megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 22:43:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:15:24 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PXfzeK7iqnqVlqMffOyB7OWtT2186zl0eTDveq2pZ352tqNj_F2LcQ==
Age: 1664
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10694
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Mon, 26 Sep 2022 22:43:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wcZsJRUe3u3JUDQx8MeFw7LiGJ-2uv3B17VQeJdACiDVYoygxXcMoA==
age: 65274
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash fcd7fa3465af8d96c707d8db3a6113e5
34ad4813638837eb295367cc214833d6e3dacad0
2bd46d86dbae64da292dc88bf011d426c30aa35339d6372998bff11e3f8e288f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 22:43:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 11:25:45 GMT
Expires: Fri, 30 Sep 2022 11:25:44 GMT
Etag: "34ad4813638837eb295367cc214833d6e3dacad0"
Cache-Control: max-age=304354,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f844de90eb511-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 1.7 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash 6833d6d74852f068810dc4101f2a9c68
583f2150619f7d8419b61148c2e66f8240ce88e4
f378a5d03a3a4f536c2dfc054e09e8922ba10242f8ea5d0d59888ed929b899b6
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 8.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
File type ASCII text, with very long lines (28941)
Hash 9c5583b40993144646d363502e748474
37bb961f4c61616da8e90f8844b7c09919dfb5f9
5bf4c0f14a46942f0bc4621d19a9490644ffc53468432d0a652b6a68c5f56431
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 2.9 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
Hash 959d4dd8d22a4daa3f9d5fd5614099ef
4e94b36e4c0c36579bb3b6cbd59877f4e7154795
3d6c47e175934cd9c7cc288e2f981259a6c8602cb1d0e9f1df6b11c0cc72c0c2
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1720)
Hash bffa27841b8730cd50a87a4f5200c1ba
59408e7aa24fd20df3418254fc6461098b5d163c
b3c7b4a522e08cd7f133ed1e8cf3fab060c3875b618f720e1c70196c30a1d435
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:43:09 GMT
expires: Mon, 26 Sep 2022 22:43:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 22:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 22:43:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 27-Sep-2022 22:43:09 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 27-Sep-2022 22:43:09 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 190 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
File type ASCII text, with CRLF line terminators
Hash ddda0e7059b0800248883b7714dd029c
2f390ea17d4e3e404104d209733ebc0cbebf7ec2
15113c1d2ef6ba1e9207851658a3e0933c703862a7f5ad1016f2bbadb9e666cd
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 22:10:46 GMT
Expires: Mon, 26 Sep 2022 22:39:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nIPG-4n8RyBwiIcmVR2d-zFXRJr17J9NGL3eevMbOf-mA7e0qjV6QA==
Age: 1943
ocsp.digicert.com/
200 OK 471 B IP
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3899
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:09 GMT
Last-Modified: Mon, 26 Sep 2022 21:38:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 1.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
Hash d1f67508edb1b30a370b6980f11d12c7
3a98f106723d0a1ffb5d5bedfdff66236f2cfa7c
33e865a665c01d4c3625ed5767acb39dbbb11205d1651c1504e5dc01dfe72e36
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
Hash a4e99bfb61bdd3319e2ca781dc899a20
5b8fcde33d2a8ffe1658b2958799acd164f8aa6b
fd111f8635c5c6ec46916e9bdca0bda5dcfdb4bd4f0a067f2c668f8871ebd134
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 24 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
File type ASCII text, with CRLF line terminators
Hash 84a228bc8ad27f85af3cd26d51f874d8
a583e2a67524219e1e1d60d04eae92817259386d
c2c73b2d6ca3db5ab870a0c5e8da07e96d185d6eb8129b451c6bdeffa5bdb2c7
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c5b57d95a61192eea33c35048fd06ead
e92606965483f9bc85e443bd64430505439114df
2f28701f624a3de304d5bc0a312e6aca987ae1a11547fe6100f39e432867f595
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2F28701F624A3DE304D5BC0A312E6ACA987AE1A11547FE6100F39E432867F595"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Tue, 27 Sep 2022 00:30:24 GMT
Date: Mon, 26 Sep 2022 22:43:09 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c5b57d95a61192eea33c35048fd06ead
e92606965483f9bc85e443bd64430505439114df
2f28701f624a3de304d5bc0a312e6aca987ae1a11547fe6100f39e432867f595
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2F28701F624A3DE304D5BC0A312E6ACA987AE1A11547FE6100F39E432867F595"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Tue, 27 Sep 2022 00:30:24 GMT
Date: Mon, 26 Sep 2022 22:43:09 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c5b57d95a61192eea33c35048fd06ead
e92606965483f9bc85e443bd64430505439114df
2f28701f624a3de304d5bc0a312e6aca987ae1a11547fe6100f39e432867f595
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2F28701F624A3DE304D5BC0A312E6ACA987AE1A11547FE6100F39E432867F595"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Tue, 27 Sep 2022 00:30:24 GMT
Date: Mon, 26 Sep 2022 22:43:09 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HDPd6Mj88qco35I3qIt7NA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1co0IecMRcs4+TrykbcbMycLrI0=
quettefors.xyz/V1NsdkU2MQ8bejZuDlAwJT9RU3cRdl4wITo+Fh0jM2teASQuPUIVKTgmCBA3OD0YWCsyJ0lEAzAAK0cQABZcBAQ9PElEBzQ5GzMIEAVdEyk/Jw0uPSIRFRV2HikEJwI6PDw9MjA3IBwqMhU+PzMfB1k6DBQaHBITZioiNTI6EAEaYGURJzUcGDI7GjccAgdEHw8/GTEWBmAmGBAOHAYBKhs0PUAVBD8ZMQEBPyU1Jg8DOCctHAYEGw05OwEuHREiCiEEAQk7GioyKlUOJDljBzQBOCciIXQxCS80dDE5Jh8nEDtbOnYRIgoiKjUwOwUINAUYQCQQARgud3oCSUQDHBAfMQpkYklEAxM/VR0kD2JYLgIFIw0+NTMeBjNgZRUgJzZgGisecxxhXQMcZDsgPxIBa0ocNjg9HEsLZREPEwwhJDoOAyADGg
200 OK 1.2 kB URL HTTP/2 quettefors.xyz/V1NsdkU2MQ8bejZuDlAwJT9RU3cRdl4wITo+Fh0jM2teASQuPUIVKTgmCBA3OD0YWCsyJ0lEAzAAK0cQABZcBAQ9PElEBzQ5GzMIEAVdEyk/Jw0uPSIRFRV2HikEJwI6PDw9MjA3IBwqMhU+PzMfB1k6DBQaHBITZioiNTI6EAEaYGURJzUcGDI7GjccAgdEHw8/GTEWBmAmGBAOHAYBKhs0PUAVBD8ZMQEBPyU1Jg8DOCctHAYEGw05OwEuHREiCiEEAQk7GioyKlUOJDljBzQBOCciIXQxCS80dDE5Jh8nEDtbOnYRIgoiKjUwOwUINAUYQCQQARgud3oCSUQDHBAfMQpkYklEAxM/VR0kD2JYLgIFIw0+NTMeBjNgZRUgJzZgGisecxxhXQMcZDsgPxIBa0ocNjg9HEsLZREPEwwhJDoOAyADGg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Hash 7dc013b4e946adc9a419d594843d241f
eb343f3a0a98af835c28a40c49d0e72b6a08ba37
a5807bc0b2375034aca9061e554d91cdab90bc610df84b9cffdae9a3e1aad883
GET /V1NsdkU2MQ8bejZuDlAwJT9RU3cRdl4wITo+Fh0jM2teASQuPUIVKTgmCBA3OD0YWCsyJ0lEAzAAK0cQABZcBAQ9PElEBzQ5GzMIEAVdEyk/Jw0uPSIRFRV2HikEJwI6PDw9MjA3IBwqMhU+PzMfB1k6DBQaHBITZioiNTI6EAEaYGURJzUcGDI7GjccAgdEHw8/GTEWBmAmGBAOHAYBKhs0PUAVBD8ZMQEBPyU1Jg8DOCctHAYEGw05OwEuHREiCiEEAQk7GioyKlUOJDljBzQBOCciIXQxCS80dDE5Jh8nEDtbOnYRIgoiKjUwOwUINAUYQCQQARgud3oCSUQDHBAfMQpkYklEAxM/VR0kD2JYLgIFIw0+NTMeBjNgZRUgJzZgGisecxxhXQMcZDsgPxIBa0ocNjg9HEsLZREPEwwhJDoOAyADGg HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Mon, 26 Sep 2022 22:43:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x6EiST8cHvC-4BgghJQ1fSrU6wokWQg4zJvJkycWNDwYxxy0rKrxXA==
X-Firefox-Spdy: h2
