| megaup.net/17E42/Jade.Order-Chronos.zip |  91.209.70.182 | 301 Moved Permanently | 162 B |
URL HTTP/1.1megaup.net/17E42/Jade.Order-Chronos.zip IP91.209.70.182:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /17E42/Jade.Order-Chronos.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 29 Aug 2022 02:59:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/17E42/Jade.Order-Chronos.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
|
|
| firefox.settings.services.mozilla.com/v1/ |  143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 02:25:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1UkyI3SxZcPM5hKP9AjSApmvoCZZsNeUfJeNj8DF-RYsO-1nBCDCRw==
Age: 2079
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash21b1296f31569e4fb94048c52df34904 3e3194f640d71b9da28e809660443e332bdba310 7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4441
Expires: Mon, 29 Aug 2022 04:13:49 GMT
Date: Mon, 29 Aug 2022 02:59:48 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UFKJyks29vYkSnwgPkwucOnONwZzj3koX4_IPRQTVx08hHRYP7Xpxw==
age: 15830
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 02:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 02:45:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3RznKJzHbVF7IMqTq3ECISdcfmFih1E_SsnZd5ijjrDI0BkKN7i-5w==
Age: 2556
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash0a7e5dd96a0b98da6c22446fcdca5977 3184be527c6d32edfdeab7fa49e481829e91d0ab 0fe3a46f7f98a6b4168b4678e48ce5f4ce92a4a8b068069923409c13df7c369d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 02:59:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 00:41:15 GMT
Expires: Fri, 02 Sep 2022 00:41:14 GMT
Etag: "3184be527c6d32edfdeab7fa49e481829e91d0ab"
Cache-Control: max-age=336685,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 742208632de90b65-OSL
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash396ffb5d17a8a353f8f748959fcf7966 8301f51528695b9c8a48de0e6e889b603f34308c a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2065
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:48 GMT
Last-Modified: Mon, 29 Aug 2022 02:25:23 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| megaup.net/themes/flow/images/main_logo_inverted.png | 91.209.70.182 | 200 OK | 7.1 kB |
URL HTTP/2megaup.net/themes/flow/images/main_logo_inverted.png IP91.209.70.182:0
File typePNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data Hash5d15526be10b904a6b48d1af04a10cc3 c09b6874359ac6d71db95593618a9acb55baa984 894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css | 91.209.70.182 | 200 OK | 637 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css IP91.209.70.182:0
File typeASCII text, with CRLF line terminators Hash36291bd744a566808461515888601d37 7f83381e9518feb5de9a7e3ad19e55fcf4afd319 16165e08bd1b3a02e839ab8a50ee05b427e63e972d19200ebd3ac168e7e1ce81
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-108868042-1 | 142.250.74.72 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-108868042-1 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hash1ae349a96f564d0ae7436230c93716d2 81b3aa4952a8d5f014daa2417bfe09002209a6c8 9171cdcabf3244385475cd21242ea5ed7ca29e4415ddc9668ce1d32252027aca
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 Aug 2022 02:59:49 GMT
expires: Mon, 29 Aug 2022 02:59:49 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 Aug 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42040
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/?kzmmd=761186 | 143.204.42.228 | 200 OK | 189 kB |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/?kzmmd=761186 IP143.204.42.228:0
File typeUnicode text, UTF-8 text, with very long lines (15945) Size189 kB (188780 bytes) Hash2f31ad9dcfc8962f8ec018f088ed69e6 fe35377c1db473d05e0ae6352d30f7d6814da564 048cefb16d230b9d45ff33e4dfc2e9358ccf048f20390d32cfe15aa38a532328
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188780
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4q2SbYvovqHenfWPHvSTqTjiX91_R2Y_x0xv6wpeZslBWlbpzhYq3g==
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js | 91.209.70.182 | 200 OK | 4.5 kB |
URL HTTP/2megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js IP91.209.70.182:0
File typeASCII text, with very long lines (1288) Hashe6cb8d4de974b66e58a9f22b9206cf65 eab66f33a48942f3b1216d6b611b606b7a922713 d69c361bcd2ed279965b72bcbcef181a3bd3895ad75347e3008a344f076559cd
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-ui.js | 91.209.70.182 | 200 OK | 37 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery.fileupload-ui.js IP91.209.70.182:0
Hash12ae6ae4f8d2e1cb198f18179954d2ac 17b40e8dff2cce637507b11c48fd93f14d60a25e 66bf83c5b525d360386a3664eb3c17467deef2862469c47bece7bfc9be93d968
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-resize.js | 91.209.70.182 | 200 OK | 2.6 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery.fileupload-resize.js IP91.209.70.182:0
Hash5fa2536e2179d5b2c4cea12c47b86e20 0770925bc4badab280e95175f0f17a40d3009db5 8b7d317c6dd2ea42577a89d189b24a0f617c57bc36b3b755ea1b4e9f0e5d2b68
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff | 91.209.70.182 | 200 OK | 31 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff IP91.209.70.182:0
File typeWeb Open Font Format, TrueType, length 31344, version 1.1\012- data Hash21f79e4c0fbe54a555170aa70bb4c8b7 9d4aaf2016cd21f16bc45089a48de84dba951fa7 2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff IP91.209.70.182:0
File typeWeb Open Font Format, TrueType, length 31980, version 1.1\012- data Hash99ac81a158028ac2023fb3350d2497e7 f08c12c91ab29282a616c3ba8e533f49b5b433ca 92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js | 91.209.70.182 | 200 OK | 22 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js IP91.209.70.182:0
File typeASCII text, with very long lines (1285) Hashe19e6e659f81141b7d3383a8c44caa6c 89de5c122d2e886fc00300678fc63c795e84e91a 760ba6438cfd4938f71a99950be1b98600eac07016ef865174e9041c135724ff
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| keydawnawe.com/gwZ1U5hjA8ii/32575 |  172.255.6.158 | 200 OK | 26 B |
URL HTTP/1.1keydawnawe.com/gwZ1U5hjA8ii/32575 IP172.255.6.158:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 02:59:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 02:59:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| push.services.mozilla.com/ | 34.218.159.206 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.218.159.206:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3DA5Vh2B+xG+HegyrhVCdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wf5NMMYHp3X7RZpClixbpBn4WSo=
|
|
| altowriestwispy.com/tysaSHG1FMaM/18410 | 172.255.6.38 | 200 OK | 25 B |
URL HTTP/1.1altowriestwispy.com/tysaSHG1FMaM/18410 IP172.255.6.38:0
