLi8POGx5ClZneHt8VWd4bn5UMSA5KQI4MW5+Im5/ZXxCInR6
200 OK 594 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/CTGRXSUsvCzkvdDgNM3R8elVmcX1qDiQmJTxZPi17Og0uJA8pNy4HH2oQLS12fEI7KCUrWXEsJS9ZZm8qKAZqfW04FDgidigdMDEkIxElLDhqETZ0JiMePiUnLUFlD35iVHJ7e2QcZnhufyZye3sgDTk8M2lWZzFzejthfW5/JnJ7ez4ScnoKdVJ5eWJpVm-cuLi8POGx5ClZneHt8VWd4bn5UMSA5KQI4MW5+Im5/ZXxCInR6
IP
File type ASCII text, with very long lines (825), with no line terminators
Hash 4876252336612e8c0d344b4ca7713b1a
bd0d3265f7f1194a515d25548f800b8a1e1873b8
ff2d68d7fbb76a1adb66bdc4856ac7119654efa7e014fcdb5554afb081b78d85
GET /CTGRXSUsvCzkvdDgNM3R8elVmcX1qDiQmJTxZPi17Og0uJA8pNy4HH2oQLS12fEI7KCUrWXEsJS9ZZm8qKAZqfW04FDgidigdMDEkIxElLDhqETZ0JiMePiUnLUFlD35iVHJ7e2QcZnhufyZye3sgDTk8M2lWZzFzejthfW5/JnJ7ez4ScnoKdVJ5eWJpVm-cuLi8POGx5ClZneHt8VWd4bn5UMSA5KQI4MW5+Im5/ZXxCInR6 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rearlyinthes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RvcD_bJNsss5FdNjAFvtikjBrMOz5a41f4Pnn7mGeE8EoOTVYnupJg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 8e2969e3c7b2180c41b081f8c8267a03
05393f20a27373348f203f5871112738eccff04c
8fa3dd8975b767f9d247d181ad33d6b3d0890a6bb2908f5fbc145ab4ee53a1f1
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Oct 2022 19:41:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1358407823%3A1665776475406858&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBxYvRNO-dsqj1CgDK1b3GsRbPt6HvbvfJ8EM_XpsnN0bSUTSgKnXcCKirqjv4_1YedBM5aQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-rz4s2x38f7rfwBdK6Rm7Kw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:96iPE0TJ7nQy_1gU_a73gQ_rVmZg8Q:5S3xzLPZVXJdiffl;Path=/;Expires=Sun, 13-Oct-2024 19:41:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/rVWhlcmo2BwsUVSEBAU9TYVFdRF5zAhYdBCVVMRQBbCE2GwwxDjwrTCESAU9acwQEHA1oTgAcCWhZQxMON1VRVB80VQgdEDwECRNPZy5QXFpwWlVaEmRZQEEocFpVHgM7HR1XWGUQXUQ1Y1xAQShwWlUAHHBbJEtce1hMV1hlDwARATpNVzRYZVlVQltlWU-BAWjMBFxcMOhBAQCxsXktCTCBVVA
200 OK 183 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/rVWhlcmo2BwsUVSEBAU9TYVFdRF5zAhYdBCVVMRQBbCE2GwwxDjwrTCESAU9acwQEHA1oTgAcCWhZQxMON1VRVB80VQgdEDwECRNPZy5QXFpwWlVaEmRZQEEocFpVHgM7HR1XWGUQXUQ1Y1xAQShwWlUAHHBbJEtce1hMV1hlDwARATpNVzRYZVlVQltlWU-BAWjMBFxcMOhBAQCxsXktCTCBVVA
IP
File type ASCII text, with no line terminators
Hash 2b7361f50d350ba9c55d2eea449ed8d5
986beff3499cf8786e1fc4b31a82dc74fc667613
00a87e20c4665f8e92858836eb06375bebb961c60e7bc6ea49ad59a0df353961
GET /rVWhlcmo2BwsUVSEBAU9TYVFdRF5zAhYdBCVVMRQBbCE2GwwxDjwrTCESAU9acwQEHA1oTgAcCWhZQxMON1VRVB80VQgdEDwECRNPZy5QXFpwWlVaEmRZQEEocFpVHgM7HR1XWGUQXUQ1Y1xAQShwWlUAHHBbJEtce1hMV1hlDwARATpNVzRYZVlVQltlWU-BAWjMBFxcMOhBAQCxsXktCTCBVVA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rearlyinthes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 183
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y0HZwHu_dbJ3OuRTLPu7NbeTYFqQkHPRDmt2axy-fpFVnL9kcGoiZw==
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1664851659&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&ul=en-us&de=UTF-8&dt=fg-optional-mp-zombie-01.bin%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1333897916&gjid=1194779889&cid=1383461065.1665776475&tid=UA-108868042-1&_gid=158947235.1665776475&_r=1>m=2ouaa0&z=88959292
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1664851659&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&ul=en-us&de=UTF-8&dt=fg-optional-mp-zombie-01.bin%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1333897916&gjid=1194779889&cid=1383461065.1665776475&tid=UA-108868042-1&_gid=158947235.1665776475&_r=1>m=2ouaa0&z=88959292
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1664851659&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&ul=en-us&de=UTF-8&dt=fg-optional-mp-zombie-01.bin%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1333897916&gjid=1194779889&cid=1383461065.1665776475&tid=UA-108868042-1&_gid=158947235.1665776475&_r=1>m=2ouaa0&z=88959292 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Fri, 14 Oct 2022 19:41:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/DTGpsbjUvBQIICjgDCFMCel5dWgRqAB8BWzxXNjReOTA/F1wtOggfYwIpShpPKFdcSFktBAtTEykED1MEagsIDAh4TBgeWidXCBdSNAUDG0cpGUobVHEHAxRcIAYNSwcKX0JeEH5aRBYEfU9fLBB+WgAHWzkSSVwFNFJaMQN4T18sEH5aHhgQfytVWBt8Q0-lcBSsPDwVaaVgqXAV9WlxfBX1PXl5TJRgJCFo0T14oDHpEXEhAcVs