quettefors.xyz/QnBaVXkjEjk4RiNNOHMMMBxncEsEVWgTHS8dID4fJkhoIhg7HnQ2FS0FPjMLLR4uexcnBH9nPwcqahhNIyUTEDUEKQozKw8BAhMrcyUCHDMXKAgXMhcDHRk7JlVoFy8uGzAFEBBBHjI4EzVrEykMGGo7OxQcMRYACCceO0AAOjYMMiRBADkuE0A9AhchFRIBMAs7GwA9CDEfYCwQHzcTEHs+Di8aBRY2AD4NMW4jLwMYNAMoFz4IZjMBEws9Ow0cACwxFB8bBBcHORgGCgg+MRc0ITY5YjgESD4AISEUDTI7ARMLMhsMNRAiHBQyagYhDyIOHTsaOhx4SQk7Cz0UARljIi9xORMCIQwoOT1IIBM9EAgRFy0+OgYDPgIOEBU+ByMYKhgfXHAyGQRfKAM1Owl/Hmo0ICU9PRcOEhk
200 OK 1.2 kB URL HTTP/2 quettefors.xyz/QnBaVXkjEjk4RiNNOHMMMBxncEsEVWgTHS8dID4fJkhoIhg7HnQ2FS0FPjMLLR4uexcnBH9nPwcqahhNIyUTEDUEKQozKw8BAhMrcyUCHDMXKAgXMhcDHRk7JlVoFy8uGzAFEBBBHjI4EzVrEykMGGo7OxQcMRYACCceO0AAOjYMMiRBADkuE0A9AhchFRIBMAs7GwA9CDEfYCwQHzcTEHs+Di8aBRY2AD4NMW4jLwMYNAMoFz4IZjMBEws9Ow0cACwxFB8bBBcHORgGCgg+MRc0ITY5YjgESD4AISEUDTI7ARMLMhsMNRAiHBQyagYhDyIOHTsaOhx4SQk7Cz0UARljIi9xORMCIQwoOT1IIBM9EAgRFy0+OgYDPgIOEBU+ByMYKhgfXHAyGQRfKAM1Owl/Hmo0ICU9PRcOEhk
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators
Hash 50ece6fee560d2efa929ab85b5395df9
42219494d692133a4c8214643eba48b387e8d1d6
a05ff8ad5344fe72e355e641a9a840b467c37d4e547b7f9277f9446f2b1486fc
GET /QnBaVXkjEjk4RiNNOHMMMBxncEsEVWgTHS8dID4fJkhoIhg7HnQ2FS0FPjMLLR4uexcnBH9nPwcqahhNIyUTEDUEKQozKw8BAhMrcyUCHDMXKAgXMhcDHRk7JlVoFy8uGzAFEBBBHjI4EzVrEykMGGo7OxQcMRYACCceO0AAOjYMMiRBADkuE0A9AhchFRIBMAs7GwA9CDEfYCwQHzcTEHs+Di8aBRY2AD4NMW4jLwMYNAMoFz4IZjMBEws9Ow0cACwxFB8bBBcHORgGCgg+MRc0ITY5YjgESD4AISEUDTI7ARMLMhsMNRAiHBQyagYhDyIOHTsaOhx4SQk7Cz0UARljIi9xORMCIQwoOT1IIBM9EAgRFy0+OgYDPgIOEBU+ByMYKhgfXHAyGQRfKAM1Owl/Hmo0ICU9PRcOEhk HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Mon, 26 Sep 2022 22:43:09 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MRGCX5Lj8cP4Qd3QfpUysBwv4K8XKl_8aGHbFIVDuYBpRZLQstfGDw==
X-Firefox-Spdy: h2
quettefors.xyz/SVlWSEsoOzUldChkNG4+OzVrbXkPfGQOLyQ0LCMtLWFkPyowN3grJyYsMi45JjciZiUsLXN6DT8PARoiEGs9egg+LhAeIgwXFCR+GwA6AhkcNRAyDyEcGwoyHwMaCzwuGCx4Jh4jPiENGgsODCUECBEJLxwDAwEECD41MRwcCBEKMRMDA3geABQHEi0faW4gDQhpHx4PcRoUCiAIEzEJHw0hLjIOGBczCg8mPBU/cw8XEw4aAw8ufx0MPQQfE3k6A3kBBAM/EgMcDz19DxguAQ0TCw4DID8bACw8Hh9pLiUBIj0EHxgqCgR5CiY7EAIGHGkUPx0ldB8NDw0ABgweEzsTeREaDDokJx8PHBsfDj0DCgomOxsJAgceZjAlADUiHhl7DxUOenwAcCI4JjcmdQUGEAARD3EIYTkNfT4
200 OK 1.2 kB URL HTTP/2 quettefors.xyz/SVlWSEsoOzUldChkNG4+OzVrbXkPfGQOLyQ0LCMtLWFkPyowN3grJyYsMi45JjciZiUsLXN6DT8PARoiEGs9egg+LhAeIgwXFCR+GwA6AhkcNRAyDyEcGwoyHwMaCzwuGCx4Jh4jPiENGgsODCUECBEJLxwDAwEECD41MRwcCBEKMRMDA3geABQHEi0faW4gDQhpHx4PcRoUCiAIEzEJHw0hLjIOGBczCg8mPBU/cw8XEw4aAw8ufx0MPQQfE3k6A3kBBAM/EgMcDz19DxguAQ0TCw4DID8bACw8Hh9pLiUBIj0EHxgqCgR5CiY7EAIGHGkUPx0ldB8NDw0ABgweEzsTeREaDDokJx8PHBsfDj0DCgomOxsJAgceZjAlADUiHhl7DxUOenwAcCI4JjcmdQUGEAARD3EIYTkNfT4
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash a1d8ad00059f0cac225293e14d7c217f
11ff4bde08b89a146e1c70a65d1519c7761b4c07
6dde673af67ebc35e89813b1b112aad4587941e7ca4fa4317d3cee9b82ed2ef0
GET /SVlWSEsoOzUldChkNG4+OzVrbXkPfGQOLyQ0LCMtLWFkPyowN3grJyYsMi45JjciZiUsLXN6DT8PARoiEGs9egg+LhAeIgwXFCR+GwA6AhkcNRAyDyEcGwoyHwMaCzwuGCx4Jh4jPiENGgsODCUECBEJLxwDAwEECD41MRwcCBEKMRMDA3geABQHEi0faW4gDQhpHx4PcRoUCiAIEzEJHw0hLjIOGBczCg8mPBU/cw8XEw4aAw8ufx0MPQQfE3k6A3kBBAM/EgMcDz19DxguAQ0TCw4DID8bACw8Hh9pLiUBIj0EHxgqCgR5CiY7EAIGHGkUPx0ldB8NDw0ABgweEzsTeREaDDokJx8PHBsfDj0DCgomOxsJAgceZjAlADUiHhl7DxUOenwAcCI4JjcmdQUGEAARD3EIYTkNfT4 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _frwqAlDBDXitSntiN0AmEorwIIP1vRyPVU9gSwccd39fDnapMnhZQ==
X-Firefox-Spdy: h2
reswsentativ.xyz/RzZxdmRoCRIFWSQFAUMwH2QzJ1Q3ACMjFAxnOQYlFXMJOAACVVcCDSMLRkBVdg5HUBQuUkxHQjRCEAIRNAtAUA0pUB5LQjELQFhXcxhDTkp2EARLVWFCARcDegdXBhAzWkxHUnECQ0VWdg5GT1B1
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/RzZxdmRoCRIFWSQFAUMwH2QzJ1Q3ACMjFAxnOQYlFXMJOAACVVcCDSMLRkBVdg5HUBQuUkxHQjRCEAIRNAtAUA0pUB5LQjELQFhXcxhDTkp2EARLVWFCARcDegdXBhAzWkxHUnECQ0VWdg5GT1B1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RzZxdmRoCRIFWSQFAUMwH2QzJ1Q3ACMjFAxnOQYlFXMJOAACVVcCDSMLRkBVdg5HUBQuUkxHQjRCEAIRNAtAUA0pUB5LQjELQFhXcxhDTkp2EARLVWFCARcDegdXBhAzWkxHUnECQ0VWdg5GT1B1 HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVUk6O47g%2BEsGJbQ2Sqt3eqmzWEqGjyvJfri7Haga3qPkgjhzOJm52vv8I0PcpnREWaJBXBZqfAnZ8QwusTa8nlidhKevxo7imi6SMEbc7oaCDh5GH4zQsB%2FX3h9d3EzTKkm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f84536f03b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quettefors.xyz/SFE2UlQpM1U/aylsVHQhOj0Ld2YOdAQUMCU8TDkyLGkEJTUxPxgxOCckUjQmJz9CfDotJRNgEjoFW2M/Gwl/JhUvPkAGACcUdxoGBDRaADcuYWw9FjAyWxoQfQB1Ow1xHmUXPgQDAmcWLyFAED4ZG2EKOB0YUSUfBDoPPRcJPkcGZ3EddAFkGTIHPhcYE3goFQkiTBUtARN0BSwJEnA6Hy0HUmoMHSZOA2dxGGAlIBA3cGIdARNBZRIdFwEDPhIHYzoODTRdOgwLYFJqDBoIE2ASHmIGIQwQaFU0PxoTU2IdOBJ3MT0ABkI0HSYldTRleQRTFx5tY3ABEmULAxQXKzd3AWwsH106AwxhQmYFeQNAEGcGMhA4Jyc/Rm86Jx5BHhMsPUE5Og
200 OK 1.2 kB URL HTTP/2 quettefors.xyz/SFE2UlQpM1U/aylsVHQhOj0Ld2YOdAQUMCU8TDkyLGkEJTUxPxgxOCckUjQmJz9CfDotJRNgEjoFW2M/Gwl/JhUvPkAGACcUdxoGBDRaADcuYWw9FjAyWxoQfQB1Ow1xHmUXPgQDAmcWLyFAED4ZG2EKOB0YUSUfBDoPPRcJPkcGZ3EddAFkGTIHPhcYE3goFQkiTBUtARN0BSwJEnA6Hy0HUmoMHSZOA2dxGGAlIBA3cGIdARNBZRIdFwEDPhIHYzoODTRdOgwLYFJqDBoIE2ASHmIGIQwQaFU0PxoTU2IdOBJ3MT0ABkI0HSYldTRleQRTFx5tY3ABEmULAxQXKzd3AWwsH106AwxhQmYFeQNAEGcGMhA4Jyc/Rm86Jx5BHhMsPUE5Og
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2993), with no line terminators
Hash e36884a6dd9fa2d567f18133d9a57fcc
7df9fe0b2caa77c1b466139f69843a167a15008f
108292f5664a82abb8cf9ce9be240e0e93bfdeb5724a8a7e792667508937e35e
GET /SFE2UlQpM1U/aylsVHQhOj0Ld2YOdAQUMCU8TDkyLGkEJTUxPxgxOCckUjQmJz9CfDotJRNgEjoFW2M/Gwl/JhUvPkAGACcUdxoGBDRaADcuYWw9FjAyWxoQfQB1Ow1xHmUXPgQDAmcWLyFAED4ZG2EKOB0YUSUfBDoPPRcJPkcGZ3EddAFkGTIHPhcYE3goFQkiTBUtARN0BSwJEnA6Hy0HUmoMHSZOA2dxGGAlIBA3cGIdARNBZRIdFwEDPhIHYzoODTRdOgwLYFJqDBoIE2ASHmIGIQwQaFU0PxoTU2IdOBJ3MT0ABkI0HSYldTRleQRTFx5tY3ABEmULAxQXKzd3AWwsH106AwxhQmYFeQNAEGcGMhA4Jyc/Rm86Jx5BHhMsPUE5Og HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1154
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6mmxpqa6OW6bJ9OFP9wBi9oD2IIgjL8Z4-GsuU0NTCUBkaXy2SpTYQ==
X-Firefox-Spdy: h2
reswsentativ.xyz/YnhhZWZNRwIWWzZLCSE0JTJEVyAzICNWMQwQLgYIICwHVRJRHDcsQBYRBVheVU5SVF5ECAgBW1BBRxYSAwwUFltTXggLAA1FRxNbU1ZRS1NbVlBDE19JRxEWAx9cVEASDBUJW1NOV1FUUUpQXVFbT1I
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/YnhhZWZNRwIWWzZLCSE0JTJEVyAzICNWMQwQLgYIICwHVRJRHDcsQBYRBVheVU5SVF5ECAgBW1BBRxYSAwwUFltTXggLAA1FRxNbU1ZRS1NbVlBDE19JRxEWAx9cVEASDBUJW1NOV1FUUUpQXVFbT1I
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YnhhZWZNRwIWWzZLCSE0JTJEVyAzICNWMQwQLgYIICwHVRJRHDcsQBYRBVheVU5SVF5ECAgBW1BBRxYSAwwUFltTXggLAA1FRxNbU1ZRS1NbVlBDE19JRxEWAx9cVEASDBUJW1NOV1FUUUpQXVFbT1I HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogCUuUDajaFvkIaUKKxk%2FGp45417vgjnmgCJpqAotxNyKJG40BEQVwihtocQ%2F2qP%2Be%2BXzL6CF8Tojb250bmcikHgvZ%2BtXx70jx1Z1SjmhhCY6FnIYVV4Ef3U71zxqJtN4UqL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f84536f09b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quettefors.xyz/Z2dMZWoGBS8IVQZaLkMfFQtxQFghQn4jDgoKNg4MA19+EgseCWIGBggSKAMYCAk4SwQCE2lXLFcGFCMYMQ0nLiIAMjsnAlc+CFcZKD98Mws+ACQ1LR8AeTMSCyoOHFNXMDswMyVWDTc7M147MTgqMRoIMwElHiQsKjYeNSwmMn0nLA8/Dw8gBTEJMyQuDCciLQs+dD0dXysNDDwDIA5VDwQiOyw+Jj55NB0mAw4fCQQwNgEPAiYgKDtWE2lXKDYxJCQ+CjF7MS8pBQMJKy8lDisQJFYnLz9VJSE9WjEoFj0eKjZ9FgEzVzQmIQpfHDdaISQvEh49IStIXlYyKz8/MDUNKT0yJS4/DQ89HSBfDCQdXTMgMwIDKAALAz8iXjYeVTwKLzQdJzAAag8ZCAk8WAYeKn4RGTYONFU+