File typeASCII text, with no line terminators Hashd488addc5df5fc9b9ff4135bb4e3a823 6ce56f48e851df4d562b43d3bc1269a504ae83fc d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 02:59:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 02:59:49 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| altowriestwispy.com/tysaSHG1FMaM/18410 | 172.255.6.38 | 200 OK | 25 B |
URL HTTP/1.1altowriestwispy.com/tysaSHG1FMaM/18410 IP172.255.6.38:0
File typeASCII text, with no line terminators Hashd488addc5df5fc9b9ff4135bb4e3a823 6ce56f48e851df4d562b43d3bc1269a504ae83fc d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| keydawnawe.com/gwZ1U5hjA8ii/32575 | 172.255.6.158 | 200 OK | 26 B |
URL HTTP/1.1keydawnawe.com/gwZ1U5hjA8ii/32575 IP172.255.6.158:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| megaup.net/themes/flow/styles/file-upload.css | 91.209.70.182 | 200 OK | 4.0 kB |
URL HTTP/2megaup.net/themes/flow/styles/file-upload.css IP91.209.70.182:0
File typeassembler source, ASCII text Hash977681997baccf3ca21544dd14e4b4b3 c737554ae4a7e965f7f59d07a345f73954c29296 a0f4a591eaf26539aae0fad1250a8e6f156811846588909934749031ebef7886
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| atebilaterde.one/VVpHRGd6ZSQ3WgQOEQ4GZiowBQlgPxYqNhc/ETQqMAsJczAQamEwDjFncHJWZGJxYhc8Pnp1QSYuJjASJmd2Yg47PCh5QSNndmpUYXR1fEllfDJ5VnMuNyUAaGthNBMhNnp1UWNrcHBWbGJ+dldi | 172.67.197.202 | 204 No Content | 0 B |
URL HTTP/2atebilaterde.one/VVpHRGd6ZSQ3WgQOEQ4GZiowBQlgPxYqNhc/ETQqMAsJczAQamEwDjFncHJWZGJxYhc8Pnp1QSYuJjASJmd2Yg47PCh5QSNndmpUYXR1fEllfDJ5VnMuNyUAaGthNBMhNnp1UWNrcHBWbGJ+dldi IP172.67.197.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VVpHRGd6ZSQ3WgQOEQ4GZiowBQlgPxYqNhc/ETQqMAsJczAQamEwDjFncHJWZGJxYhc8Pnp1QSYuJjASJmd2Yg47PCh5QSNndmpUYXR1fEllfDJ5VnMuNyUAaGthNBMhNnp1UWNrcHBWbGJ+dldi HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkfLsIM1rU6qW6%2BG7fw8X3JqIOr%2B%2B6ESUEXyNFIaAXWHSv26hv2NWX42iAfvNsGawAZGL%2BasdmWp%2FPhost1lq0F3YbuheK3%2FLivb%2Bf02m4wqKSnInLe2U9bhd5cgPyCL%2Fm5X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 742208692da61c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery-ui.js | 91.209.70.182 | 200 OK | 110 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery-ui.js IP91.209.70.182:0
File typeASCII text, with very long lines (840) Size110 kB (109700 bytes) Hash42082a114fdf87bf7d1b21ff008eb3c8 f6eb97c638e19c7cf355401e50e5ed9ac36bd034 397186af1acbf8e563c8e62f157cba924627db0fae7992152f633f83f7e0b8df
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery-1.11.0.min.js | 91.209.70.182 | 200 OK | 39 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery-1.11.0.min.js IP91.209.70.182:0
File typeASCII text, with very long lines (32341) Hashafd9173b00104d92774d834b5f4abf2d 0b93fce9022874740e8f39afe29cc887fd591d62 79d1637af5a7332495a729774e9cacb9f93124c711fea3bb284fc350a8466f44
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js | 91.209.70.182 | 200 OK | 2.6 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js IP91.209.70.182:0
Hashb370d9564c4a9c9eea8c753ecb85a5d2 e986a47c64d9589de075761459312aff928db023 6af7b1a3b4b56a4dc04c7cec318c301886e146241559442228db78cb1039eb66
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/load-image.min.js | 91.209.70.182 | 200 OK | 1.1 kB |
URL HTTP/2megaup.net/themes/flow/js/load-image.min.js IP91.209.70.182:0
File typeASCII text, with very long lines (2546), with no line terminators Hashd8a0454f5a6c857ca5c8278a8c6680ef 51b236604a9ee46ff3da9079a0d0653cd11d3bef d3816835a3e607e575067849fdf0b566f81614e50afd185008bfd1ded229171a
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/colors/flow.css | 91.209.70.182 | 200 OK | 1.8 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/colors/flow.css IP91.209.70.182:0
File typeASCII text, with CRLF line terminators Hashce726184ed08d1a2d8f585ee006846e6 6706fa04fa4963bd6e367075a2188207a2d50d8a 96a9d0b1ba66943901c850bb0a7199d5c94665874d22f4ed85f8cc132712d9f0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.dataTables.min.js | 91.209.70.182 | 200 OK | 20 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery.dataTables.min.js IP91.209.70.182:0
File typeASCII text, with very long lines (768) Hash3023ccfc3ef173e88507d563b1940445 91ef6b5cf70dd2e3df6ce03be5c8ace3725d6eba 15177e00c96d39723c6e22e96d9763a84efc518740b747d3cc6e9521cf152c88
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/retina/retina.js | 91.209.70.182 | 200 OK | 926 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/retina/retina.js IP91.209.70.182:0
File typeASCII text, with very long lines (1249) Hasha35a62f04e77d9e00a7405fc351d099f 04ced3744187d6d0fb8b191ff6bb02e17007f4a7 f01de8a73670c8130bda169f7e6ff5afa6a6b8e0e618d32bf8f04dd1fc24621d
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| atebilaterde.one/dFFkQ2VbbgcwWBdhHHIqMgclJQ4xHD4oAVFjIhESNjg1Cx0xElY0QwA4AH5SQmVVd1RSIQ0nWEV3FzcEACQXflRSOAolCkl3En5UWmJQbVdMf1RlEElgQjcVFTZZckMEJRAvWEVnUnJSQGBde1xGZFQ | 172.67.197.202 | 204 No Content | 0 B |
URL HTTP/2atebilaterde.one/dFFkQ2VbbgcwWBdhHHIqMgclJQ4xHD4oAVFjIhESNjg1Cx0xElY0QwA4AH5SQmVVd1RSIQ0nWEV3FzcEACQXflRSOAolCkl3En5UWmJQbVdMf1RlEElgQjcVFTZZckMEJRAvWEVnUnJSQGBde1xGZFQ IP172.67.197.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dFFkQ2VbbgcwWBdhHHIqMgclJQ4xHD4oAVFjIhESNjg1Cx0xElY0QwA4AH5SQmVVd1RSIQ0nWEV3FzcEACQXflRSOAolCkl3En5UWmJQbVdMf1RlEElgQjcVFTZZckMEJRAvWEVnUnJSQGBde1xGZFQ HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAlpn1sGdJKUr%2FJ6Zapl8wGRzdHXsTbNhEXKpRlolBXNBWPHHj9r%2FjMyD4sBksVQiHMxZDE7V6bkQmjg6cciwJkD3RvT9sDkQRJeC9DDxokY8jZs8sHjRGdS6d5RIeHC3z33"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 742208694db91c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/canvas-to-blob.min.js | 91.209.70.182 | 200 OK | 1.7 kB |
URL HTTP/2megaup.net/themes/flow/js/canvas-to-blob.min.js IP91.209.70.182:0
File typeASCII text, with very long lines (1032), with no line terminators Hash3c7d735756726829722fec1035f0a091 a5b95c7e9e56db53e29bd91a13f3a0eab0c77759 780f70e1c2a74c654a4f76b690e14fca4bb486006bef3836bf9c0690f9869c83
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/gauge.min.js | 91.209.70.182 | 200 OK | 5.5 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/gauge.min.js IP91.209.70.182:0
File typeASCII text, with very long lines (1259) Hash2687bb65f4d4b3bea136e8dd3eab5f44 82e33db34f96cb2c7eb9d3cf2187537067bb3e74 7c3434bfd6587c38d5fb92846dd6edda68f650c2db5d07ba79eef166a866eb48
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/imageads/019.gif | 91.209.70.182 | 200 OK | 850 kB |
URL HTTP/2megaup.net/imageads/019.gif IP91.209.70.182:0
File typeGIF image data, version 89a, 300 x 250\012- data Size850 kB (850157 bytes) Hash0e0a55692c2025b89cacce57763ff238 0ed0db48a99f5d1ead8793e9d9e21563ee5b4ee3 1e0cce373f323d981dc4463f1c2920962ca348667296dd94f2f9d2a91b34b988