200 OK 585 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/DTGpsbjUvBQIICjgDCFMCel5dWgRqAB8BWzxXNjReOTA/F1wtOggfYwIpShpPKFdcSFktBAtTEykED1MEagsIDAh4TBgeWidXCBdSNAUDG0cpGUobVHEHAxRcIAYNSwcKX0JeEH5aRBYEfU9fLBB+WgAHWzkSSVwFNFJaMQN4T18sEH5aHhgQfytVWBt8Q0-lcBSsPDwVaaVgqXAV9WlxfBX1PXl5TJRgJCFo0T14oDHpEXEhAcVs
IP
File type ASCII text, with very long lines (823), with no line terminators
Hash 2f80dbaa069528d52507afddc51588db
7c4e270b7dc1202af1eab336804e52555ff02ead
2bb7ea43e2144c9fa3d416646bf4605debbeb9d1ece505b627587c70cf751746
GET /DTGpsbjUvBQIICjgDCFMCel5dWgRqAB8BWzxXNjReOTA/F1wtOggfYwIpShpPKFdcSFktBAtTEykED1MEagsIDAh4TBgeWidXCBdSNAUDG0cpGUobVHEHAxRcIAYNSwcKX0JeEH5aRBYEfU9fLBB+WgAHWzkSSVwFNFJaMQN4T18sEH5aHhgQfytVWBt8Q0-lcBSsPDwVaaVgqXAV9WlxfBX1PXl5TJRgJCFo0T14oDHpEXEhAcVs HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rearlyinthes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 585
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rPoBlx8SzpDfNDA5Pw_N-ZL7iiq6hJI4EtOyuuCWn9HWl85OXkOWww==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
200 OK 2.4 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5237), with no line terminators
Hash 2db2f8a8fb351bcfd25092287f77965f
51eb732997a36ad3f476843126c0c3f83124019c
c57329939d6967344c7e1bdb087fb22d1b362148737717344f0fc4ffdcbc44fd
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Oct 2022 19:41:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%226349bb5b6c0eb8.7601171142250556%22%3B%7D; expires=Sun, 13-Oct-2024 19:41:15 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 126262e356ca22c289df36ac5caf79f9
7c213914cc3d71979b21ec024c4dcef00b771d82
4939f05647f8b979c7a14836fe01f70343f507ac8dc6b4824f0ee9f94bd03b19
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Oct 2022 19:41:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S571093624%3A1665776475454326&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqSvdjsnTlZWfDKd7HSs4zI5dcdaj1MeCdyZEigP0YCkDjsB0hLded25ghyTR6eId1FFdO-cA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-IYf_INWlhaBIH37RKaFO2g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:6Sz1X53Q4WcdYENheCafamPsgjjZrw:cBYI3xq7Cj13jZUA;Path=/;Expires=Sun, 13-Oct-2024 19:41:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/qNFRLMmZXOyVUWUA9Lw9eBmFyA1cSPjhdCERpPXoNbWEZeRdOcj9IAglkbV4HWjN2FANaN3YDQFUwKQ9SEiA7XQ0JISVWA1I9JVcCEiEqDwtbLiJeClVxeXRTGmRuAFYcLHoDQwcWbgBWWD0lRx4RZntKXgILfQZDBxZuAFZGIm4BJw1iZQJPEWZ7VQNXPy-QXVHJmewNWBGV7A0MGZC1bFFEyJEpDBhJyBEgEcj4PVw
200 OK 347 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/qNFRLMmZXOyVUWUA9Lw9eBmFyA1cSPjhdCERpPXoNbWEZeRdOcj9IAglkbV4HWjN2FANaN3YDQFUwKQ9SEiA7XQ0JISVWA1I9JVcCEiEqDwtbLiJeClVxeXRTGmRuAFYcLHoDQwcWbgBWWD0lRx4RZntKXgILfQZDBxZuAFZGIm4BJw1iZQJPEWZ7VQNXPy-QXVHJmewNWBGV7A0MGZC1bFFEyJEpDBhJyBEgEcj4PVw
IP
File type ASCII text, with very long lines (449), with no line terminators
Hash 5b42e463f39b2e753079362dccff8fe0
5488563040ebc764d639586f28bf8fd915767333
fb67374deaa7a083b620c6f2009e875a33a1d4ff5e583e31f79011a533f9fe85
GET /qNFRLMmZXOyVUWUA9Lw9eBmFyA1cSPjhdCERpPXoNbWEZeRdOcj9IAglkbV4HWjN2FANaN3YDQFUwKQ9SEiA7XQ0JISVWA1I9JVcCEiEqDwtbLiJeClVxeXRTGmRuAFYcLHoDQwcWbgBWWD0lRx4RZntKXgILfQZDBxZuAFZGIm4BJw1iZQJPEWZ7VQNXPy-QXVHJmewNWBGV7A0MGZC1bFFEyJEpDBhJyBEgEcj4PVw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rearlyinthes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 347
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4qcWa2BB-Gzd1NJ7T0M7xfwRHmSigbF4q6MR90RWRrUMLOcduitgYQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f1123c03abcec7a41d77c94c3e445531
130c0a00aa31b36978fafd594ba6675358ac2117
f057d281b93305bd01078ef0ed79b459dc42d9bcfd49320111b1ff18571a7b38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 3693b869a30652f2e5cededbf71e80e8
01ff56e45ff18ee14a80bd5b4e1c8152349d32e4
3973913ec49401d91d2a5e30cf8470b70def89e4333d24b1c073694feea14953
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=166123
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:41:15 GMT
Etag: "63498ec0-1d7"
Expires: Sun, 16 Oct 2022 17:49:58 GMT
Last-Modified: Fri, 14 Oct 2022 16:30:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash d19d4d3c9994a4ede38144cdb282bd0a
db5e0312d8e282e31e837762422d6f4f8d387880
25bd768d579e2cfde83914e8e168416f86678913ad50ff9552c6782e61354988
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25BD768D579E2CFDE83914E8E168416F86678913AD50FF9552C6782E61354988"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Fri, 14 Oct 2022 20:42:30 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