200 OK 1.2 kB URL HTTP/2 quettefors.xyz/Z2dMZWoGBS8IVQZaLkMfFQtxQFghQn4jDgoKNg4MA19+EgseCWIGBggSKAMYCAk4SwQCE2lXLFcGFCMYMQ0nLiIAMjsnAlc+CFcZKD98Mws+ACQ1LR8AeTMSCyoOHFNXMDswMyVWDTc7M147MTgqMRoIMwElHiQsKjYeNSwmMn0nLA8/Dw8gBTEJMyQuDCciLQs+dD0dXysNDDwDIA5VDwQiOyw+Jj55NB0mAw4fCQQwNgEPAiYgKDtWE2lXKDYxJCQ+CjF7MS8pBQMJKy8lDisQJFYnLz9VJSE9WjEoFj0eKjZ9FgEzVzQmIQpfHDdaISQvEh49IStIXlYyKz8/MDUNKT0yJS4/DQ89HSBfDCQdXTMgMwIDKAALAz8iXjYeVTwKLzQdJzAAag8ZCAk8WAYeKn4RGTYONFU+
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators
Hash b8606bbfd346bc1f0815be1af80f958a
0c9d059bc15b162113ad323c30121fae973f86ca
325dfa8862170a4308dc40de9cd15d4e1ba6e567f20eca045eda1f6b77a75e3f
GET /Z2dMZWoGBS8IVQZaLkMfFQtxQFghQn4jDgoKNg4MA19+EgseCWIGBggSKAMYCAk4SwQCE2lXLFcGFCMYMQ0nLiIAMjsnAlc+CFcZKD98Mws+ACQ1LR8AeTMSCyoOHFNXMDswMyVWDTc7M147MTgqMRoIMwElHiQsKjYeNSwmMn0nLA8/Dw8gBTEJMyQuDCciLQs+dD0dXysNDDwDIA5VDwQiOyw+Jj55NB0mAw4fCQQwNgEPAiYgKDtWE2lXKDYxJCQ+CjF7MS8pBQMJKy8lDisQJFYnLz9VJSE9WjEoFj0eKjZ9FgEzVzQmIQpfHDdaISQvEh49IStIXlYyKz8/MDUNKT0yJS4/DQ89HSBfDCQdXTMgMwIDKAALAz8iXjYeVTwKLzQdJzAAag8ZCAk8WAYeKn4RGTYONFU+ HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6smDaEmUOiUWuoEc_D1I12CA7zwH-HzdHdR6zIS5VWBGxZ7UuWh1DQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c5b57d95a61192eea33c35048fd06ead
e92606965483f9bc85e443bd64430505439114df
2f28701f624a3de304d5bc0a312e6aca987ae1a11547fe6100f39e432867f595
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2F28701F624A3DE304D5BC0A312E6ACA987AE1A11547FE6100F39E432867F595"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6434
Expires: Tue, 27 Sep 2022 00:30:24 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
reswsentativ.xyz/WXZhTml2SQI9VAsjNx0zaThZKD4fIwIGL2ksDRhfOhgvJzwRM0c6AD1LWHpQYUBVaBkwElx/UX8FFS8dLAVcf08wGAchVH8AXH9HaVhQYFp/A1x/Ty0GAClUaFAROh01S1B4X21EUnxYYUFYdls
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/WXZhTml2SQI9VAsjNx0zaThZKD4fIwIGL2ksDRhfOhgvJzwRM0c6AD1LWHpQYUBVaBkwElx/UX8FFS8dLAVcf08wGAchVH8AXH9HaVhQYFp/A1x/Ty0GAClUaFAROh01S1B4X21EUnxYYUFYdls
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WXZhTml2SQI9VAsjNx0zaThZKD4fIwIGL2ksDRhfOhgvJzwRM0c6AD1LWHpQYUBVaBkwElx/UX8FFS8dLAVcf08wGAchVH8AXH9HaVhQYFp/A1x/Ty0GAClUaFAROh01S1B4X21EUnxYYUFYdls HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BNivOjFxmJE09HfFZXpxhXk5golbaAKCDypzTYFFePqIOzg%2FDuVJilavnWvty5mVZ4PlufZ2w6j2w87lY1naumE%2FwUmxgTU7QXgKe2SqWhrgWadt6%2B7TYPQZudeTTTnBwmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f84538f1ab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reswsentativ.xyz/UW1nemJ+UgQJXwM4UgIBKz8fHlILLCYUU2g/IisvNQMTOzM2IEEOCzVQX0hXaFxWXBI4CVpJUHceExsWJB5aS0Q4AwEVX3cbWkpMaUNeVFN3GFpLRCUdBh1fYEsXDhY9UFZMVGVfVEhTaVpeTFI
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/UW1nemJ+UgQJXwM4UgIBKz8fHlILLCYUU2g/IisvNQMTOzM2IEEOCzVQX0hXaFxWXBI4CVpJUHceExsWJB5aS0Q4AwEVX3cbWkpMaUNeVFN3GFpLRCUdBh1fYEsXDhY9UFZMVGVfVEhTaVpeTFI
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UW1nemJ+UgQJXwM4UgIBKz8fHlILLCYUU2g/IisvNQMTOzM2IEEOCzVQX0hXaFxWXBI4CVpJUHceExsWJB5aS0Q4AwEVX3cbWkpMaUNeVFN3GFpLRCUdBh1fYEsXDhY9UFZMVGVfVEhTaVpeTFI HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K44C%2ByVdNONvevCLHWfjiRxY%2B929QtgeTYdrIadqdNhNU%2Be1qaiRxebRcxu9PijKpRovt4NxZG2d8INhTaV4WCiKLHOci8%2B76cn4MZdcA6IecmoxNm4OQi42iWzOqsZ%2FTZ%2BQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f8453af32b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reswsentativ.xyz/Z2lmY2xIVgUQUTMuIAoNClxQNTopDT5QVT0/IBMNAQUkNjQhMEAXBQNUUVVYVl1XRRwODVtSShQdBxcZFFRXRQUJDwleShFUV01fU0dUW0JWTxNeXUEdFgILWlhAExgTBVtSWlFdVFBeVlFRWlVS
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/Z2lmY2xIVgUQUTMuIAoNClxQNTopDT5QVT0/IBMNAQUkNjQhMEAXBQNUUVVYVl1XRRwODVtSShQdBxcZFFRXRQUJDwleShFUV01fU0dUW0JWTxNeXUEdFgILWlhAExgTBVtSWlFdVFBeVlFRWlVS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z2lmY2xIVgUQUTMuIAoNClxQNTopDT5QVT0/IBMNAQUkNjQhMEAXBQNUUVVYVl1XRRwODVtSShQdBxcZFFRXRQUJDwleShFUV01fU0dUW0JWTxNeXUEdFgILWlhAExgTBVtSWlFdVFBeVlFRWlVS HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV%2Fkr7UI%2BDAFPN%2Bi346iAEdppaEogJfTrKAx1Is1nA%2BFKs1kWrOsl%2FG365iRi62hOoTlR6QgSjo6flum1VCHWflO7r%2Fp%2Fnf%2FK1mwR1Z0YvHx5udEP%2FT80FsW48ByNhqXRrjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f8453af2eb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reswsentativ.xyz/YTBtR2JODw40XzZoHTY3NXIZFlNQWS8qJCtoXx4rAFtUJTsgU0szCwUNVXVXWAFcYRIIVFB0UEdDGSYWFENQdVJRB0suDAdfUHVEFw1daVpPCUN2RBQNXGEWEVEKelNHQBkzDlwBW3FWUwNfdlpWCVt0
204 No Content 0 B URL HTTP/2 reswsentativ.xyz/YTBtR2JODw40XzZoHTY3NXIZFlNQWS8qJCtoXx4rAFtUJTsgU0szCwUNVXVXWAFcYRIIVFB0UEdDGSYWFENQdVJRB0suDAdfUHVEFw1daVpPCUN2RBQNXGEWEVEKelNHQBkzDlwBW3FWUwNfdlpWCVt0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YTBtR2JODw40XzZoHTY3NXIZFlNQWS8qJCtoXx4rAFtUJTsgU0szCwUNVXVXWAFcYRIIVFB0UEdDGSYWFENQdVJRB0suDAdfUHVEFw1daVpPCUN2RBQNXGEWEVEKelNHQBkzDlwBW3FWUwNfdlpWCVt0 HTTP/1.1
Host: reswsentativ.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtLd7NVV%2Bh7%2FBYMhzE%2FAjAIzMAXpeq9hNwjzoirnYc1XWyWkYaGgHBGB01tMTiapmGd8kW7I39IY4yu8M6sgtLpSsPOM1dfJ%2BE8Pgcco22%2B118r7B3khUv7fG9skClT3FRQP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f8453af37b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 22:43:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 22:43:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
dmmzkfd82wayn.cloudfront.net/gSG1UWE0rAjo+cjwEMGV1elhtaXxuByc3IzhQGmoPKwgdLjoeFRIvHT5LICIpdV1yNCwmCml+KCYOaWlrKQk2ZXluGSQ3JnUYOjwoLgQ6PSluGDVlICcXPTQhKUhmHnhmXXFqfWAVZWloey9xan0kBDotNW1fZCB1fjJibGh7L3FqfTobcWsMcVt6aGRtX2-Q/KCsGO31/Dl9kaX14XGRpaHpdMjE/LQs7IGh6K21uY3hLIWV8
200 OK 362 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/gSG1UWE0rAjo+cjwEMGV1elhtaXxuByc3IzhQGmoPKwgdLjoeFRIvHT5LICIpdV1yNCwmCml+KCYOaWlrKQk2ZXluGSQ3JnUYOjwoLgQ6PSluGDVlICcXPTQhKUhmHnhmXXFqfWAVZWloey9xan0kBDotNW1fZCB1fjJibGh7L3FqfTobcWsMcVt6aGRtX2-Q/KCsGO31/Dl9kaX14XGRpaHpdMjE/LQs7IGh6K21uY3hLIWV8
IP
File type ASCII text, with very long lines (458), with no line terminators
Hash 899e3d05e323a9fb4895ac608ccea391
1c08cb1060e9c8af8ad2a05ebb51ed2ec717b6c2
fb3a810256cc2a9c1f67bb21e2f1589485c2339001aaf6888abd80aded9761f2
GET /gSG1UWE0rAjo+cjwEMGV1elhtaXxuByc3IzhQGmoPKwgdLjoeFRIvHT5LICIpdV1yNCwmCml+KCYOaWlrKQk2ZXluGSQ3JnUYOjwoLgQ6PSluGDVlICcXPTQhKUhmHnhmXXFqfWAVZWloey9xan0kBDotNW1fZCB1fjJibGh7L3FqfTobcWsMcVt6aGRtX2-Q/KCsGO31/Dl9kaX14XGRpaHpdMjE/LQs7IGh6K21uY3hLIWV8 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://quettefors.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 362
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R0HydwtLcjl-ElhkvH1LlPsKRrE59wV9gDimbDdFUHIpijnzEJ2UPw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/EZ0M4aUIELFYPfRMqXFR1UXIJUXRBKUsGLBd+VlkjPiR1DgAQE1FPNh0nBVlkCyJWDn9BJlYKf1ZlWQ0gWnceHTIIKAUDJAE5URomFi9NTzcGflUGOA4vVAhnVQUNR3JCcQhBOlZyHVoAQnEIBSsJNkBMcFc7AF8dUXcdWgBCcQgbNEJweVB0SXMRTHBXJF-0KKQhmCi9wV3IIWXNXch1bcgEqSgwkCDsdWwRedRZZZBJ+CQ