GET /imageads/019.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: image/gif
content-length: 850157
last-modified: Thu, 02 Aug 2018 19:16:52 GMT
vary: Accept-Encoding
etag: "5b6358a4-cf8ed"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/VWmhUWVg5Bzo/Zy4BMGRgaF1taGl8Aic2NipVI2s2DS8cKy4uL2YvbDAAPH8sIAxpaX42CTo+ZXwNOjpla041PTpnXHItKDUDaSw2Pg0yMDY/DHIsOWcFOyMxNgQ1fGocXXppfWhYfCFpa01nG31oWDgwNi8QcWtoIlBiBm5uTWcbfWhYJi99aSltb3ZqQX-FraD0NNzI3f1oSa2hrWGRoaGtNZmk+MxoxPzciTWYfYWxGZH8tZ1k | 143.204.42.228 | 200 OK | 362 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/VWmhUWVg5Bzo/Zy4BMGRgaF1taGl8Aic2NipVI2s2DS8cKy4uL2YvbDAAPH8sIAxpaX42CTo+ZXwNOjpla041PTpnXHItKDUDaSw2Pg0yMDY/DHIsOWcFOyMxNgQ1fGocXXppfWhYfCFpa01nG31oWDgwNi8QcWtoIlBiBm5uTWcbfWhYJi99aSltb3ZqQX-FraD0NNzI3f1oSa2hrWGRoaGtNZmk+MxoxPzciTWYfYWxGZH8tZ1k IP143.204.42.228:0
File typeASCII text, with very long lines (464), with no line terminators Hashec022afc3795dff7e9802e8a7edac994 c292e06e97f0654ebdf80de9d90835165b3dc03d 06d3b5dacfaf801fe1794f1ed9b183271a7b941e8d34059f062a7f4f3f55e778
GET /VWmhUWVg5Bzo/Zy4BMGRgaF1taGl8Aic2NipVI2s2DS8cKy4uL2YvbDAAPH8sIAxpaX42CTo+ZXwNOjpla041PTpnXHItKDUDaSw2Pg0yMDY/DHIsOWcFOyMxNgQ1fGocXXppfWhYfCFpa01nG31oWDgwNi8QcWtoIlBiBm5uTWcbfWhYJi99aSltb3ZqQX-FraD0NNzI3f1oSa2hrWGRoaGtNZmk+MxoxPzciTWYfYWxGZH8tZ1k HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 362
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zLv7_Qh43j5oYwrX3bNxKC6z1Yhp3HgoGybkJP8loYGyorTmj5CKTQ==
X-Firefox-Spdy: h2
|
|
| a.exdynsrv.com/ad-provider.js | 205.185.216.42 | 200 OK | 24 kB |
URL HTTP/1.1a.exdynsrv.com/ad-provider.js IP205.185.216.42:0
File typeASCII text, with very long lines (65536), with no line terminators Hashaaf9807f02b627e17287d72f44ff064f 4a1127fcf78e8c8ed1f5b3d4c5eb775f9ca544cc 16164f450c0554c9c08c3fa1a797c4c27f47ff8ef6fbf823bd0c56a1a6629d6e
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 02:59:49 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23722
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"73ec54b6a3b356d666103cfbac5"
X-HW: 1661741989.dop018.sk1.t,1661741989.cds012.sk1.shn,1661741989.dop018.sk1.t,1661741989.cds246.sk1.c
Access-Control-Allow-Origin: *, *
|
|
| dmmzkfd82wayn.cloudfront.net/6Z2dwZUUECB4DehMOFFh9UFFDVH1BDQMKKxdaJRADNCkHFQ0gDjEkclFBBB8hWldWCSQJAE1DIAkETVRjBgMSWHFBEwAKLloDCBE9Dw4fBDMFQQUEeAoICgwpCwZVVwNSSUBAd1dPCFR0QlQyQHdXCxkLMB9CQlU9X1EvU3FCVDJAd1cVBkB2Jl5GS3VOQk-JVIgIEGwpgVSFCVXRXV0FVdEJVQAMsFQIWCj1CVTZcc0lXVhB4Vg | 143.204.42.228 | 200 OK | 450 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/6Z2dwZUUECB4DehMOFFh9UFFDVH1BDQMKKxdaJRADNCkHFQ0gDjEkclFBBB8hWldWCSQJAE1DIAkETVRjBgMSWHFBEwAKLloDCBE9Dw4fBDMFQQUEeAoICgwpCwZVVwNSSUBAd1dPCFR0QlQyQHdXCxkLMB9CQlU9X1EvU3FCVDJAd1cVBkB2Jl5GS3VOQk-JVIgIEGwpgVSFCVXRXV0FVdEJVQAMsFQIWCj1CVTZcc0lXVhB4Vg IP143.204.42.228:0
File typeASCII text, with very long lines (602), with no line terminators Hash859d38330061506e1d99ae437c228b60 2d14112b6598d86e4c5fc9f17841f7a42a413658 5bec3c8be0540369f7cd22384099d45e873dea30bb05330afbfadf9e636af373
GET /6Z2dwZUUECB4DehMOFFh9UFFDVH1BDQMKKxdaJRADNCkHFQ0gDjEkclFBBB8hWldWCSQJAE1DIAkETVRjBgMSWHFBEwAKLloDCBE9Dw4fBDMFQQUEeAoICgwpCwZVVwNSSUBAd1dPCFR0QlQyQHdXCxkLMB9CQlU9X1EvU3FCVDJAd1cVBkB2Jl5GS3VOQk-JVIgIEGwpgVSFCVXRXV0FVdEJVQAMsFQIWCj1CVTZcc0lXVhB4Vg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 450
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rxmgg7cJBAOCmDWEfy8QtHPqZfBlLuK7b-u1j-1WENPbqfaaPBNMFQ==
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/bUU9nWnYyIAk8SSUmA2dBZ35WYkB3JRQ1GCFyKDszBz0raTk0BEEuDDVyV3waMCEAZ1A0IQRnR3cuAzhLZWkTKhk6cgMiAiknDjUXJy1BLxdsIgggHz0jBn9EF3pJalNjf08iR2BqVBhTY38LMxgkN0JoRil3UQVAZWpUGFNjfxUsU2IOXmxYYWZCaEY2Kg-QxGXR9IWhGYH9Xa0ZgalVqEDg9AjwZKWpVHE9nYVd8A2x+ | 143.204.42.228 | 200 OK | 593 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/bUU9nWnYyIAk8SSUmA2dBZ35WYkB3JRQ1GCFyKDszBz0raTk0BEEuDDVyV3waMCEAZ1A0IQRnR3cuAzhLZWkTKhk6cgMiAiknDjUXJy1BLxdsIgggHz0jBn9EF3pJalNjf08iR2BqVBhTY38LMxgkN0JoRil3UQVAZWpUGFNjfxUsU2IOXmxYYWZCaEY2Kg-QxGXR9IWhGYH9Xa0ZgalVqEDg9AjwZKWpVHE9nYVd8A2x+ IP143.204.42.228:0
File typeASCII text, with very long lines (834), with no line terminators Hashcdf99e0ae06fff8338182694114d2a62 1f5cfee9276a7e779ccfd580eca8285f61c0815b f799caa1b74a78df0470dbbcc40b575d9bfb563d4f6f4b4252a53b25644d28df
GET /bUU9nWnYyIAk8SSUmA2dBZ35WYkB3JRQ1GCFyKDszBz0raTk0BEEuDDVyV3waMCEAZ1A0IQRnR3cuAzhLZWkTKhk6cgMiAiknDjUXJy1BLxdsIgggHz0jBn9EF3pJalNjf08iR2BqVBhTY38LMxgkN0JoRil3UQVAZWpUGFNjfxUsU2IOXmxYYWZCaEY2Kg-QxGXR9IWhGYH9Xa0ZgalVqEDg9AjwZKWpVHE9nYVd8A2x+ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 593
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hewH4oBK_jHo2tP69cOuCSXSCXFmvxfW3ZSygAmJ8YNIBa0iJxyYFA==
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/WaEZXOUQLKTlfexwvMwRzXnJmDXVOLCRWKhh7AXUTPQxjVx4iMGQfMBIiagliBCc5XnlOIzlaeVlgNl0mVXJxTTQHLWpdPBw+P1ArCTA1HzEJezpWPgEqO1hhWgBiF3RNdGcRPFl3cgoGTXRnVS0GMy8cdlg+bw8bXnJyCgZNdGdLMk11FgByRnZ+HHZYIT-JaLwdjZX92WHdnCXVYd3ILdA4vJVwiBz5yCwJRcHkJYh17Zg | 143.204.42.228 | 200 OK | 606 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/WaEZXOUQLKTlfexwvMwRzXnJmDXVOLCRWKhh7AXUTPQxjVx4iMGQfMBIiagliBCc5XnlOIzlaeVlgNl0mVXJxTTQHLWpdPBw+P1ArCTA1HzEJezpWPgEqO1hhWgBiF3RNdGcRPFl3cgoGTXRnVS0GMy8cdlg+bw8bXnJyCgZNdGdLMk11FgByRnZ+HHZYIT-JaLwdjZX92WHdnCXVYd3ILdA4vJVwiBz5yCwJRcHkJYh17Zg IP143.204.42.228:0
File typeASCII text, with very long lines (835), with no line terminators Hash2380e0861ab4dcc0d037868a9398f306 528ac8d9390eef8fdc9529f4692aedd3c03da516 4b8d158799f7c9ef95518709b8162fb68d02eb0c1c16f43e3f4fed7df23d40cb
GET /WaEZXOUQLKTlfexwvMwRzXnJmDXVOLCRWKhh7AXUTPQxjVx4iMGQfMBIiagliBCc5XnlOIzlaeVlgNl0mVXJxTTQHLWpdPBw+P1ArCTA1HzEJezpWPgEqO1hhWgBiF3RNdGcRPFl3cgoGTXRnVS0GMy8cdlg+bw8bXnJyCgZNdGdLMk11FgByRnZ+HHZYIT-JaLwdjZX92WHdnCXVYd3ILdA4vJVwiBz5yCwJRcHkJYh17Zg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 606
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TjisK6RLrBkd3TWzO7u9EUW7gwVs3JUv3fPxAvQqmkOEb4V1xPgeag==
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/XdHBqa2YXHwQNWQAZDlZfQElSXVJSGhkECARNO1I1JD8yGhEGMTs5QAAKDlZWUhwLBQFJVg8FBUlBTAoCFk1eTRMVTQcEHB0cBgpDRjZfRVZRQlpDHkVBT1gkUUJaBw8aBRJOVEQIUl05QkRPWCRRQloZEFFDK1JQWkBDTlREFw8IDRtVWC1UREFaW1dEQU-9ZVhIZGA4AGwhPWSBNRkRbQAFNWw | 143.204.42.228 | 200 OK | 190 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/XdHBqa2YXHwQNWQAZDlZfQElSXVJSGhkECARNO1I1JD8yGhEGMTs5QAAKDlZWUhwLBQFJVg8FBUlBTAoCFk1eTRMVTQcEHB0cBgpDRjZfRVZRQlpDHkVBT1gkUUJaBw8aBRJOVEQIUl05QkRPWCRRQloZEFFDK1JQWkBDTlREFw8IDRtVWC1UREFaW1dEQU-9ZVhIZGA4AGwhPWSBNRkRbQAFNWw IP143.204.42.228:0