dmmzkfd82wayn.cloudfront.net/vc1JZYnMQPTcETAc7PV9LRGRqU0tVOCoNHQNvHwBBJyZvMwQQZxoTPVUmIwZOQ3Q1Ax0Ub38HHRBvaEQSFzBkVlUHIjYJThcrPhocHCcrBwBVJzhfHhwoMA4fEndrJEZdYnxQQ1sqaFNWQBB8UEMfOzcXC1ZgaRpLRQ1vVlZAEHxQQwEkfFEySmR3UlpWYG-kFFhA5NkdBNWBpU0NDY2lTVkFiPwsBFjQ2GlZBFGBUXUN0LF9C
200 OK 441 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/vc1JZYnMQPTcETAc7PV9LRGRqU0tVOCoNHQNvHwBBJyZvMwQQZxoTPVUmIwZOQ3Q1Ax0Ub38HHRBvaEQSFzBkVlUHIjYJThcrPhocHCcrBwBVJzhfHhwoMA4fEndrJEZdYnxQQ1sqaFNWQBB8UEMfOzcXC1ZgaRpLRQ1vVlZAEHxQQwEkfFEySmR3UlpWYG-kFFhA5NkdBNWBpU0NDY2lTVkFiPwsBFjQ2GlZBFGBUXUN0LF9C
IP
File type ASCII text, with very long lines (589), with no line terminators
Hash ac28cca0105c1ae2ea5b2d862d0f1202
4ed9930d41dfe680f3be1bb0cf7f06fe43533357
702a9706d9f0976edd680b67eaa1cd5d234d371218e15ea0d57499f9e75c0001
GET /vc1JZYnMQPTcETAc7PV9LRGRqU0tVOCoNHQNvHwBBJyZvMwQQZxoTPVUmIwZOQ3Q1Ax0Ub38HHRBvaEQSFzBkVlUHIjYJThcrPhocHCcrBwBVJzhfHhwoMA4fEndrJEZdYnxQQ1sqaFNWQBB8UEMfOzcXC1ZgaRpLRQ1vVlZAEHxQQwEkfFEySmR3UlpWYG-kFFhA5NkdBNWBpU0NDY2lTVkFiPwsBFjQ2GlZBFGBUXUN0LF9C HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rearlyinthes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 441
date: Fri, 14 Oct 2022 19:41:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZPsmVAKGEP5fcx05VNaOJTNiwF5ol3GOzFXuABXsN7YswyFz5uCe0Q==
X-Firefox-Spdy: h2
rearlyinthes.xyz/utx?cb=bLDjpCnChdUj&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 rearlyinthes.xyz/utx?cb=bLDjpCnChdUj&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=bLDjpCnChdUj&top=megaup.net&tid=761186 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 14 Oct 2022 19:42:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: 2ZMnCaGX0SVLkjeWO9VBKkZohzsOq0zdRM1cnOTi2t4AZFeYNDHigA==
X-Firefox-Spdy: h2
rearlyinthes.xyz/utx?cb=lKpFhlHdM6UG&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 rearlyinthes.xyz/utx?cb=lKpFhlHdM6UG&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=lKpFhlHdM6UG&top=megaup.net&tid=825911 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 14 Oct 2022 19:42:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: ro3dlmR9TBfWET69SS69eyVbUe0m6Ma4OD-ga9wkuc6qT5DwANh6Mg==
X-Firefox-Spdy: h2
rearlyinthes.xyz/utx?cb=5JOFSjv0ZpLj&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 rearlyinthes.xyz/utx?cb=5JOFSjv0ZpLj&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=5JOFSjv0ZpLj&top=megaup.net&tid=764141 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 14 Oct 2022 19:42:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: SWkt3-T0kIEdy4eneeDYE-TUfixAGx98GJooa5iXbsqCu-yOD620zw==
X-Firefox-Spdy: h2
rearlyinthes.xyz/utx?cb=Iaq8uWhhtVFb&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 rearlyinthes.xyz/utx?cb=Iaq8uWhhtVFb&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Iaq8uWhhtVFb&top=megaup.net&tid=876318 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 14 Oct 2022 19:42:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: 4MucKRNBMASM1NJk1eN7Szpv2NTRPkC40S8uAAIgIlKByr57gTI4NA==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
200 OK 621 kB URL HTTP/2 static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 621 kB (621339 bytes)
Hash c8694e7d5d3b9a928d4d57026ac2b68b
169b9f311167e19bd5061b53fc7e4f528e3ba7a9
0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a
GET /a-ads-banners/406740/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: NAwB9xB3E/0EITr8cQWfXw4L+51+SpcTB+kC8FIlr3fdWeeU+QKFCTzsm+T0+8gSAvZyfzWxUL0=
x-amz-request-id: 9W34BJDY3FYY5DZ2
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:17:39 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: CpzkFSVTHlSKMdhV9N03JaP1PcAFvRyH
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQU4EQQj8ih+YDkUDA3v2rInGB8yMvZ7cmKiJJjxeZjYau9JQIUUBTMwTaILcQE+CEzQDLagJN6jk3f1DCvJ1vCyfb+0yPlIVQpYWQeIZXZwtRUzglgqkcnCUYtauZE5Znj2pwNpFdtaIQGbQ2SXIo2fJnh5vj48CU1bchyd7SnH62h3UV6zCNBAe4otWYY75vCHOGFvfhf+XpSsaIXi3/S0UJhypHuXBlvfvy5b5J7iumnp0lbNInZLrWNY+hFmjrzS620LcA882fNvs/ANvYmrRUgEAAA==