200 OK 586 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/EZ0M4aUIELFYPfRMqXFR1UXIJUXRBKUsGLBd+VlkjPiR1DgAQE1FPNh0nBVlkCyJWDn9BJlYKf1ZlWQ0gWnceHTIIKAUDJAE5URomFi9NTzcGflUGOA4vVAhnVQUNR3JCcQhBOlZyHVoAQnEIBSsJNkBMcFc7AF8dUXcdWgBCcQgbNEJweVB0SXMRTHBXJF-0KKQhmCi9wV3IIWXNXch1bcgEqSgwkCDsdWwRedRZZZBJ+CQ
IP
File type ASCII text, with very long lines (827), with no line terminators
Hash 1a34c2a1a8b906f46af40df9c99b4f5d
20bbde1050d780315b1848160872bf3b07c6ff87
ecc0eb7b86c48f4525e3a9aa32549d4a645f67086ce87f48d037372e99332cbd
GET /EZ0M4aUIELFYPfRMqXFR1UXIJUXRBKUsGLBd+VlkjPiR1DgAQE1FPNh0nBVlkCyJWDn9BJlYKf1ZlWQ0gWnceHTIIKAUDJAE5URomFi9NTzcGflUGOA4vVAhnVQUNR3JCcQhBOlZyHVoAQnEIBSsJNkBMcFc7AF8dUXcdWgBCcQgbNEJweVB0SXMRTHBXJF-0KKQhmCi9wV3IIWXNXch1bcgEqSgwkCDsdWwRedRZZZBJ+CQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://quettefors.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 586
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KrKk9gYQNWUWm-ZasDC5-BaqJ-qMS1sf-b7rTC-FM7rQPt9nSjdXxQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/vVWRiY2k2CwwFViENBl5RYlJRUlFzDhEMByVZLCwgAz0mWzhiFSRXDnMQGAdUZUIOAgcyWUQGBzZZU0UIMQZfV08hFA0IVD8CBBkAJgATDxxzEQNeBDoeCw8FNEFQJVx7VEdRWX0cU1JMZiZHUVk5DQwWEXBWUhtRYztUV0xmJkdRWScSR1AobFJMU0BwVl-IEDDYPDUZbE1ZSUlllVVJSTGdUBAobMAING0xnIltVR2VCF15Y
200 OK 460 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/vVWRiY2k2CwwFViENBl5RYlJRUlFzDhEMByVZLCwgAz0mWzhiFSRXDnMQGAdUZUIOAgcyWUQGBzZZU0UIMQZfV08hFA0IVD8CBBkAJgATDxxzEQNeBDoeCw8FNEFQJVx7VEdRWX0cU1JMZiZHUVk5DQwWEXBWUhtRYztUV0xmJkdRWScSR1AobFJMU0BwVl-IEDDYPDUZbE1ZSUlllVVJSTGdUBAobMAING0xnIltVR2VCF15Y
IP
File type ASCII text, with very long lines (597), with no line terminators
Hash 048b19f78d2c09c0eced8a7a4f6ab0e7
de6a0f5b144892f23f9759ea504a81d7cd320f9a
d1d3204c865fec20cbff1937d405934e234825964779ec735fd292e964fc3ba5
GET /vVWRiY2k2CwwFViENBl5RYlJRUlFzDhEMByVZLCwgAz0mWzhiFSRXDnMQGAdUZUIOAgcyWUQGBzZZU0UIMQZfV08hFA0IVD8CBBkAJgATDxxzEQNeBDoeCw8FNEFQJVx7VEdRWX0cU1JMZiZHUVk5DQwWEXBWUhtRYztUV0xmJkdRWScSR1AobFJMU0BwVl-IEDDYPDUZbE1ZSUlllVVJSTGdUBAobMAING0xnIltVR2VCF15Y HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://quettefors.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 460
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: djAm5zDF2nlnowSd9g1w8sCZiSXKpqv-M13jvSOE9DyDKpjIC9e90w==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/rTm1kSXItAgovTToEAHRLelRcf0ZoBxcmHD5QCiY9OSEjLR45BgpvBjQJWXlUIgwKLk9oCAoqT39LBS0Qc1lCPBNzAAszGyIBBWxACFhKeVd8XUwxQ39IVwtXfF0IIBw7FUF7QjZVUhZEekhXC1d8XRY/V30sXX9cfkRBe0IpCAciHWtfIntCf11UeEJ/SF-Z5FCcfAS8dNkhWD0t4Q1RvB3Nc
200 OK 186 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/rTm1kSXItAgovTToEAHRLelRcf0ZoBxcmHD5QCiY9OSEjLR45BgpvBjQJWXlUIgwKLk9oCAoqT39LBS0Qc1lCPBNzAAszGyIBBWxACFhKeVd8XUwxQ39IVwtXfF0IIBw7FUF7QjZVUhZEekhXC1d8XRY/V30sXX9cfkRBe0IpCAciHWtfIntCf11UeEJ/SF-Z5FCcfAS8dNkhWD0t4Q1RvB3Nc
IP
File type ASCII text, with no line terminators
Hash 92ff2fa0a71356bb05ecee3b6af703c4
7e7ce01eb6934d5a6bc16617b6fd7685b270df80
291abb2ad0ff0ebea163f9ae0b34adea975b317768aaf2518e2b6428b5bb893e
GET /rTm1kSXItAgovTToEAHRLelRcf0ZoBxcmHD5QCiY9OSEjLR45BgpvBjQJWXlUIgwKLk9oCAoqT39LBS0Qc1lCPBNzAAszGyIBBWxACFhKeVd8XUwxQ39IVwtXfF0IIBw7FUF7QjZVUhZEekhXC1d8XRY/V30sXX9cfkRBe0IpCAciHWtfIntCf11UeEJ/SF-Z5FCcfAS8dNkhWD0t4Q1RvB3Nc HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://quettefors.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 186
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yXtMvE_C_B3pZGcIkYmtnxoOy4f8QTDJdT7TVjve9Kppj2HKtkBcgQ==
X-Firefox-Spdy: h2
megaup.net/imageads/014.gif
200 OK 619 kB URL HTTP/2 megaup.net/imageads/014.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 619 kB (618667 bytes)
Hash 3421db383a9cb797412de968bffe5611
aa8a9f04ca0af08e98971ef6914798b53f38c9ea
bd3f6f9ced0e4aa4622f92ed19d385eafe045995d1db989b28cc4aa3be31dace
GET /imageads/014.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/gif
content-length: 618667
last-modified: Thu, 01 Apr 2021 04:06:00 GMT
vary: Accept-Encoding
etag: "606546a8-970ab"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/0aXFrVjkKHgUwBh0YD2sOX0VaYghPGxg5VxlMBy90WwUYB1ARQT9wTRMVVmYfBRAFMQRPFAU1BFhXCjJbVEVNIkkGGlY8Xw8LAiVdGB0ecEwITAY5QwAdBzccWzdeeAlMQ1t+QVhATmV7TENbOlAHBBNzC1kJU2BmX0VOZXtMQ1skT0xCKm8PR0FCcwtZFg-41UgZUWRALWUBbZghZQE5kCQ8YGTNfBglOZH9QR0VmHxxMWg
200 OK 597 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/0aXFrVjkKHgUwBh0YD2sOX0VaYghPGxg5VxlMBy90WwUYB1ARQT9wTRMVVmYfBRAFMQRPFAU1BFhXCjJbVEVNIkkGGlY8Xw8LAiVdGB0ecEwITAY5QwAdBzccWzdeeAlMQ1t+QVhATmV7TENbOlAHBBNzC1kJU2BmX0VOZXtMQ1skT0xCKm8PR0FCcwtZFg-41UgZUWRALWUBbZghZQE5kCQ8YGTNfBglOZH9QR0VmHxxMWg
IP
File type ASCII text, with very long lines (827), with no line terminators
Hash c0ec6dc33045dc36919c759b759d5d28
412f1c1fe457d63b2c0026740c9bb390121d543d
ff6f9f003a32dbe2182c8b669af6a52dda7932342a1528bf8f18e72bba53884e
GET /0aXFrVjkKHgUwBh0YD2sOX0VaYghPGxg5VxlMBy90WwUYB1ARQT9wTRMVVmYfBRAFMQRPFAU1BFhXCjJbVEVNIkkGGlY8Xw8LAiVdGB0ecEwITAY5QwAdBzccWzdeeAlMQ1t+QVhATmV7TENbOlAHBBNzC1kJU2BmX0VOZXtMQ1skT0xCKm8PR0FCcwtZFg-41UgZUWRALWUBbZghZQE5kCQ8YGTNfBglOZH9QR0VmHxxMWg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://quettefors.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 597
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ILowGVGhrNXoe8hNngNwNTnoht7nJpJIeOfvMKa2ybu5u651WVFeRg==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 305877
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h0E71PnrQEA5%2BT5JuU7v0UYw1hWLj3D806F0AdZBeqL92vNSPcfgeiUBHAnTA0xNsfNS%2B9QieXJtxdSbRjo3pXEMXO5w9k6wUgg4Bm8n78Zp9YNGGAkq%2FSH9tLWU3zE3fQJ%2FKW0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f8455fed31c06-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664232188278
200 OK 2.1 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664232188278
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash 5ecb29b323fa23505a6fd2b9177a1077
c59b8be2ad912f91528ffa16bb974d5f6667bfbd
ef3de5f5b215eaf72b54789ca423da51ee63eb0e08c3ff1e13807b0e33f297fd
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664232188278 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgN86txgYYreiLT55VndvbUrkoR6MpuHrgiQH6L82SmTJCI2llxQuDqGlHE6FkZR3BrUb4OWb8EvsxeaUO71deu%2BdCa339tuLq1q%2BafzFOQ1Xw5LU7cSFfl0Tdwbb5ujhMubzaCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f84551e1d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b881f0dfb5a23ab8f7447b2e64f4bea
e40a7b4b0ba8a08470ef1420e3a0568c170cb63e
9e450ad20a9e85876670e18146df8a42fc4be789151c0a7326e9fd314363708b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E450AD20A9E85876670E18146DF8A42FC4BE789151C0A7326E9FD314363708B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Tue, 27 Sep 2022 00:04:43 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
a.exdynsrv.com/ad-provider.js
200 OK 24 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81ef2e5397caa335947731e7e737f5c3
6a05a4b2d22c13ad2692170510bc8685b16002bf
cec22380c4f1438b29077d202d0396a6ad32b41761ed51d968f1bfbdf2423378