File typeASCII text, with no line terminators Hash34c8f83024146a157d83c083fab7af10 ee6315ef0df90db3a207cb9deee9ec08d2279e06 d3a7db5e96751bc6b3097e24f85cc12e79dc9581e37b6bffe54edea93c1bc525
GET /XdHBqa2YXHwQNWQAZDlZfQElSXVJSGhkECARNO1I1JD8yGhEGMTs5QAAKDlZWUhwLBQFJVg8FBUlBTAoCFk1eTRMVTQcEHB0cBgpDRjZfRVZRQlpDHkVBT1gkUUJaBw8aBRJOVEQIUl05QkRPWCRRQloZEFFDK1JQWkBDTlREFw8IDRtVWC1UREFaW1dEQU-9ZVhIZGA4AGwhPWSBNRkRbQAFNWw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dBUdgFdhWq_eM7ziE6LcweNj4fX0E8mO14goA84uJeZp1NaIhtxXPg==
X-Firefox-Spdy: h2
|
|
| imp9.bidgear.com/rec?t=1&z=6192&uuid=7fd27b99d0584a0e9b90e590ed9b9623&p=28&g=NO&token=4a44335432&tbg=1661741989 | 172.67.74.36 | 200 OK | 599 B |
URL HTTP/2imp9.bidgear.com/rec?t=1&z=6192&uuid=7fd27b99d0584a0e9b90e590ed9b9623&p=28&g=NO&token=4a44335432&tbg=1661741989 IP172.67.74.36:0
File typeJPEG image data, baseline, precision 8, 1x1, components 3\012- data Hashca49a7e783b806a4e8576ea80346203d 6fe9d083221dae98f6c76f7121c37bc884b02d82 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=7fd27b99d0584a0e9b90e590ed9b9623&p=28&g=NO&token=4a44335432&tbg=1661741989 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32rJGD93ChWAFueGr9NAFgiBW95geDCL4zfDXXNhl57jIb%2B9fQqDpGLS73ouPfHpHAefTjsMXlgjnvsHsbfrvji%2F0hYI4BI9JrJh5keuacrZe1SvFhz6merpMokyndJbzA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7422086b1a92b4e8-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashac5d034d14e7c524db8d65c3751ef5aa d2873a11bb2e6d146e5d59efb6df62ba9b6221a9 1de3aeb54079c2318052072da1755f866645772ccdefcd37fda7d5cb7f37932c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DE3AEB54079C2318052072DA1755F866645772CCDEFCD37FDA7D5CB7F37932C"
Last-Modified: Fri, 26 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4894
Expires: Mon, 29 Aug 2022 04:21:23 GMT
Date: Mon, 29 Aug 2022 02:59:49 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 281 B |
IP172.64.155.188:0
Hashb701cae1246f4c1800eb9a00e6409f80 8ebc69fb277f03aca2dfc337426d2c7b3ab669e0 06224a3613fb2e9d9b7dbe28e4ab00cead6fd820b0800e8caf232a7c41c9a47c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 21:53:49 GMT
Expires: Fri, 02 Sep 2022 21:53:48 GMT
Etag: "8ebc69fb277f03aca2dfc337426d2c7b3ab669e0"
Cache-Control: max-age=413038,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7422086ad8770b65-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6bb90a9c99cad71b0ca7a4d88fbbe5ca 7364b7e1cb294c9136157c7c00b568cef112add8 50420e9d6b5ac783404342e0078117447cd5df0ff8c8d66019ae916f0f82b7b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:49 GMT
Last-Modified: Mon, 29 Aug 2022 01:26:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png | 91.209.70.182 | 200 OK | 951 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png IP91.209.70.182:0
File typePNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data Hash76852bc6b2c028db97322a74e85bd020 ed52fb4de0d51f93277bbaae42fa80ba5f92c31e 8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2015a3bf2b204bfe78a3b6e6eb622f98 12d18c7b4c84248d241e7a1dc0e75f633419e89e 0ddfe98001f4e107b97b2ba13fc42d0d65373e8651a07f591e646d8e5bd70571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash56f5d7f608e25d64207135f045f988cb 901eb59372ae330ae85e1384da93479b21ae1082 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 29 Aug 2022 02:41:12 GMT
expires: Mon, 29 Aug 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 1117
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash2015a3bf2b204bfe78a3b6e6eb622f98 12d18c7b4c84248d241e7a1dc0e75f633419e89e 0ddfe98001f4e107b97b2ba13fc42d0d65373e8651a07f591e646d8e5bd70571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/j/collect?v=1&_v=j96&a=1646311718&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&ul=en-us&de=UTF-8&dt=Jade.Order-Chronos.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1692153462&gjid=900031972&cid=2147451511.1661741990&tid=UA-108868042-1&_gid=516060110.1661741990&_r=1>m=2ou8o0&z=191250903 | 142.250.74.174 | 200 OK | 1 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j96&a=1646311718&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&ul=en-us&de=UTF-8&dt=Jade.Order-Chronos.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1692153462&gjid=900031972&cid=2147451511.1661741990&tid=UA-108868042-1&_gid=516060110.1661741990&_r=1>m=2ou8o0&z=191250903 IP142.250.74.174:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1646311718&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&ul=en-us&de=UTF-8&dt=Jade.Order-Chronos.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1692153462&gjid=900031972&cid=2147451511.1661741990&tid=UA-108868042-1&_gid=516060110.1661741990&_r=1>m=2ou8o0&z=191250903 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Mon, 29 Aug 2022 02:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 216.58.207.237 | 302 Found | 395 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP216.58.207.237:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380) Hasha6c3077c709c6d28da1f203220377bf7 6eb8a727e0ced568bc5308db3b4021968ee547e7 ccf22a6d9dd45b4df2a71ddeb2bbf12c498ac425ddf2830e017c4ced9d6306a8
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 02:59:49 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1862995335%3A1661741989861104&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU2YfGWO-po7oFoQ3ifFH0aUqkirVKmCW_X_m8VfWbqyUhzEWaScdO0AC0klNFwif6oFPMDxw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-1dhsfA1PuFZRWzx_sgiwxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:secpiCmKygpr9hQJvwVxVfpKlkQxZQ:NSAEOxFhXS_SqlL-;Path=/;Expires=Wed, 28-Aug-2024 02:59:49 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| syndication.exdynsrv.com/v1/api.php | 95.211.229.247 | 200 OK | 728 B |
URL HTTP/1.1syndication.exdynsrv.com/v1/api.php IP95.211.229.247:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (971), with no line terminators Hash047dc324db4686d6e063e64a2093e209 1d86ccfa62ed7591b5841dc2bd64927709e2a2af d80a7f7a13e8983b86205595c4d19492621c2c032b117e106eea6879b618395f
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 285
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| static.a-ads.com/a-ads-banners/411611/300x250?region=eu-central-1 |  136.243.14.10 | 200 OK | 9.2 kB |
URL HTTP/2static.a-ads.com/a-ads-banners/411611/300x250?region=eu-central-1 IP136.243.14.10:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data Hash6963b50fcf94aedbb433584d31e26901 78374b90e2ffc0ba42e0d34a10a31c9c5a6c7923 2cab0800fa47e3c9b80709a2b141728f03ad0f22fb025a11c682900ab86642ef
GET /a-ads-banners/411611/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: image/png
content-length: 9195