200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQU4EQQj8ih+YDkUDA3v2rInGB8yMvZ7cmKiJJjxeZjYau9JQIUUBTMwTaILcQE+CEzQDLagJN6jk3f1DCvJ1vCyfb+0yPlIVQpYWQeIZXZwtRUzglgqkcnCUYtauZE5Znj2pwNpFdtaIQGbQ2SXIo2fJnh5vj48CU1bchyd7SnH62h3UV6zCNBAe4otWYY75vCHOGFvfhf+XpSsaIXi3/S0UJhypHuXBlvfvy5b5J7iumnp0lbNInZLrWNY+hFmjrzS620LcA882fNvs/ANvYmrRUgEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PQU4EQQj8ih+YDkUDA3v2rInGB8yMvZ7cmKiJJjxeZjYau9JQIUUBTMwTaILcQE+CEzQDLagJN6jk3f1DCvJ1vCyfb+0yPlIVQpYWQeIZXZwtRUzglgqkcnCUYtauZE5Znj2pwNpFdtaIQGbQ2SXIo2fJnh5vj48CU1bchyd7SnH62h3UV6zCNBAe4otWYY75vCHOGFvfhf+XpSsaIXi3/S0UJhypHuXBlvfvy5b5J7iumnp0lbNInZLrWNY+hFmjrzS620LcA882fNvs/ANvYmrRUgEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%226349bb5b6c0eb8.7601171142250556%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 14 Oct 2022 19:41:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%226349bb5b6c0eb8.7601171142250556%22%3B%7D; expires=Sun, 13 Oct 2024 19:41:15 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%226349bb5b6c0eb8.7601171142250556%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sun, 13 Oct 2024 19:41:15 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg
200 OK 16 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 075ae891da5893d6a4914c673bcb23df
9666970f3af4e2c1501312eadc910fa7da72a5ce
06d0a655b9bf19996a5b1ffd875265a285bb753cf2798a61beb4aefd5e430657
GET /library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/jpeg
content-length: 15657
last-modified: Wed, 26 May 2021 05:14:02 GMT
etag: "60add91a-3d29"
expires: Sat, 29 Jul 2023 14:09:02 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690681173
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ3FTnb/hi9lAA
x-77-nzt-ray: lG5xNAmiLo4
x-cache: HIT
x-age: 6631302
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
rearlyinthes.xyz/utx?tid=832633&top=megaup.net&cb=qKoRdgg1TlI6
204 No Content 0 B URL HTTP/2 rearlyinthes.xyz/utx?tid=832633&top=megaup.net&cb=qKoRdgg1TlI6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=qKoRdgg1TlI6 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 14 Oct 2022 19:42:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: yCVv54v7b4-sTVoJl_dvtlcsqUJPBL5c3WIHAwgUyOnP_aM5wwXIDg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0a74d0c35266a2d8e6a3bf79f4d56166
6e206c34e02666f8c425217434098a97ca4fc78e
7b9aec1cf137044f05f47a34c03d88e244040e404a96594ca68c982fc3c64828
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B9AEC1CF137044F05F47A34C03D88E244040E404A96594CA68C982FC3C64828"
Last-Modified: Fri, 14 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19909
Expires: Sat, 15 Oct 2022 01:13:04 GMT
Date: Fri, 14 Oct 2022 19:41:15 GMT
Connection: keep-alive
rearlyinthes.xyz/multi?cs=Tm5abEh2W2hceHtXaVV6fl1sXHE&abt=0&red=1&sm=76&k=download%20file%20optional%20zombie&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_RMQY=1665776475657&crc=1
200 OK 1.5 kB URL HTTP/2 rearlyinthes.xyz/multi?cs=Tm5abEh2W2hceHtXaVV6fl1sXHE&abt=0&red=1&sm=76&k=download%20file%20optional%20zombie&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_RMQY=1665776475657&crc=1
IP
File type ASCII text, with very long lines (3147), with no line terminators
Hash b6a04e594763c04b578d5912146b224b
6e252312c6cbc9c4841b8398430e07ce3d4fe5a6
d79c8fa95d661e354d202ef9306b76e02c8cdfd0f1c5e45e3b8a10f3db29f892
GET /multi?cs=Tm5abEh2W2hceHtXaVV6fl1sXHE&abt=0&red=1&sm=76&k=download%20file%20optional%20zombie&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_RMQY=1665776475657&crc=1 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1472
date: Fri, 14 Oct 2022 19:41:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b2f0dde1-2b39-486b-a988-1eae2563b95e
csu=1893677884356752
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: FrUb-xXtgP5a8yvXhn3-KtKFsMdu-yDEprG9xxUJg0CYRpJr084B4g==
X-Firefox-Spdy: h2
eisasbeau.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: eisasbeau.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 383
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3; _ga=GA1.2.1383461065.1665776475; _gid=GA1.2.158947235.1665776475; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:16 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
rearlyinthes.xyz/floater?cs=Q0RUTFR1c2J9ZnN0Y31lenRgf2U&abt=0&red=1&sm=83&k=download%20file%20optional%20zombie&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Wl5c=1665776475661&crc=1
200 OK 3.4 kB URL HTTP/2 rearlyinthes.xyz/floater?cs=Q0RUTFR1c2J9ZnN0Y31lenRgf2U&abt=0&red=1&sm=83&k=download%20file%20optional%20zombie&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Wl5c=1665776475661&crc=1
IP