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23727
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"d944899a6eb421496e94cbddc42"
X-HW: 1664232190.dop023.sk1.t,1664232190.cds259.sk1.shn,1664232190.dop023.sk1.t,1664232190.cds246.sk1.c
Access-Control-Allow-Origin: *, *
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=e897d13418354990a6df7a1bd6759720&p=28&g=NO&token=4a44335432&tbg=1664232190
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=e897d13418354990a6df7a1bd6759720&p=28&g=NO&token=4a44335432&tbg=1664232190
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=e897d13418354990a6df7a1bd6759720&p=28&g=NO&token=4a44335432&tbg=1664232190 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoA9mAZP%2BdBKacAVE%2BB3GpQ0IeGjsXEaEBLJwPVi8GBn70sRuQt%2F%2FzPqX7xzKu%2FThPe%2FNQrPNJhO5Q9GbBnnDEkwhokCSRbTtD49TotujMNZx7tceexOX0oZMV55OMoa1hE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f8455fed51c06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 17b745b5d3e387127df4aba170081743
e59dc2fcbab312428ac919358c3f8afe301e723b
94b6219f1fdabe19021204226c005ab3f82f148cbfabd240a999f18267895bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1715
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:10 GMT
Last-Modified: Mon, 26 Sep 2022 22:14:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 22:41:09 GMT
expires: Tue, 27 Sep 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 121
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 17b745b5d3e387127df4aba170081743
e59dc2fcbab312428ac919358c3f8afe301e723b
94b6219f1fdabe19021204226c005ab3f82f148cbfabd240a999f18267895bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 400 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash c1b8306630d7ba73f4eb63d9518800c9
5d741c12638cba3c502f401675df8dfc4f585611
20da09a5bea8695f5b2091fe362dc33cea2fc30d7f9957a2331ae97d8c88e6f7
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 22:43:10 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1089561947%3A1664232190555827&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrqRpwDVr3z-JgyUS9_rYAGY9SBHDmzIK0t_rgrLQVjGb59AtZhD3MoSbMrawqNtLqpbZtWLQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ZiH0CXdRJwM5kQkNi_ox6A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:3LUBZgGYMs2fOz9aiL04H1wyc3soXw:dV0bDbzbCrm3FyzJ;Path=/;Expires=Wed, 25-Sep-2024 22:43:10 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1566700808&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&ul=en-us&de=UTF-8&dt=MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1733907829&gjid=372641285&cid=2145561430.1664232189&tid=UA-108868042-1&_gid=214479270.1664232189&_r=1>m=2ou9l0&z=851111491
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1566700808&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&ul=en-us&de=UTF-8&dt=MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1733907829&gjid=372641285&cid=2145561430.1664232189&tid=UA-108868042-1&_gid=214479270.1664232189&_r=1>m=2ou9l0&z=851111491
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=1566700808&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&ul=en-us&de=UTF-8&dt=MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1733907829&gjid=372641285&cid=2145561430.1664232189&tid=UA-108868042-1&_gid=214479270.1664232189&_r=1>m=2ou9l0&z=851111491 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Mon, 26 Sep 2022 22:43:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Tue, 27 Sep 2022 00:04:04 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
quettefors.xyz/utx?cb=J9Ht7Gna2dhW&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 quettefors.xyz/utx?cb=J9Ht7Gna2dhW&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=J9Ht7Gna2dhW&top=megaup.net&tid=761186 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 22:44:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iD7WqhBJhWSwDng6C4q3PO2ydg0v6lRBGzEQ0Ox7D-Ui61HCAJP4hw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Tue, 27 Sep 2022 00:04:04 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
quettefors.xyz/utx?cb=uisMWHvrLdBp&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 quettefors.xyz/utx?cb=uisMWHvrLdBp&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=uisMWHvrLdBp&top=megaup.net&tid=825911 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 22:44:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I8Pyq2lHiPHCB0AZSnmRD-Gz-6Ct-1tSJ17zqVs5SStEwbeQTDnMiw==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/417665/300x250?region=eu-central-1
200 OK 41 kB URL HTTP/2 static.a-ads.com/a-ads-banners/417665/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, progressive, precision 8, 300x250, components 3\012- data
Hash 6b0d389e11ea1349c4158ff6f30d9db4
3366454c1244cbbed52195b7205853cbed90071b
c4024afa96dac8476e66dd61d5f68c51561736977a34023735894937bed18c4c
GET /a-ads-banners/417665/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/jpeg
content-length: 40699
x-amz-id-2: 5o4JTvuHYeeCLMqOffKyiSZgJ58hGub3uBFwKYpJokZSDIqeQIcMdSwVEuMqX9soAkYhMYG6W1o=
x-amz-request-id: 9H2ZNMA76AHVJ49P
x-amz-replication-status: COMPLETED
last-modified: Mon, 26 Sep 2022 09:34:21 GMT
etag: "6b0d389e11ea1349c4158ff6f30d9db4"
cache-control: max-age=315360000
x-amz-version-id: dIToFl4y38ambnA2riAPkifRchm59GbX
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Tue, 27 Sep 2022 00:04:04 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Tue, 27 Sep 2022 00:04:04 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 919b6be9afde1410c80ec28402c4e54b
7188bbaf7a8d1cc86c759a52d119de2225acc70c
ab81f22accbeaf275181ca4cdec9747abb26941c64ec238f74781c90f7f3eb3d
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 22:43:10 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2062682728%3A1664232190604662&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqN6z47mWB4uT8ESXBdMDnrQ7suUerTDbbVHpLI4G_tCy8MdpZN-vneuMO_DVJ1td6BDrmG5g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-KtsK37VmM4nM0a2lKy5-XA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:VeVKB8-FN4bTs9BPpTs4a-AJPqsFaQ:bVAzfsWFLgCdrCj8;Path=/;Expires=Wed, 25-Sep-2024 22:43:10 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 26 Sep 2022 22:43:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ymf24aL91b6VYw857fwzP1lrM1hppV5MKggH4CqiS-bNdDeabiBOUw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.exdynsrv.com/v1/api.php
200 OK 2.3 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5196), with no line terminators
Hash 6cb881c260c996fd0d6ab55d9f88e3c8
8abee6bdf7ce1df2ba2fc4a63713e8b42f461b7b
f3c70a8a87ce0350bdb41e5c6b3b6155c248213cdde209a81851901b0f03b673
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 302
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 22:43:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1715
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:43:10 GMT
Last-Modified: Mon, 26 Sep 2022 22:14:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