x-amz-id-2: +0SilJcbazN9/C7xWnNQvg96QYo7oiPUG/OjSAOceavY8yhhPQhZ8R+MHpZxQ1ql5cBfGOPFm28=
x-amz-request-id: C1BBS7D4Q255V6ZJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Aug 2022 09:19:36 GMT
etag: "6963b50fcf94aedbb433584d31e26901"
cache-control: max-age=315360000
x-amz-version-id: 0d0P77P.WuP6bX6MEuokma7tLmK2PwFY
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash82f7f6347e76f114bef1f5a1c73c8681 82223dbfeb95d5096b4b56980f478f258ec9995b 966912cb9f658c1fbd29f1b117ae62b4a17b673b3cc1378a31d17b9fa8d50500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| oulukdliketo.shop/utx?cb=AcSiVcU2jYjJ&top=megaup.net&tid=761186 | 143.204.55.20 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=AcSiVcU2jYjJ&top=megaup.net&tid=761186 IP143.204.55.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=AcSiVcU2jYjJ&top=megaup.net&tid=761186 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 03:00:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AGPCRTA5jMxH1ALdzDdwcKft5haICuXKoVSqAmTW67FGM8pfLLS9xg==
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/utx?cb=e63TYZ60ryEK&top=megaup.net&tid=825911 | 143.204.55.20 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=e63TYZ60ryEK&top=megaup.net&tid=825911 IP143.204.55.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=e63TYZ60ryEK&top=megaup.net&tid=825911 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 03:00:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cSWYlnJkYpVuKzYgdFy6ME9ijgwrYvQPL-N07HbElXZ7BDBwWpIygg==
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/utx?cb=rtYundB8JiH9&top=megaup.net&tid=876318 | 143.204.55.20 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=rtYundB8JiH9&top=megaup.net&tid=876318 IP143.204.55.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=rtYundB8JiH9&top=megaup.net&tid=876318 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 03:00:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o3gATGj2VW4TpOraH48VV9psrusRzjTUnfx1qtFF4KVY11v24Ev6bw==
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/utx?cb=Hn6uLX1j6kbu&top=megaup.net&tid=764141 | 143.204.55.20 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=Hn6uLX1j6kbu&top=megaup.net&tid=764141 IP143.204.55.20:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Hn6uLX1j6kbu&top=megaup.net&tid=764141 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 03:00:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SZ59xhDRBh6cveDW6dYlz2k3qM3h6VgvrKvdcGMyE2F3_f8lVff5qQ==
X-Firefox-Spdy: h2
|
|
| dmmzkfd82wayn.cloudfront.net/ | 143.204.42.228 | 200 OK | 73 B |
URL HTTP/2dmmzkfd82wayn.cloudfront.net/ IP143.204.42.228:0
File typeASCII text, with no line terminators Hashde37377b72195a4f064edf7ec8a76676 ed544d5b6a37acad78498099407c648a93316ddb b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 29 Aug 2022 02:59:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oEHO7PwxGYKbdN8U3yqVjO3_fczEGA-mQxPD6rL_uayCzEXKATDjug==
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6bb90a9c99cad71b0ca7a4d88fbbe5ca 7364b7e1cb294c9136157c7c00b568cef112add8 50420e9d6b5ac783404342e0078117447cd5df0ff8c8d66019ae916f0f82b7b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 02:59:49 GMT
Last-Modified: Mon, 29 Aug 2022 01:26:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEQQy8iheYppJO9yT77beC4gFmelu/XAQVVqjD2zMrgykCqSSVh0J1gk/qd6qnEicLhqRAMk1SjA+PTzThe39bvj/SpX8xS1QFawTMGdlcK82qiVcWEZpGLbPR3GeBgVKYiQEt2WyLEgChgy/P97vLgDIDVy1DsK+lQGmD4LqJM84yx7l1s1YbmlZvWGVd+6INsanw/07ckCDh+/S/xHjAsppykoMYh4F7efn8uTTyaL+hHAPG3bX03NUcXV57a+Uctfqyui1REPUXvyZbcFUBAAA= | 95.211.229.247 | 200 OK | 20 B |
URL HTTP/1.1syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEQQy8iheYppJO9yT77beC4gFmelu/XAQVVqjD2zMrgykCqSSVh0J1gk/qd6qnEicLhqRAMk1SjA+PTzThe39bvj/SpX8xS1QFawTMGdlcK82qiVcWEZpGLbPR3GeBgVKYiQEt2WyLEgChgy/P97vLgDIDVy1DsK+lQGmD4LqJM84yx7l1s1YbmlZvWGVd+6INsanw/07ckCDh+/S/xHjAsppykoMYh4F7efn8uTTyaL+hHAPG3bX03NUcXV57a+Uctfqyui1REPUXvyZbcFUBAAA= IP95.211.229.247:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEQQy8iheYppJO9yT77beC4gFmelu/XAQVVqjD2zMrgykCqSSVh0J1gk/qd6qnEicLhqRAMk1SjA+PTzThe39bvj/SpX8xS1QFawTMGdlcK82qiVcWEZpGLbPR3GeBgVKYiQEt2WyLEgChgy/P97vLgDIDVy1DsK+lQGmD4LqJM84yx7l1s1YbmlZvWGVd+6INsanw/07ckCDh+/S/xHjAsppykoMYh4F7efn8uTTyaL+hHAPG3bX03NUcXV57a+Uctfqyui1REPUXvyZbcFUBAAA= HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 02:59:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| megaup.net/sw.js?em9WTFEhTW5%2EY0xcZW59WE16bjdOC295YB8Le39hSlZ7eGlNCXt0N0xae3RgGFY3e2YfXmMvN1hDdH5oSA1gfmROQmR4NUtCYnw1T0JveWhNQm5%2BNE1XN3RhTF83L3NWTSU7c1ZNJTg0FgM%2EJDAUCzopIlQHNyUjWEN0fWFUWnRgNxsDJSl9HA46PzRWCTcgIh8y | 91.209.70.182 | 200 OK | 30 kB |
URL HTTP/2megaup.net/sw.js?em9WTFEhTW5%2EY0xcZW59WE16bjdOC295YB8Le39hSlZ7eGlNCXt0N0xae3RgGFY3e2YfXmMvN1hDdH5oSA1gfmROQmR4NUtCYnw1T0JveWhNQm5%2BNE1XN3RhTF83L3NWTSU7c1ZNJTg0FgM%2EJDAUCzopIlQHNyUjWEN0fWFUWnRgNxsDJSl9HA46PzRWCTcgIh8y IP91.209.70.182:0
File typeASCII text, with very long lines (65536), with no line terminators Hashe60bb80ec170eb0cc6ccc9d54e231114 687532bce0b32acd8fcfb4fb31402823413ce74a ad03a1f407c41136427deb3bbce15201ec83ade04f31df7bcd1c516a58962002
GET /sw.js?em9WTFEhTW5%2EY0xcZW59WE16bjdOC295YB8Le39hSlZ7eGlNCXt0N0xae3RgGFY3e2YfXmMvN1hDdH5oSA1gfmROQmR4NUtCYnw1T0JveWhNQm5%2BNE1XN3RhTF83L3NWTSU7c1ZNJTg0FgM%2EJDAUCzopIlQHNyUjWEN0fWFUWnRgNxsDJSl9HA46PzRWCTcgIh8y HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1; _ga=GA1.2.2147451511.1661741990; _gid=GA1.2.516060110.1661741990; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:50 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| pectthatmye.shop/utx?tid=832633&top=megaup.net&cb=fX9JvCcubnEL | 54.230.111.36 | 204 No Content | 0 B |
URL HTTP/2pectthatmye.shop/utx?tid=832633&top=megaup.net&cb=fX9JvCcubnEL IP54.230.111.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=fX9JvCcubnEL HTTP/1.1
Host: pectthatmye.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 02:59:50 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 03:00:50 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Eu3WHd88wl9GUhA432gH2ypwRf9e04DQyS1Dcv4_SMtFQ8R60fZDGw==
X-Firefox-Spdy: h2
|
|
| hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js | 209.197.3.25 | 200 OK | 17 kB |
URL HTTP/1.1hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js IP209.197.3.25:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash76b17c6991f802ab2a4ff15c0016711e 09b12694489665e08a00e0fece3020014aaff3d1 05db68452f35a8ea989d6cc2faf660833873cc38d0dfd8f350caff17dc597e74
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10694400
X-HW: 1661741990.dop017.sk1.t,1661741990.cds252.sk1.shn,1661741990.cds252.sk1.c
Access-Control-Allow-Origin: *
|
|