File type ASCII text, with very long lines (5379), with no line terminators
Hash 65eac46ffcd7769a33bcdd64e8578910
41a727233e1371e51e37543974a4ba76a5ca6a48
61aa319e0d1a3e543c5cfb32d06917d9ca4a7fbb6313173a8c0e18eda1e53eda
GET /floater?cs=Q0RUTFR1c2J9ZnN0Y31lenRgf2U&abt=0&red=1&sm=83&k=download%20file%20optional%20zombie&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1893677884356752&agec=1665776475&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.12154696132598&ref=https%3A%2F%2Fmegaup.net%2F372%2Ffg-optional-mp-zombie-01.bin&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Wl5c=1665776475661&crc=1 HTTP/1.1
Host: rearlyinthes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3371
date: Fri, 14 Oct 2022 19:41:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=bff940a3-edc2-43a0-bb92-5b420a0b44a4
csu=1893677884356752
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 635c7418f72f321969fbcde43ec21974.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P2
x-amz-cf-id: YIcEfCr0CeShpPSPEKwzjFgp6SNSklcD466a2QLfu-4jyxjHQSTJhw==
X-Firefox-Spdy: h2
eisasbeau.buzz/YjVyUHY5F0pjRFQGQXJaQBdechBWUUtlRwdRX2NGUgxfZE5VU19oEFQAX2hHAAwTZ0EHBEczEEAZUGZHUAxLZEMAGEdkQVUYRjRFBhhLaBNUGEpjEloFQTQSBg1BYVROFwEnVE4XFzkFA0YQNRcXGxAlDBgXXnJHUhtHcloEVB4jE05TEzwFBxkUMRoRUC8
200 OK 13 kB URL HTTP/2 eisasbeau.buzz/YjVyUHY5F0pjRFQGQXJaQBdechBWUUtlRwdRX2NGUgxfZE5VU19oEFQAX2hHAAwTZ0EHBEczEEAZUGZHUAxLZEMAGEdkQVUYRjRFBhhLaBNUGEpjEloFQTQSBg1BYVROFwEnVE4XFzkFA0YQNRcXGxAlDBgXXnJHUhtHcloEVB4jE05TEzwFBxkUMRoRUC8
IP
File type ASCII text, with very long lines (33859), with no line terminators
Hash e419bce7909abd89ef98712e76d39807
6f69ae66908c16cae0f80ccd49dcbfda814af924
3502340cda93ed155c9506ff8174f6af97d8d6dcb1412bb926d1cc4b84e506fe
GET /YjVyUHY5F0pjRFQGQXJaQBdechBWUUtlRwdRX2NGUgxfZE5VU19oEFQAX2hHAAwTZ0EHBEczEEAZUGZHUAxLZEMAGEdkQVUYRjRFBhhLaBNUGEpjEloFQTQSBg1BYVROFwEnVE4XFzkFA0YQNRcXGxAlDBgXXnJHUhtHcloEVB4jE05TEzwFBxkUMRoRUC8 HTTP/1.1
Host: eisasbeau.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 36663b1a1f7013e35dc20e11f401d596=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8443-3hrtdii6y/fg58VIKNxUsGGs5ck"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
eisasbeau.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: eisasbeau.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 353
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Fri, 14 Oct 2022 23:16:46 GMT
Date: Fri, 14 Oct 2022 19:41:16 GMT
Connection: keep-alive
ad.a-ads.com/1811811?size=300x250
200 OK 5.2 kB URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
Hash c4507939fa365bf7bf48474193230550
3dd3d0cf29268ffaf59d6feb4ec5bb86f73139d3
c74db341f19ed82e9f5c4ecd8ab162c1f9776bce349be61cbbe8eedaea7e8135
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12930
Expires: Fri, 14 Oct 2022 23:16:46 GMT
Date: Fri, 14 Oct 2022 19:41:16 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
200 OK 108 kB IP
Size 108 kB (108405 bytes)
Hash a861864d4de740af26553df4d0f4036b
a967b258debc09ef0c255fe429f317a6db3cb97d
461334f8ee782219ab1f8e11d7937ee5c3265303f5f556f1fe0a3df4b2036ec0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
last-modified: Fri, 14 Oct 2022 18:33:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwVzjpO1aKNpYTbas3ruSXISsIJFt%2B7zxs30dve%2Fl8w1VjnGpyE05iIbRD1fH2fGHQI7hEQp4rqi6P53pJZRlxUxfil3vzAPKCwVH5uh44J%2BVXvoWL8H1EDn2%2F5UEuqA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2ca9b89a376f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a0e7692a42450c5880b6bf2c3e600f
3c567806bfec9a195235f1c1e3c3e4bc647fdde9
318e462ae5b2da302cc3fa6539270866a352f011ebcc9ea35eef50c38fe9fe24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6685
x-amzn-requestid: 8d5aa091-bf24-4ab1-a33b-73795e951da1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EENeIAMF9Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-36c8c3d75b57c8df3b0644a0;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf8nte3n3LzQdLXnv6MfnVk2LO0b0CjSfyiaxK2UWsM2DLsm-xEAgA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:56:44 GMT
age: 78272
etag: "3c567806bfec9a195235f1c1e3c3e4bc647fdde9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3368090318fe53289f4e0fe284ee1e2
ec5e3f3d6a334d0b8a92ce06327b5b145002087c
73bb52c89af285a60360a119d3f21b0d7309ea7fd26a36c1e46fe6b1b9f25164
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8183