quettefors.xyz/utx?cb=W0U5LjgXxdA6&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 quettefors.xyz/utx?cb=W0U5LjgXxdA6&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=W0U5LjgXxdA6&top=megaup.net&tid=876318 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 22:44:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oqzs7zlQynQGLsWscjDPuMHvVVwEPBn--P7aCbVQV5rdF5VFwqWXAg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4854
Expires: Tue, 27 Sep 2022 00:04:04 GMT
Date: Mon, 26 Sep 2022 22:43:10 GMT
Connection: keep-alive
quettefors.xyz/utx?cb=Feu8M7TXxA2c&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 quettefors.xyz/utx?cb=Feu8M7TXxA2c&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Feu8M7TXxA2c&top=megaup.net&tid=764141 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 22:44:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rlbi6zeQN6mi1yjXwO8qrN-Rks1k4FEgTca-pilIE8eJ1C1jcgn2ug==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJkkn3cl++62geIDpnlm/XAQVFOrwds/iYoqEPCqVCIksFIuUO/aT5hMTglNQUklsiofHJyjjbX9dv97TZf+EGSsVlAhSR2R1KVAtyl5gzDAJicGolo1KcbAhgwbEsurMEhGxwAkvz/eH84AQRpwXIQ4dOX3PtTP71nsPHcf2VXxr1WOtTfZWtFibxP8f0hWJ8pAZsn8NZNYsKlj4ViiGEY7x+vFz6cCNfv0VdihksCoNOdd29r2tTTaKWnv28BpSeXY79V+vjQNOUwEAAA==
200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJkkn3cl++62geIDpnlm/XAQVFOrwds/iYoqEPCqVCIksFIuUO/aT5hMTglNQUklsiofHJyjjbX9dv97TZf+EGSsVlAhSR2R1KVAtyl5gzDAJicGolo1KcbAhgwbEsurMEhGxwAkvz/eH84AQRpwXIQ4dOX3PtTP71nsPHcf2VXxr1WOtTfZWtFibxP8f0hWJ8pAZsn8NZNYsKlj4ViiGEY7x+vFz6cCNfv0VdihksCoNOdd29r2tTTaKWnv28BpSeXY79V+vjQNOUwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJkkn3cl++62geIDpnlm/XAQVFOrwds/iYoqEPCqVCIksFIuUO/aT5hMTglNQUklsiofHJyjjbX9dv97TZf+EGSsVlAhSR2R1KVAtyl5gzDAJicGolo1KcbAhgwbEsurMEhGxwAkvz/eH84AQRpwXIQ4dOX3PtTP71nsPHcf2VXxr1WOtTfZWtFibxP8f0hWJ8pAZsn8NZNYsKlj4ViiGEY7x+vFz6cCNfv0VdihksCoNOdd29r2tTTaKWnv28BpSeXY79V+vjQNOUwEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 22:43:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263322afec3ed00.368276683445524583%22%3B%7D; expires=Wed, 25 Sep 2024 22:43:10 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%2263322afec3ed00.368276683445524583%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Wed, 25 Sep 2024 22:43:10 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg
200 OK 21 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 08d3d91aef96f39036fb8e2c2384dbfe
886d0b1e550dc5e1e5c1903e762b95656239f32d
893ba0ad90251cc9896a4e0161a7184b35a2cc89f5618183adbf07e20689f77d
GET /library/551406/886d0b1e550dc5e1e5c1903e762b95656239f32d.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/jpeg
content-length: 21446
last-modified: Sat, 30 Jul 2022 00:39:56 GMT
etag: "62e47ddc-53c6"
expires: Sun, 30 Jul 2023 00:47:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690680681
server: CDN77-Turbo
x-77-nzt: AblMCRTQ3ur/FaFNAA
x-77-nzt-ray: HbRdbwbF6wE
x-cache: HIT
x-age: 5087509
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tractekytyh.xyz/utx?tid=832633&top=megaup.net&cb=tl2Fjbk0Uyss
204 No Content 0 B URL HTTP/2 tractekytyh.xyz/utx?tid=832633&top=megaup.net&cb=tl2Fjbk0Uyss
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?tid=832633&top=megaup.net&cb=tl2Fjbk0Uyss HTTP/1.1
Host: tractekytyh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:43:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 22:44:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yDVs5YY9SDZ7p8NfDRAtTSkKD5tYw2ZeWXSafl6zs_m4KMeVPuQQDA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09e5debf17a17f6f3e609bde1cf4c306
3217e61d99e3c51bfe20ad2cd3b8d299adbc8c5e
45bdd786281283b1803942ceeb12a2d7fca4f30282334d46d75ad5c957984752
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45BDD786281283B1803942CEEB12A2D7FCA4F30282334D46D75AD5C957984752"
Last-Modified: Sun, 25 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=367
Expires: Mon, 26 Sep 2022 22:49:18 GMT
Date: Mon, 26 Sep 2022 22:43:11 GMT
Connection: keep-alive
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 3.0 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
Hash fbe5404e7f03d7efa621a4d9b54ed9bf
118a6ea9344c631b2ecaa78ffed676a590270365
958f271cf03920e0caa87db43c8d5ff5e9481241ee2dc14259a3f3195bfb0f51
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uemylR4f0dA0kTH1dV3yYAm14rTI9l4gZTTA6zKkkjDlex5c6a71scSPetYsAW5qn+puhjNOus6ebe7byqjZug==
date: Mon, 26 Sep 2022 22:43:10 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6; _ga=GA1.2.2145561430.1664232189; _gid=GA1.2.214479270.1664232189; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:11 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2887
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:43:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2887
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:43:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2887
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:43:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9bc23ab347b5f2e2ec15d69f41f0cf0
a92af0438aa2b6637c0f69dabd0be00b3a43caf8
4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5XQYaLxNwxhN9NCIoDYRbt8U-2Tsxcx-2SqPNr64Z4YV8Bk7Eayjfg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 3854
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1XA-bBkY_FXGy2X6EITlNNf-QSMLu2POxTo1Vq6bcqkEkkOni45zIQ==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:08 GMT
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
age: 3843
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sultingcoe.buzz/MGxmSjBrTl55AgZfVWgcEk5KaFYECF9%2EAVUIS3kAAFVLfggHCktyVgZZS3IBUlUHfQdVXVMpVhJARCwJAFRSLgcEQVFyCQVBUi8FB0EHfFMHQV55B1IKUS9SUlVXfRIcThU9EhxOFT9cRAUILVNfCUgoRUoWRGYSAVxIfxIcCgcmQ1VAACtcQwlKLFFcHwMX
200 OK 22 kB URL HTTP/2 sultingcoe.buzz/MGxmSjBrTl55AgZfVWgcEk5KaFYECF9%2EAVUIS3kAAFVLfggHCktyVgZZS3IBUlUHfQdVXVMpVhJARCwJAFRSLgcEQVFyCQVBUi8FB0EHfFMHQV55B1IKUS9SUlVXfRIcThU9EhxOFT9cRAUILVNfCUgoRUoWRGYSAVxIfxIcCgcmQ1VAACtcQwlKLFFcHwMX
IP
Hash 71df1e81427ac33ad3bf4572710a3c72
bde9f85728f3bee90088670f5a82f9c02f094a2d
6458d748155c95fb08371537cc40a6c63fd957897f0e892f50baf2bad95fc3f3
GET /MGxmSjBrTl55AgZfVWgcEk5KaFYECF9%2EAVUIS3kAAFVLfggHCktyVgZZS3IBUlUHfQdVXVMpVhJARCwJAFRSLgcEQVFyCQVBUi8FB0EHfFMHQV55B1IKUS9SUlVXfRIcThU9EhxOFT9cRAUILVNfCUgoRUoWRGYSAVxIfxIcCgcmQ1VAACtcQwlKLFFcHwMX HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: a9310621ad046af74b2423fdf60dda81=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-AkOb7lFdM61tYnSLbgeJSzvdyas"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e88b78ede0e4583585d6bb805fb39470
edff303440c5972381295b4b2602bd3f77f6702a
ce55a1ff5c71ec43884b74a08cd32ef75cb0632a91f3fe8b150f5ead499375a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35b718e0-3d37-4447-a38f-12fa37aeae57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6487
x-amzn-requestid: db6acc81-b336-401d-8a17-1435416826a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv0T_GmSIAMFUuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329674c-1cfd05ac1007bf890318b088;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:10:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qarrDjxkHk1kd9Fbx6NQrCKWf8JQ0Y4UjRKNy1k2FbSYIW7CjzOXZg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:03:14 GMT