| a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6iXaay7bXemnWvWXWeu3WXSbTTfOfWW6V0rv9.czijBuZznSuldK6V0rpXSuldK4Ps | 66.254.114.171 | 200 OK | 14 kB |
URL HTTP/2a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6iXaay7bXemnWvWXWeu3WXSbTTfOfWW6V0rv9.czijBuZznSuldK6V0rpXSuldK4Ps IP66.254.114.171:0
Hashd343f3dc3f16d0bc568c894320b4b49f f93050bfdf0021b84a26ad4cbaab71f2ca06af5f da65ab6c97b5c438fa6bf7bfffdf9e376fc0f21d9a1b92dca689736186506d33
GET /get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6iXaay7bXemnWvWXWeu3WXSbTTfOfWW6V0rv9.czijBuZznSuldK6V0rpXSuldK4Ps HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 29 Aug 2022 02:59:50 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KHmMMK6aD6UUMrcR2Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7078; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 630C2BA6-42FE72AB01BBB9B2-EB65731
X-Firefox-Spdy: h2
|
|
| hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_logo.png | 205.185.208.20 | 200 OK | 16 kB |
URL HTTP/1.1hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_logo.png IP205.185.208.20:0
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data Hash2aaacb14c0816c811151f7e5ad369e9f 2b51b630dcbbdcd9cb0e9c298a5d4323de0f19f5 c6f084bf2cbf871312c3c508455dfeff2bb11dc8909d98ab1a43897b16bedf4e
GET /a7/creatives/39/1393/805208/1028974/1028974_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: Keep-Alive
ETag: "1649873991"
Content-Length: 15603
Content-Type: image/png
Last-Modified: Wed, 13 Apr 2022 18:19:51 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10552566
X-HW: 1661741990.dop026.sk1.t,1661741990.cds257.sk1.shn,1661741990.dop026.sk1.t,1661741990.cds227.sk1.c
Access-Control-Allow-Origin: *
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash464c8cb4be384ba9534ec4f7f231482b 55cbab58a6a23040fb31b4d68cfcc35fe5dc2856 64bb69a2790182a23a43c9518d093690363f33c4e39bc1d1337222b4fa528c67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 29 Aug 2022 07:06:52 GMT
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 532 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash494de3c005388126dc0ced61074b3cfb f70a00fc196c451746c683735bf48934968a80fb f2c392a6dba687cc6ea3aae138999778c35f797d0feb7b90697786fdfbb251e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 29 Aug 2022 07:06:52 GMT
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: keep-alive
|
|
| hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_video.mp4 | 205.185.208.20 | 206 Partial Content | 513 kB |
URL HTTP/1.1hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_video.mp4 IP205.185.208.20:0
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size513 kB (513036 bytes) Hashb8e13fc38d24155acfee347096dd0337 8b197d6a698841b21d30425c79c640912c31c55f 968c1265d8caffcb43ce690d7964e6f8c2f9fd2df304b53b43d4b76cf33834de
GET /a7/creatives/39/1393/805208/1028974/1028974_video.mp4 HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: Keep-Alive
ETag: "1649875693"
Content-Length: 513036
Content-Range: bytes 0-513035/513036
Content-Type: video/mp4
Last-Modified: Wed, 13 Apr 2022 18:48:13 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10471743
X-HW: 1661741990.dop026.sk1.t,1661741990.cds257.sk1.shn,1661741990.dop026.sk1.t,1661741990.cds222.sk1.c
Access-Control-Allow-Origin: *
|
|
| oulukdliketo.shop/multi?cs=WThsbnRrDlpdR2oKWV5FaAtcVkU&abt=0&red=1&sm=76&k=download%20file%20jade%20order%20chronos&v=1.0.59.0&sts=0&prn=0&emb=0&tid=876318&u=2204030072987581&agec=1661741990&fs=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_wauj=1661741990110&crc=1 | 143.204.55.20 | 200 OK | 1.5 kB |
URL HTTP/2oulukdliketo.shop/multi?cs=WThsbnRrDlpdR2oKWV5FaAtcVkU&abt=0&red=1&sm=76&k=download%20file%20jade%20order%20chronos&v=1.0.59.0&sts=0&prn=0&emb=0&tid=876318&u=2204030072987581&agec=1661741990&fs=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_wauj=1661741990110&crc=1 IP143.204.55.20:0
File typeASCII text, with very long lines (3139), with no line terminators Hash9726d947cd273cf6e02016c92031d678 c88ddebe96f4d1f03bbc0e30856c67854c550ae8 8ee7690d72f6312e9a8687c71795234f7461adebe6b7ab2353d6b94284d6a360
GET /multi?cs=WThsbnRrDlpdR2oKWV5FaAtcVkU&abt=0&red=1&sm=76&k=download%20file%20jade%20order%20chronos&v=1.0.59.0&sts=0&prn=0&emb=0&tid=876318&u=2204030072987581&agec=1661741990&fs=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_wauj=1661741990110&crc=1 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1469
date: Mon, 29 Aug 2022 02:59:50 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=edfb62b6-247d-4135-bb8b-a0e87d1f7a76
csu=2204030072987581
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0O0rNTfPZxONiVai10w22ZFHfPhwsUQTt7RjPlli2dYwo12fzd6JUQ==
X-Firefox-Spdy: h2
|
|
| freychang.fun/asd100.bin | 172.67.218.221 | 200 OK | 103 kB |
IP172.67.218.221:0
Size103 kB (102903 bytes) Hash8e83a702ede80d3d8fbd3e594af6b89b 5ab6de624aede0c0479aa28f4c79ad08dd362992 413689341d8633be2aabc4467ced764c7d668f91906c5c792fc3cfb52a74f05b
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3480
last-modified: Mon, 29 Aug 2022 02:01:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTPksnjodDhYHQUIcVpLqwwivkY2KVaFsu7rpgVARS%2BrWTkH3kC165mJE0yEnbRFGLCme135mi%2Fb%2BofgPE4yQfjizk9tPNubB3GnGUOdyRTSVa8ReZIM83Vi8sovNG%2F4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7422086c987cb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMjkuODEiLCJ0aWQiOiIxIiwiaXQiOiIyOVwvQXVnXC8yMDIyOjAyOjU5OjUwICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjE3LjU5Iiwic25jY2lkIjoiMTg5MDk2NCIsImlpZCI6IjE0ZTU4MmIzNjc0YjExZWQwOTM3MWE5ZmY1YTRlOTk3IiwiZXh0X2lpZCI6IiJ9?unique_view=1 | 66.254.114.171 | 200 OK | 523 B |
URL HTTP/2a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMjkuODEiLCJ0aWQiOiIxIiwiaXQiOiIyOVwvQXVnXC8yMDIyOjAyOjU5OjUwICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjE3LjU5Iiwic25jY2lkIjoiMTg5MDk2NCIsImlpZCI6IjE0ZTU4MmIzNjc0YjExZWQwOTM3MWE5ZmY1YTRlOTk3IiwiZXh0X2lpZCI6IiJ9?unique_view=1 IP66.254.114.171:0
Hasha922febee2ab0556a0d3c6554ee98323 9b9095739fd604dfb50139d0cd43933220dbef30 940738498aa811d8fcbdc952e3d677324170b87ebe1c101f13973715f764a062
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMjkuODEiLCJ0aWQiOiIxIiwiaXQiOiIyOVwvQXVnXC8yMDIyOjAyOjU5OjUwICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjE3LjU5Iiwic25jY2lkIjoiMTg5MDk2NCIsImlpZCI6IjE0ZTU4MmIzNjc0YjExZWQwOTM3MWE5ZmY1YTRlOTk3IiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc6iXaay7bXemnWvWXWeu3WXSbTTfOfWW6V0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
Cookie: adtool_guid=Ch5KHmMMK6aD6UUMrcR2Ag==; RNLBSERVERID=ded7078
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 29 Aug 2022 02:59:50 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 630C2BA6-42FE72AB01BBB9B2-EB65756