x-amzn-requestid: f41fdb47-83e8-48f9-95ac-a79e2bfc521d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tu8FwCoAMF_OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347332c-67bc08ef6315488e07fc3c4c;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CGpa_I95VYqIP5j-OWRJ_xLopy7H9wlZRPSTP_mL-hymbOqhelsTCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:17:55 GMT
age: 77001
etag: "ec5e3f3d6a334d0b8a92ce06327b5b145002087c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e80557033ce8935b57b87fe59633393e
6c055a00a12067ab5b11458bb614bc6f1028c28a
8a88d7f2110e5c200f6f26ed5e6c7b299b9c76654f095b870cfffb2a8d7b96d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9350
x-amzn-requestid: fd2ec00f-7ef1-4e4a-a652-a388dcba3e16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EHctoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-7e945574599f2ec67e824671;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nGGbFQtzfoIKZyepQq5gOTzJ4XFk6PzjncnWVn5dCMRWqi88NXkkjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:53:45 GMT
age: 78451
etag: "6c055a00a12067ab5b11458bb614bc6f1028c28a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07dec47a418618af22b7104e1bbde5e6
c34dd1552df55e8b62e699a5efb14e7f26a60acb
5eb94cd99c5187faa2c0c8f5ef5b9786009d37c2950ca0048eb3f737e45c363b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9622
x-amzn-requestid: 340d7e66-1eb4-49fc-bf3d-56e5cc4af771
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9n2_HXqIAMFzsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488692-78ea067c541cb84f75741d22;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uN6RkKHKGjhauRGxTQiyluFaTwFaGBgtkJsdFMcxUoZNEu_05ocMZg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:18:42 GMT
etag: "c34dd1552df55e8b62e699a5efb14e7f26a60acb"
content-type: image/jpeg
age: 76954
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05cbae7a5598ecb6de18ba845117b543
00c5b6a969acf49d11b963ed509f4c7c0a767438
f915a4215fc3bb08a43b38352dec8ef798d0e7648df20cb53c968c52108216f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8890
x-amzn-requestid: 53e8447e-dbb7-41f1-a184-ceea0e33ed3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9nLqG2voAMFc-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348857d-302e435a359d84ab25d3b003;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ashiRI0jxjFwVDJaldk8AwtX2z8p4j4Vvck78BAAnazxoIfBFbHwdQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:18:53 GMT
age: 76943
etag: "00c5b6a969acf49d11b963ed509f4c7c0a767438"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 901873a89c283d723fe4d164026eff3f
1108e800aa8871daf43daf52576ebbba8cf931ee
1a1baef35eaa0cb0a8d5e352f46aa81a71731f5e397e8f6667e436646f713ece
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1A1BAEF35EAA0CB0A8D5E352F46AA81A71731F5E397E8F6667E436646F713ECE"
Last-Modified: Fri, 14 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2160
Expires: Fri, 14 Oct 2022 20:17:18 GMT
Date: Fri, 14 Oct 2022 19:41:18 GMT
Connection: keep-alive
xml.serve-servee.com/thumbnail?i=5zQFgoKADbQ_0&imgt=icon
302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=5zQFgoKADbQ_0&imgt=icon
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=5zQFgoKADbQ_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 14 Oct 2022 19:41:18 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvxgj%2Fd1lzVWov4SNbLnG8gJZWNeWZZeXkmjTyir9YQwySSxfXyH3PjlpaXCM3wSzBAjD5hcY%2BxfqjqnqBZqLibmZRXl%2BpQ0ZUyq9jfRHNMZHlJOO6Xt1RF5%2FiJQUA%2FVi4ngmX4BvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2caae0c87063d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 599d921d6af0ea323a9f9e829aff5fbe
85b0d3f29956365be59d0d3d99054601db74f9f2
3e5caf11ec74cc0a1f7987b780ed941d8145a2f6779c2a94e3604447864c4982
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E5CAF11EC74CC0A1F7987B780ED941D8145A2F6779C2A94E3604447864C4982"
Last-Modified: Fri, 14 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Fri, 14 Oct 2022 20:24:20 GMT
Date: Fri, 14 Oct 2022 19:41:18 GMT
Connection: keep-alive
static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
200 OK 89 kB URL HTTP/2 static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
IP
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 0994ec31361ea569c5549063145bfdd2
9b270e9f7a346a0f0f60a978e154f49740350270