age: 85197
etag: "edff303440c5972381295b4b2602bd3f77f6702a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eE2AvjvM7j07Go69VVEmTF8Q-KA5bZwOBdn_SgR5fcZj8lL760_q2Q==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:57:22 GMT
age: 17149
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08590e33d7c8ebc6360d1d631f29178d
b37a39808c82e85f1860a48b3f451ef8d172a336
393c2c891699d1c47cb9d73412229624bdb3cc10cc0b509d8ec582d2c9a97aa1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: c1aa621a-fa4c-4534-9ae8-1f9db7cf26a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA-F88IAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9f-2667c25d4359746f608db3e5;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: POG7OZoKTVyWIhcwtndtlRAelH1GlnTwJn6T5LIRNwyPA94uA0POeg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 3854
etag: "b37a39808c82e85f1860a48b3f451ef8d172a336"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 347
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
quettefors.xyz/floater?cs=Nm50c1oCV0NAbA5dQURiBVtFQm0&abt=0&red=1&sm=83&k=download%20file%20melty%20blood%20type%20lumina%20part1&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=1863297389046771&agec=1664232190&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=111.48272017837235&ref=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_nGjs=1664232188892&crc=1
200 OK 6.3 kB URL HTTP/2 quettefors.xyz/floater?cs=Nm50c1oCV0NAbA5dQURiBVtFQm0&abt=0&red=1&sm=83&k=download%20file%20melty%20blood%20type%20lumina%20part1&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=1863297389046771&agec=1664232190&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=111.48272017837235&ref=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_nGjs=1664232188892&crc=1
IP
File type ASCII text, with very long lines (9375), with no line terminators
Hash 18f74ed5ad8ba0e9177f59eec5e0fbb0
f79e4eea999049f5fe864e9fdfa2229dab59889b
09e810ee93c9c9d3dd22fac4465e4021f00bb98308223f6e1ea2a5847cb1b4c2
GET /floater?cs=Nm50c1oCV0NAbA5dQURiBVtFQm0&abt=0&red=1&sm=83&k=download%20file%20melty%20blood%20type%20lumina%20part1&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&u=1863297389046771&agec=1664232190&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=111.48272017837235&ref=https%3A%2F%2Fmegaup.net%2F2tn7n%2FMELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_nGjs=1664232188892&crc=1 HTTP/1.1
Host: quettefors.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 6325
date: Mon, 26 Sep 2022 22:43:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=82943026-39c9-4521-b624-590adb2d47b4
csu=1863297389046771
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wZr6TuUP0NXKxxl6BrzeJBgYyINqm4JR3TvOvP79Uda8IrkOA98VVQ==
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U=
302 Found 108 B URL HTTP/2 hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U=
IP
File type HTML document, ASCII text
Hash f23ac69cb92f31e35484bf5cb8b4e3ee
a06747f841dade6bc3393d0b8941c0ef98968aac
bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 22:43:13 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U=
302 Found 108 B URL HTTP/2 hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U=
IP
File type HTML document, ASCII text
Hash f23ac69cb92f31e35484bf5cb8b4e3ee
a06747f841dade6bc3393d0b8941c0ef98968aac
bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=gv41qAtcTtDITlBrutrRotnnrB8rZErrgmQ1YBpRbrO3Km8_2x_8Gk67UCpXtGtpUCobMsaa-_RcRpfF-lxF4kNecdtIuWpzK0gk_LYKj6smiEPELZ9suZIo45PTC2FXpY54kHUf2j19jh2VVtvL-EI8gHiCpmafaV7DyLKRoKTIzZaPj_OyVWb4Ydm_fnZCeN3izr3rJR79R1XIhlym6T4v6MY0v5F1Vq9KiHdkFM1VzPfgKd8ENFlJ2m1R615GZie6JPuNIZ-tk7bty2gpvJxsCO7TMwuUHurws4mu4omtVijbcEVsX0por8QYPwNUIzs66MnHgVotdlpvmiqMD94U74vGw_BE0jqcML_v5eSM33Ex-y8Xj7FEQCxLZxbH-DYbIktH0rXSuuqKHWWceSkiYOu-36V4LQaSBkypf1AAK83y7nW_XtumXORSluFHfILXxCt7mdv1fqGWhKFNtDWu0ft4S4jy526T7tN4mH2Es801aTUAo85w9oSX-w_2T_Zm19cLZcSIhsi_qVnd1WE_MboJe73fePA0nTz6je-U0_pqDC6yiWA7-i-lBi0tCz1iCc3sw-vmXNkW-E6RgstasgAIs4V8D3irp9XK1BHcBzlvmvZzSspU1Rv6_KdvU-uvXSm9XJ8pFb0tM2unOroiHzzUjzNRi7rAH1lP-ssPWhqxxGExGEZjDIhcu-QJIblCqnJ4568Jdbjeluz4BA-Q0-k5iLSsrNhIesfJTxPreVYKO8Ym9GuOa-OinInnU6snnK67aM-Lk0Xtl839kDIDZdG9A6aMCyctFvjb_vPXnwxKDuzpB7H08Shx1-QjZ5a8xyIV9Hq3sR3BOHfpIQhq9YastSK8wIMW_BQDbQ7YcTFtCySAn1Ao2PpHxKD5AHrkP2HPcS4OxTAzn-UXQdAKK_ZjIHbdkzhuVoJhuOCMS3GjBgjOfAVjJe3xWPtnXWNqT-jwrfW-EsDqt8FktXeke16YJfOEFcJ5Du8gG70_VWL-gIrXWJvSz3oy7PQZDiR74ZCA4-h8zRr6mCpruuaTCY4aAhkDefTEEEDWDx33evC_o3GKJaYQ&rd=lJHYLUMT-pVsCNm7VuuHf6FktjnCleAqJEOfZOiRONRy94Hg-mtXtBc5H_Y3bWiG7GpIST6LbzyhAl2tifNXiQl6UIy9fuD2UJIoedCaUG_O2upzvkaYbt3A9tefOc-r4yv5lYgH7pA9Bu1fIILbQ-U= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 22:43:13 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
200 OK 22 kB URL HTTP/2 cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd339d0abd644dfc62b8dcd2cd15bd2b
0af5c8cec4712fb169744df0ecc88faf9125e9df
385adfface9b1e607e43242a9d9877fbdf7c71278940709ecad3d2e53e0e931a
GET /pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:13 GMT
content-type: image/webp
content-length: 22450
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=40774
content-disposition: inline; filename="514b34fc18d3f446e094227228e3b1595fe3abf9.webp"
etag: 19e0f2a507ac755f9419ea98d0121544
expires: Mon, 26 Sep 2022 22:52:57 GMT
last-modified: Thu, 22 Sep 2022 09:48:57 GMT
vary: Accept
x-openstack-request-id: tx7c030a591e2a48f1aae4d-00632c2fcb
x-proxy-cache: HIT
x-timestamp: 1663840136.02468
x-trans-id: tx7c030a591e2a48f1aae4d-00632c2fcb
cf-cache-status: HIT
age: 172216
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 750f846ae8011c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6; _ga=GA1.2.2145561430.1664232189; _gid=GA1.2.214479270.1664232189; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:16 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6a311e34cd49037118378c187900d82c
38f7110ab5b652ca39c20069f9e15e46a189f33d
2a4e4a1235d44b258b8e4202eefa741e98e0fa5f704fc8d87c1db978a07f52f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A4E4A1235D44B258B8E4202EEFA741E98E0FA5F704FC8D87C1DB978A07F52F1"
Last-Modified: Mon, 26 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3616
Expires: Mon, 26 Sep 2022 23:43:33 GMT
Date: Mon, 26 Sep 2022 22:43:17 GMT
Connection: keep-alive
hypoterian.com/ie?v=3&c=SRAuNSjFHtJGi5GL71PigPwumVUnxbhczvtlxKEWNVA2trg6_FyPMcVqWdJfzcVCHQBhdwP1eyLMWFtbYmKxe_nquDZwxAZg9U_1Ev-ns1am6xlx6tvl3eNCoheVPA0b_v1OzTLR7bIxt37YNg67M7Zw0X1Xpz6iPqs1tJIUsHjd8coacHjroNMZlzNrAYyB6vwHoF8JdgmVQX8P0AnKlI7vOLEVNaXjg_SKCOOlHBQp4qfXet5NUwZ0Wgx4OMqatt9TXNsxmheOMGBRKrwVLMDIMioFWqkcej_397n9F5Wygvxgj98bNmBLYzJrXLBwF0UfHalBZpx_Vp1QD_7jek0w78KLP6M-P6TkwF8gtIbjGlkSfcN4aY1Sl7p4mxt6IAPqQr3bhJFWvmhwZEIoQ-nytwfdiym_eVLwPy12SGEvIw3xSFTEzhrN-SWqUI5Haki2qu8TTXtUZog=&v1=79&v2=65870
301 Moved Permanently 0 B URL HTTP/1.1 hypoterian.com/ie?v=3&c=SRAuNSjFHtJGi5GL71PigPwumVUnxbhczvtlxKEWNVA2trg6_FyPMcVqWdJfzcVCHQBhdwP1eyLMWFtbYmKxe_nquDZwxAZg9U_1Ev-ns1am6xlx6tvl3eNCoheVPA0b_v1OzTLR7bIxt37YNg67M7Zw0X1Xpz6iPqs1tJIUsHjd8coacHjroNMZlzNrAYyB6vwHoF8JdgmVQX8P0AnKlI7vOLEVNaXjg_SKCOOlHBQp4qfXet5NUwZ0Wgx4OMqatt9TXNsxmheOMGBRKrwVLMDIMioFWqkcej_397n9F5Wygvxgj98bNmBLYzJrXLBwF0UfHalBZpx_Vp1QD_7jek0w78KLP6M-P6TkwF8gtIbjGlkSfcN4aY1Sl7p4mxt6IAPqQr3bhJFWvmhwZEIoQ-nytwfdiym_eVLwPy12SGEvIw3xSFTEzhrN-SWqUI5Haki2qu8TTXtUZog=&v1=79&v2=65870