X-Firefox-Spdy: h2
|
|
| freychang.fun/ | 172.67.218.221 | 200 OK | 531 B |
IP172.67.218.221:0
File typeASCII text, with no line terminators Hashe3ed5e7857fd76f9fc5677c6efb542e2 b4f2d96986db475254788b0a1a4b847cd64574ff 3bc4ddc26b94ada4e2cd9546bb2d87c8674bbd79190d7897a3d87654b9525b00
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET / HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: text/plain
set-cookie: csu=12291458108559@1@1661741989; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD0D%2FOlOPIakVJ3Mf9WUc4r5TLtrL7RzFvzskSNmKy4iHC79NSJrjrxp0RzlrwqVKFiBPGE2EYkUapUoDdQCBxm4qw%2B82t%2F0rhJLZlRLy7Vg%2BcU%2FvfKR%2BoxfGaSjtFSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7422086c987bb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12073
Expires: Mon, 29 Aug 2022 06:21:03 GMT
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8483eb99dbd130593ed0072e2fbaccf9 fcb83f0b4a448f0b94b0bf9db431cc802413dacd 5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12073
Expires: Mon, 29 Aug 2022 06:21:03 GMT
Date: Mon, 29 Aug 2022 02:59:50 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash802bfe7acd4327df18702f409e40cfdb 98c7958594a60d494ee526a3d252896d568b6bf2 8ae866f6eab5d5c3376e105e24aa40e402148b22128a0c5605dbe8feea1c07e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: 6957528b-2272-4731-a98b-833a39b043af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xd4EMH3WIAMFlkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308a081-75bbb24862cf340b5b823539;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 10:29:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: k_s3VPqSeYNsj-GslCxAICdiqBlsjb1eibuGu3Q7uNQ1GT9vEJCa1Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:14:05 GMT
age: 17145
etag: "98c7958594a60d494ee526a3d252896d568b6bf2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94e91b9b-1206-4aed-8c83-18cf70edf32e.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94e91b9b-1206-4aed-8c83-18cf70edf32e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashad06ed828f693139341ccfe48f97115d 6539155ae2528248dd6de37fb5ff1440c9692b39 9e05359e4c15e9e1a4be5e4a23cb55b2b894c7f4e9a1af9a451eaa938c908760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94e91b9b-1206-4aed-8c83-18cf70edf32e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9077
x-amzn-requestid: 31843c8e-9da2-4224-b6ee-d10b24f7843b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XeDpCGSXIAMFvkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308b306-6fb8cb2d5ca067d656eccf6a;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 11:48:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XlD27XAMps8KyFPtabjRwQuhT4MOMJKu_ZaP6qoBaf8yKlszk3fNtg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:30 GMT
age: 19460
etag: "6539155ae2528248dd6de37fb5ff1440c9692b39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5e0dc790ca607928d609e38f37c012d0 9d37dd425e3319fbb4248718f58371b43d513ce7 7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:16 GMT
age: 19474
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5ecb489-4fd8-4e4e-b318-fffcf79110d7.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5ecb489-4fd8-4e4e-b318-fffcf79110d7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe1305a5540cad1ab30bc9d15786ddc48 bb4ea157cc4ff77c40d3414e9ef2b4b3e5ab0c0a 091a42a4201289a6fb7748b093eb44b9e65a97766278ebf31a61b331b71d67cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5ecb489-4fd8-4e4e-b318-fffcf79110d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7173
x-amzn-requestid: 5a90dbd1-f44e-4e95-a48e-0f65823d418d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xl_YXGtooAMF4mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630bdf68-5337b43056ac5811310e3417;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 21:34:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 22sHvypmRIXj-UHSiiQ07oLp_97vTtfeB7jkwo8AChjqSpCmMDq2GQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:09:42 GMT
age: 17408
etag: "bb4ea157cc4ff77c40d3414e9ef2b4b3e5ab0c0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6982da72-0f3b-4868-a5d0-965606070656.webp | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6982da72-0f3b-4868-a5d0-965606070656.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash374e889da59693eceda6a703b69791a5 62cb15f5896a855da94a4f17238d076c09692214 96a2b14e8b6e7673346e798076552f589f853f71aee7301b3c3fb3badcef5be6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6982da72-0f3b-4868-a5d0-965606070656.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 99e7e24a-95eb-42bb-a787-dcdbedd02949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xew81HqooAMFceQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308fb85-29df7e07669e925f13e34c0c;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 16:57:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qexyNTSbCGkGNnjHCdYvu8VF0m22zNpHJklVTfSQgSxPfv1mmn812g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:14:07 GMT
age: 17143
etag: "62cb15f5896a855da94a4f17238d076c09692214"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-process.js | 91.209.70.182 | 200 OK | 8.7 kB |
URL HTTP/2megaup.net/themes/flow/js/jquery.fileupload-process.js IP91.209.70.182:0
Hashfb5837555427b1d467b2c4e097d843a5 28656b6e00524fc4aacb015db861cdbe3aef4a0a 953cafadead8d157e1e76dd8a13e6c885d2946fbd0e90730e02377452ac9a38f
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| stellihandles.hair/ | 44.195.137.121 | 200 OK | 0 B |
IP44.195.137.121:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff | 91.209.70.182 | 200 OK | 32 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff IP91.209.70.182:0
File typeWeb Open Font Format, TrueType, length 31568, version 1.1\012- data Hashe0c4ac0e73196bd0469c5c33304b7773 bb071565f82907d117b0732dca8013409162c67d ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1; _ga=GA1.2.2147451511.1661741990; _gid=GA1.2.516060110.1661741990; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:50 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| stellihandles.hair/ | 44.195.137.121 | 200 OK | 0 B |
IP44.195.137.121:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/floater?cs=Mjl5azQHCUBTAwoJTVgBAA5LXgI&abt=0&red=1&sm=83&k=download%20file%20jade%20order%20chronos&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&u=2204030072987581&agec=1661741990&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_wLh0=1661741990114&crc=1 | 143.204.55.20 | 200 OK | 4.0 kB |
URL HTTP/2oulukdliketo.shop/floater?cs=Mjl5azQHCUBTAwoJTVgBAA5LXgI&abt=0&red=1&sm=83&k=download%20file%20jade%20order%20chronos&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&u=2204030072987581&agec=1661741990&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_wLh0=1661741990114&crc=1 IP143.204.55.20:0