e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:18 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1665776478.cds211.lo4.h2,1665776478.cds103.lo4.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LsxXd6UZddIFl8EAoCTUkdimvH%2FUtEDGEO03rxdO9%2BZHkAKNK%2Fv02DCna0orycEG9hsHYOadlxEJw262tQxLxppY8lVVxjVozKgRjcCIdc6ZNVUYoesDeOkbkTDHfma%2Be0JFqNEC7xHkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2caaebd93063d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3; _ga=GA1.2.1383461065.1665776475; _gid=GA1.2.158947235.1665776475; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:21 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a0a76c9abc260b74fe89fe89274fbfa
3f2ddfed52b17bb41e13ad092cdb3a36829547ee
bb832daf2223280e6e2bc50d36d186af07040ab531ea6bec96c7f2b2ffca0594
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB832DAF2223280E6E2BC50D36D186AF07040AB531EA6BEC96C7F2B2FFCA0594"
Last-Modified: Thu, 13 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13521
Expires: Fri, 14 Oct 2022 23:26:43 GMT
Date: Fri, 14 Oct 2022 19:41:22 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=C8WvdFYNhmUh_2T3Mzryzy89sczkQCnWKCYMeZlRWCgQb5vTgf_pr7imMraI7j1F34tvA-lUqw0YMooBE4mgIzqH6LZ0zUaoWZevgPPBPCQs6doBD9Mb_o6c5VmORPh7oppqNe6YtV_YDAwCUdY1HIDq9cylLYrZnUoERtZL1_XW7VYW2RYKMKIIYzz-HjFV-fPM8WuPx_16whXXSF6cb_GjmKOI-gVli88K__U-2LtVyB55AHR6ACMp8CeAIbaw8kHKGguBdxIv0ONUcfHquXHaG8SBN4iCtnegcrA9fGB3UohLDI-9AjQVdoDRclSDHmEOOUnUchVyvCIlm22xu0c9ABTSdzjuk2yUhRf7icpkbcrBhwfEM3DNGrPYGClZXR2dZxx1ALYqJYhfiy25fJMAnsNo9DOXulp9FzFDonjrAtQWN1e9eo3z2ahQ1J5PeRS5KAqgTCq-j8w=&v1=79&v2=65755
301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=C8WvdFYNhmUh_2T3Mzryzy89sczkQCnWKCYMeZlRWCgQb5vTgf_pr7imMraI7j1F34tvA-lUqw0YMooBE4mgIzqH6LZ0zUaoWZevgPPBPCQs6doBD9Mb_o6c5VmORPh7oppqNe6YtV_YDAwCUdY1HIDq9cylLYrZnUoERtZL1_XW7VYW2RYKMKIIYzz-HjFV-fPM8WuPx_16whXXSF6cb_GjmKOI-gVli88K__U-2LtVyB55AHR6ACMp8CeAIbaw8kHKGguBdxIv0ONUcfHquXHaG8SBN4iCtnegcrA9fGB3UohLDI-9AjQVdoDRclSDHmEOOUnUchVyvCIlm22xu0c9ABTSdzjuk2yUhRf7icpkbcrBhwfEM3DNGrPYGClZXR2dZxx1ALYqJYhfiy25fJMAnsNo9DOXulp9FzFDonjrAtQWN1e9eo3z2ahQ1J5PeRS5KAqgTCq-j8w=&v1=79&v2=65755
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=C8WvdFYNhmUh_2T3Mzryzy89sczkQCnWKCYMeZlRWCgQb5vTgf_pr7imMraI7j1F34tvA-lUqw0YMooBE4mgIzqH6LZ0zUaoWZevgPPBPCQs6doBD9Mb_o6c5VmORPh7oppqNe6YtV_YDAwCUdY1HIDq9cylLYrZnUoERtZL1_XW7VYW2RYKMKIIYzz-HjFV-fPM8WuPx_16whXXSF6cb_GjmKOI-gVli88K__U-2LtVyB55AHR6ACMp8CeAIbaw8kHKGguBdxIv0ONUcfHquXHaG8SBN4iCtnegcrA9fGB3UohLDI-9AjQVdoDRclSDHmEOOUnUchVyvCIlm22xu0c9ABTSdzjuk2yUhRf7icpkbcrBhwfEM3DNGrPYGClZXR2dZxx1ALYqJYhfiy25fJMAnsNo9DOXulp9FzFDonjrAtQWN1e9eo3z2ahQ1J5PeRS5KAqgTCq-j8w=&v1=79&v2=65755 HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Fri, 14 Oct 2022 19:41:21 GMT
content-length: 0
location: https://img.vmmcdn.com/get/51946765/158137_icon.png
x-app-id: 11
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cb63ae72fa3a932bb7416ba76fe8724c
79d20b12d5c6b06bc5dbedba2acc1138223732f1
d74bc26980fbd65dfb7d926c767e601ed8086cc6b15cd4d90457589259615975
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D74BC26980FBD65DFB7D926C767E601ED8086CC6B15CD4D90457589259615975"
Last-Modified: Fri, 14 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5118
Expires: Fri, 14 Oct 2022 21:06:40 GMT
Date: Fri, 14 Oct 2022 19:41:22 GMT
Connection: keep-alive
img.vmmcdn.com/get/51946765/158137_icon.png
200 OK 85 kB URL HTTP/1.1 img.vmmcdn.com/get/51946765/158137_icon.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 4397ca1d2de94217ca00501f17c1855f
02ef3ef9a78fd27d8d6cfc2ab2115b5e5886d814
acf163d19802e3624960dbad8ef3f29be501af46d4e2ffdd7863eb47eff15b53
GET /get/51946765/158137_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 14 Oct 2022 19:41:22 GMT
Content-Type: image/png
Content-Length: 85295
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 14:59:08 GMT
Cache-Control: public, max-age=604800
ETag: "632f1b3c-14d2f"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
last-modified: Fri, 14 Oct 2022 18:33:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWdg4FbeOLwh%2BxqxZRt4WCywVRtGQtPwdZ%2Fkwx6Tr8cS4VrOuuwYmJE%2BLCcyHyiXnq89ZeN5PxoFG2gGZkVPmIVjj8zpjEQaIYjFm1%2BOclvc8JRpQ4d8%2Bn7zNaZ97ZHX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2ca9b898976f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/bGlXeEgXSyQPFxkbO1pyTgEjDDgfU3hXJQkONg04QgcyDGcfHnkSO05FdQslCkttSWROHTYfFwUNdUJqVFplTntfS3taOxkLCBEsXkttWi5YDW5NeQkNekt4XFB6THBbD3pALlpcekB5DlA2T38JWGIbLk4U