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=3&c=SRAuNSjFHtJGi5GL71PigPwumVUnxbhczvtlxKEWNVA2trg6_FyPMcVqWdJfzcVCHQBhdwP1eyLMWFtbYmKxe_nquDZwxAZg9U_1Ev-ns1am6xlx6tvl3eNCoheVPA0b_v1OzTLR7bIxt37YNg67M7Zw0X1Xpz6iPqs1tJIUsHjd8coacHjroNMZlzNrAYyB6vwHoF8JdgmVQX8P0AnKlI7vOLEVNaXjg_SKCOOlHBQp4qfXet5NUwZ0Wgx4OMqatt9TXNsxmheOMGBRKrwVLMDIMioFWqkcej_397n9F5Wygvxgj98bNmBLYzJrXLBwF0UfHalBZpx_Vp1QD_7jek0w78KLP6M-P6TkwF8gtIbjGlkSfcN4aY1Sl7p4mxt6IAPqQr3bhJFWvmhwZEIoQ-nytwfdiym_eVLwPy12SGEvIw3xSFTEzhrN-SWqUI5Haki2qu8TTXtUZog=&v1=79&v2=65870 HTTP/1.1
Host: hypoterian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Mon, 26 Sep 2022 22:43:16 GMT
content-length: 0
location: https://img.vmmcdn.com/get/54109197/158561_icon.png
x-app-id: 14
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 309ad8dd79a2b4780db7e5457895aff2
45c79c8c7356d106af6317638010a384addbc1c6
0d9f1c92ee5a1308aebd65dd6c7e99f230fb854e041171c3fe0e959c28cf12b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D9F1C92EE5A1308AEBD65DD6C7E99F230FB854E041171C3FE0E959C28CF12B1"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Tue, 27 Sep 2022 02:52:12 GMT
Date: Mon, 26 Sep 2022 22:43:17 GMT
Connection: keep-alive
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1047
last-modified: Mon, 26 Sep 2022 22:25:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec1RJ0plvtSOyiSaR41myV2yryTDOqb0CZUOlgVJnhOKmRtG9sXZzHKVEaFCR1XfrWk%2BXF7VGdqWsm20MRYQ8YYQbWZ8UyTExcgaMo51e8j6xqXUXl5E42UIu6YhlZRT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f84578a3be68c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1047
last-modified: Mon, 26 Sep 2022 22:25:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41mbpDZaGeajQ5lwJlXO%2FyhZooJQWW5GEzFMMbNa7Woye6LqjwxyfH%2FLl9%2BKE5Z9bZ1ajnlEBxkyacT7oheZ5xU4Oh7bFAX4sfP%2BpXXZcRfZYi%2F8YSWpDjSrSJrU0pON"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f84578a3fe68c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1047
last-modified: Mon, 26 Sep 2022 22:25:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0YQILQXbDIuzAUIpFefMknhnnIeVW1%2FIJSGuswz%2F2ya5ID82B8o9scUA5688rBAcnHE%2BVrdS8ZXC2EiaqEVx09HCq6dcqyFms1EC2nYpFFgLj1C4rXWZqNG2ioGBmDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f84578a3ce68c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1089561947%3A1664232190555827&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrqRpwDVr3z-JgyUS9_rYAGY9SBHDmzIK0t_rgrLQVjGb59AtZhD3MoSbMrawqNtLqpbZtWLQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1089561947%3A1664232190555827&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrqRpwDVr3z-JgyUS9_rYAGY9SBHDmzIK0t_rgrLQVjGb59AtZhD3MoSbMrawqNtLqpbZtWLQ
IP
GET /v3/signin/identifier?dsh=S-1089561947%3A1664232190555827&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrqRpwDVr3z-JgyUS9_rYAGY9SBHDmzIK0t_rgrLQVjGb59AtZhD3MoSbMrawqNtLqpbZtWLQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 22:43:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-XCFxV8T_1PthrU1fP55jqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=rmKzxwDz5xFERoNmQlEDZu8vaLEA9j2CPC1naOLvvbwuTB24jpnSWmbyd3sY_yvPTE5rMLlNIeZSKjJl8GBPK5KMGPwLjMmKgVr3Gpc22cRv4pOHp0yAa1LvG1AC-91sl323xlXv4EpBdn0AcUo2lmHTDB6SmN_KmogwMcgIbUI; expires=Tue, 28-Mar-2023 22:43:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/THJndjU3UBQBajkAC1QPbhoTAkU%2FSEhZWCkVBgNFYhwCAho%2FBUkcRm5eRQVYKlBdRxluBgYRaiUWRUwXdEFVQAZ%2FUEtURjkQOB9RflBdVFN4Fl5DBCkWSkUFfEtKQg17FEpOU3pHSk4ELksGQQIpQ1IVU24P
200 OK 0 B URL HTTP/2 societingna.info/THJndjU3UBQBajkAC1QPbhoTAkU%2FSEhZWCkVBgNFYhwCAho%2FBUkcRm5eRQVYKlBdRxluBgYRaiUWRUwXdEFVQAZ%2FUEtURjkQOB9RflBdVFN4Fl5DBCkWSkUFfEtKQg17FEpOU3pHSk4ELksGQQIpQ1IVU24P
IP
Analyzer Verdict Alert fortinet Malware
GET /THJndjU3UBQBajkAC1QPbhoTAkU%2FSEhZWCkVBgNFYhwCAho%2FBUkcRm5eRQVYKlBdRxluBgYRaiUWRUwXdEFVQAZ%2FUEtURjkQOB9RflBdVFN4Fl5DBCkWSkUFfEtKQg17FEpOU3pHSk4ELksGQQIpQ1IVU24P HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 0c1d11244ead66062854d29e3d30e0d2=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f8-LP092Onv8SYcrGBkRC4ZXZLq1kQ"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2062682728%3A1664232190604662&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqN6z47mWB4uT8ESXBdMDnrQ7suUerTDbbVHpLI4G_tCy8MdpZN-vneuMO_DVJ1td6BDrmG5g
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-2062682728%3A1664232190604662&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqN6z47mWB4uT8ESXBdMDnrQ7suUerTDbbVHpLI4G_tCy8MdpZN-vneuMO_DVJ1td6BDrmG5g
IP
GET /v3/signin/identifier?dsh=S-2062682728%3A1664232190604662&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqN6z47mWB4uT8ESXBdMDnrQ7suUerTDbbVHpLI4G_tCy8MdpZN-vneuMO_DVJ1td6BDrmG5g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 22:43:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-O7RycOUlA9IjhXEPqm5SXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=r4qBZUz-qDvyxCdDN_nn7NUyhRi91BhTCZZJQd5x9OeIXDQcWf7MYZo0PH95jaWYaS2dDlh1aPxUGoy5woHCan_v3_LvwlFTeA8x1N2H-wWhr2ugYm86WJnTuIOnybcH7myLKrgQPimdcZUlm2gufGgYCG-o9vdCF1-l6e2aLV0; expires=Tue, 28-Mar-2023 22:43:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/sw.js?OGhQZTRjSmhWBg5bY0cYGkp8R1IMDGlQBV0MfVYECFF9UQwPDn1dUg5dfV0FWlExUgNdWWUGUhpEcgMNCFBkAQMMRWddDQ1FZAABD0UxU1cPRWhWA1oOZwBWWlFhUhYUSiMSFhRKIxBYTAE%2BAldXDX4HQUISckkWCVh%2BUBYUDjEJR11ENgRYSw18A1VUGzU4
200 OK 0 B URL HTTP/2 megaup.net/sw.js?OGhQZTRjSmhWBg5bY0cYGkp8R1IMDGlQBV0MfVYECFF9UQwPDn1dUg5dfV0FWlExUgNdWWUGUhpEcgMNCFBkAQMMRWddDQ1FZAABD0UxU1cPRWhWA1oOZwBWWlFhUhYUSiMSFhRKIxBYTAE%2BAldXDX4HQUISckkWCVh%2BUBYUDjEJR11ENgRYSw18A1VUGzU4
IP
GET /sw.js?OGhQZTRjSmhWBg5bY0cYGkp8R1IMDGlQBV0MfVYECFF9UQwPDn1dUg5dfV0FWlExUgNdWWUGUhpEcgMNCFBkAQMMRWddDQ1FZAABD0UxU1cPRWhWA1oOZwBWWlFhUhYUSiMSFhRKIxBYTAE%2BAldXDX4HQUISckkWCVh%2BUBYUDjEJR11ENgRYSw18A1VUGzU4 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6; _ga=GA1.2.2145561430.1664232189; _gid=GA1.2.214479270.1664232189; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:10 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
200 OK 0 B URL HTTP/2 megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
IP
GET /2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=5fsoime30cf4v2ml6f53445hm6; expires=Tue, 27-Sep-2022 22:43:09 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 0 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188765
date: Mon, 26 Sep 2022 22:43:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x-mgFzWOxkA5RXDyvm9vCX4TwSOVKaQmIdRCxray9M4SF7wdssKxzw==
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/2tn7n/MELTY.BLOOD.TYPE.LUMINA.v1.31.part1.rar
Connection: keep-alive
Cookie: filehosting=5fsoime30cf4v2ml6f53445hm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:43:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
172.67.74.36
62.122.171.12
104.21.94.209
157.240.200.35
23.36.76.226
78.46.32.91
93.184.220.29
185.76.9.26