200 OK 0 B URL HTTP/2 societingna.info/bGlXeEgXSyQPFxkbO1pyTgEjDDgfU3hXJQkONg04QgcyDGcfHnkSO05FdQslCkttSWROHTYfFwUNdUJqVFplTntfS3taOxkLCBEsXkttWi5YDW5NeQkNekt4XFB6THBbD3pALlpcekB5DlA2T38JWGIbLk4U
IP
Analyzer Verdict Alert fortinet Malware
GET /bGlXeEgXSyQPFxkbO1pyTgEjDDgfU3hXJQkONg04QgcyDGcfHnkSO05FdQslCkttSWROHTYfFwUNdUJqVFplTntfS3taOxkLCBEsXkttWi5YDW5NeQkNekt4XFB6THBbD3pALlpcekB5DlA2T38JWGIbLk4U HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 5784129820f1038cf525e035851c7f6d=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f2-ph8vhoojx6AAapBczg9KVCu4m+w"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
last-modified: Fri, 14 Oct 2022 18:33:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMQcz4JlpVOWU%2Fn9MictUWVVjVtycickf1QY4NMSOPB6I74cFAeNdbS1%2BjXkwWkGnUxWBZfQZCrP2P%2FdPLJCdghvsfdbIsFNR%2F%2FFJ1lJgVXzsK9R70gu0kQ84a7J1jzr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2ca9b898b76f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1358407823%3A1665776475406858&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBxYvRNO-dsqj1CgDK1b3GsRbPt6HvbvfJ8EM_XpsnN0bSUTSgKnXcCKirqjv4_1YedBM5aQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1358407823%3A1665776475406858&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBxYvRNO-dsqj1CgDK1b3GsRbPt6HvbvfJ8EM_XpsnN0bSUTSgKnXcCKirqjv4_1YedBM5aQ
IP
GET /v3/signin/identifier?dsh=S-1358407823%3A1665776475406858&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpBxYvRNO-dsqj1CgDK1b3GsRbPt6HvbvfJ8EM_XpsnN0bSUTSgKnXcCKirqjv4_1YedBM5aQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Oct 2022 19:41:15 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-TtfKG_ocux4D7id0uYcCow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: text/plain
set-cookie: csu=1893677884356752@1@1665776475; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHpPEFHfu1K0WhzO5Zh%2BFjnpNb1zd0LzRZBIqd8sAQnRKI462zFKHKgWWpFnPrgKXcbph8GbBmnk7Fj8B54SAGZJ6VM6NI5C1%2BMxacCUAcWPZefY5g7LVnMeKY9EjpHo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a2ca9b89a676f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0Xq9GwfIS8FFFXX09X4QWDN+mSw8mnaUdtVquFWdsW8+M9eJalPcDzAhuPWnZK9QO0QjCAFWZUb4xo+FtHj8NA==
date: Fri, 14 Oct 2022 19:41:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?Q2RyYjIYRkpRAHVXQUAeYUZeQFR3AEtXAyYAX1ECc11fVgp0Al9aVHVRX1oDIV0TVQUmVUcBVGFIUFQDcV1LVgchSUdWBXRJRgYBJ0lLWld1SUpRVntUQQZWJ1xBUxBvRgEVEG9GFwtBIhcQB1M2ShAXSDlGXkADc0pHQB4lBR4RV28CEw5BJkgUA14wAS8
200 OK 0 B URL HTTP/2 megaup.net/sw.js?Q2RyYjIYRkpRAHVXQUAeYUZeQFR3AEtXAyYAX1ECc11fVgp0Al9aVHVRX1oDIV0TVQUmVUcBVGFIUFQDcV1LVgchSUdWBXRJRgYBJ0lLWld1SUpRVntUQQZWJ1xBUxBvRgEVEG9GFwtBIhcQB1M2ShAXSDlGXkADc0pHQB4lBR4RV28CEw5BJkgUA14wAS8
IP
GET /sw.js?Q2RyYjIYRkpRAHVXQUAeYUZeQFR3AEtXAyYAX1ECc11fVgp0Al9aVHVRX1oDIV0TVQUmVUcBVGFIUFQDcV1LVgchSUdWBXRJRgYBJ0lLWld1SUpRVntUQQZWJ1xBUxBvRgEVEG9GFwtBIhcQB1M2ShAXSDlGXkADc0pHQB4lBR4RV28CEw5BJkgUA14wAS8 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3; _ga=GA1.2.1383461065.1665776475; _gid=GA1.2.158947235.1665776475; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/372/fg-optional-mp-zombie-01.bin
200 OK 0 B URL HTTP/2 megaup.net/372/fg-optional-mp-zombie-01.bin
IP
GET /372/fg-optional-mp-zombie-01.bin HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=67n5734f1hnia2crmfvmfl2am3; expires=Sat, 15-Oct-2022 19:41:14 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 0 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188805
date: Fri, 14 Oct 2022 19:29:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bQHcYU0Zlt3oLCpUXmV7Oi2hfU3pAP2f6LUuQBxSYxgdL6W5PLFpww==
age: 720
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:41:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4059
last-modified: Fri, 14 Oct 2022 18:33:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SA9%2FM%2Fz3Jew6NMKV969KVxznba8CDDcljseJSRM%2FTnl8myIW12SIJygFi5rv1f4%2B22h4po7y7eahXjS%2B6COOmrotMWZ70gJxyR5SL3mEJg2f9ROBqzozlE8afZD7ZZqs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2ca9b89b376f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/372/fg-optional-mp-zombie-01.bin
Connection: keep-alive
Cookie: filehosting=67n5734f1hnia2crmfvmfl2am3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:41:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
142.250.74.3
93.184.220.29
185.76.9.19
148.251.155.232
23.109.82.168
23.36.76.226
104.21.16.22