File typeASCII text, with very long lines (6399), with no line terminators Hashc95406318952aaecb06b882863caca0d 4c5e8829706d9fc6ab79a7dfcb29a2340a57ad27 d4f3d20bed388740b4fc2e1bc5428c5a15db775ed9198cd22c9c1b49fb092112
GET /floater?cs=Mjl5azQHCUBTAwoJTVgBAA5LXgI&abt=0&red=1&sm=83&k=download%20file%20jade%20order%20chronos&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&u=2204030072987581&agec=1661741990&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=134.9527665317139&ref=https%3A%2F%2Fmegaup.net%2F17E42%2FJade.Order-Chronos.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_wLh0=1661741990114&crc=1 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 4003
date: Mon, 29 Aug 2022 02:59:50 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=a8c88a73-7d34-4c4d-907f-4acd0dfd7e7a
csu=2204030072987581
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wNoF3WeiFNX1zl9Ojrzk3aaBnCSDSjqKJe2NvnSUOZi4GQ1f9qOSvQ==
X-Firefox-Spdy: h2
|
|
| stellihandles.hair/ | 44.195.137.121 | 200 OK | 0 B |
IP44.195.137.121:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2fcf3f182b055013f380f23772c0f302 6d9f9a203601f2c91139b5d5676332c8d67ba098 45e5531b8ed79235019b39bec454bdcd00f5d28988253cbda6c6d77634a50b3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "45E5531B8ED79235019B39BEC454BDCD00F5D28988253CBDA6C6D77634A50B3B"
Last-Modified: Fri, 26 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12014
Expires: Mon, 29 Aug 2022 06:20:06 GMT
Date: Mon, 29 Aug 2022 02:59:52 GMT
Connection: keep-alive
|
|
| xml.serve-servee.com/thumbnail?i=Pr*yAEgMkvM_0&imgt=icon | 172.67.217.88 | 302 Found | 0 B |
URL HTTP/2xml.serve-servee.com/thumbnail?i=Pr*yAEgMkvM_0&imgt=icon IP172.67.217.88:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=Pr*yAEgMkvM_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 29 Aug 2022 02:59:53 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZaALdXubGzru6%2B3rsO3bLpuST3DYe%2BYYLCFOr9ENNvBH0d39B4W0hWmKSSvyNlWyCAFbxiArsvx%2FpeFXBWFmu0SPhnB8w1K5TFGieBqRghgPPv5wSNQA1B0uRNjV0ZfNs%2FS8xlAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 742208800ff8b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2fcf3f182b055013f380f23772c0f302 6d9f9a203601f2c91139b5d5676332c8d67ba098 45e5531b8ed79235019b39bec454bdcd00f5d28988253cbda6c6d77634a50b3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "45E5531B8ED79235019B39BEC454BDCD00F5D28988253CBDA6C6D77634A50B3B"
Last-Modified: Fri, 26 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12013
Expires: Mon, 29 Aug 2022 06:20:06 GMT
Date: Mon, 29 Aug 2022 02:59:53 GMT
Connection: keep-alive
|
|
| static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png | 172.67.217.88 | 200 OK | 89 kB |
URL HTTP/2static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png IP172.67.217.88:0
File typePNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data Hash0994ec31361ea569c5549063145bfdd2 9b270e9f7a346a0f0f60a978e154f49740350270 e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:53 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1661741993.cds204.sk1.h2,1661741993.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdAB4Glir6UIRCYsaDxRnChQG1Ha8vKiYFwIbffQw235oLMo2RL9cF4e6FrFuXCelt9d8s74rlUMrC%2FhFXIi%2FVrxE6G9PP8inAtMtCkSYfGSp4ZjGTngPh%2BM5eB52KeNnehIWzQZhLkY3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74220880d873b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff | 91.209.70.182 | 200 OK | 32 kB |
URL HTTP/2megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff IP91.209.70.182:0
File typeWeb Open Font Format, TrueType, length 31900, version 1.1\012- data Hash1b285c8e5b7445a8e434b2cdf036bab2 c97d4772fbb5c5637d466b5f991bc7ec28830b32 09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1; _ga=GA1.2.2147451511.1661741990; _gid=GA1.2.516060110.1661741990; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:55 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha8b7b1beeaf15b48320004077c39dbb5 21785ae52936ae105b5199e0406be6032ebea885 0bbc5421a1192e2f4a86f44d9bf692234d13df58473443b388ab132d9652a20f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0BBC5421A1192E2F4A86F44D9BF692234D13DF58473443B388AB132D9652A20F"
Last-Modified: Mon, 29 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17505
Expires: Mon, 29 Aug 2022 07:51:41 GMT
Date: Mon, 29 Aug 2022 02:59:56 GMT
Connection: keep-alive
|
|
| articlepawn.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skxRev%2BX73snhRWfGywnhTkEn3zKSnx0UX12wkmN0suy56UqqrupO36e5qqrqmJzkFBdmTjHjQY%2BWTbIK6%2FvoDXKWz4CEgZG4RzdmborBXZcYxwQfNe%2F0%2Bj%2BLz6vOp97ftCWvB8uOFa2qT0pTPzbe85nNv%2Bf6l5jLldtgchsE7QfdSUw9e7Act7%2Fnma7FYV3Ntz%2Fc83%2FObi6TjRA3nJiCouN%2F3W32v1W23%2FPkuhtrB2AYMb0AOTtiTIDk%2B97BxASRq5NnXC7FZL1XxwtXMprxUGgO5fztfz1WVIzsrE91Aku%2FPpqHM0eIDqPzelCLU4HQwojFr%2FPAAUb4%2FI4ZosDvlFqWIc0TyMVSDGnFag3gNod4DySMGCInrK8izvetKV3zjH5RP0DE79%2BhPUDVm5365gDz78kpKw%2BYtldqSVG4wTBxoWINWaxT2AOUmA1UHEOW7IPkjm3u0jDzbXTGpAkk33Z2oBiU10ngEbhjs5CMGmzRgiwYyedwUvu%2F3PCm4F%2FaF6MheHAXS83kv8bnvBSGsmNAboSxGEOkIQm%2Bh0FtYpxG0%2FQBkaljuQIVDYfbC9nzf9xGLw8u%2FsmmA03FTREm%2FF3LZ4aHo9ETUjTqdoJ0kQeDP94JwHhEdvvyXffza7WfuICWGmB9%2B9%2FvsAJM75Nbt5JocdHzIZrGjZXl4%2BXRqzcFIBlMyDKRDFTNUhqHiDBUxVCVDNXD3ZGraxu3J1NjIn%2BX2LHfcdnHCnpjq8Yd4G%2BvxcTPxRDtM%2Bt1OO%2Bz2%2B1Eou71OEAZS%2BDKMu6GEoX%2B3JvM%2FcNPAJo3ZUz%2F%2FhmLiFPkRIn4Akx5A0LPg9iJ45cDXHDZzB6m%2B4rokkcYFr%2FKWUBmK8jzKjcZ2esKenlIJPrn7nxsV2qHQDnfoIcNqenfnpqrY7k1VGfbNSlFSRpt8YptbJS%2Fj%2F3%2F2erxRKS2XFszo01fEBJiU99%2BITbnMc0n5qmGfXyEpY72otIjZt0vmzTi6Yc3aFatzWyzfeHVxKSt0bAypvAano6sfQ9CYnf%2Fwp%2Bl7uPjFSyBdQ1uHzJ4qBFI1RLEFU5z1jGLQ6dl%2FVDBU1u3odnTWnHggPZMaPHLb5nsYcigN%2BxsAAP%2F%2FAQAA%2F%2F%2FnPk2JVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1661741990&pid=91283&sub2=icon&auid=cbf978ad3a8c37cb4b3362ff66157685&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg | 172.67.155.237 | 307 Temporary Redirect | 0 B |
URL HTTP/2articlepawn.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skxRev%2BX73snhRWfGywnhTkEn3zKSnx0UX12wkmN0suy56UqqrupO36e5qqrqmJzkFBdmTjHjQY%2BWTbIK6%2FvoDXKWz4CEgZG4RzdmborBXZcYxwQfNe%2F0%2Bj%2BLz6vOp97ftCWvB8uOFa2qT0pTPzbe85nNv%2Bf6l5jLldtgchsE7QfdSUw9e7Act7%2Fnma7FYV3Ntz%2Fc83%2FObi6TjRA3nJiCouN%2F3W32v1W23%2FPkuhtrB2AYMb0AOTtiTIDk%2B97BxASRq5NnXC7FZL1XxwtXMprxUGgO5fztfz1WVIzsrE91Aku%2FPpqHM0eIDqPzelCLU4HQwojFr%2FPAAUb4%2FI4ZosDvlFqWIc0TyMVSDGnFag3gNod4DySMGCInrK8izvetKV3zjH5RP0DE79%2BhPUDVm5365gDz78kpKw%2BYtldqSVG4wTBxoWINWaxT2AOUmA1UHEOW7IPkjm3u0jDzbXTGpAkk33Z2oBiU10ngEbhjs5CMGmzRgiwYyedwUvu%2F3PCm4F%2FaF6MheHAXS83kv8bnvBSGsmNAboSxGEOkIQm%2Bh0FtYpxG0%2FQBkaljuQIVDYfbC9nzf9xGLw8u%2FsmmA03FTREm%2FF3LZ4aHo9ETUjTqdoJ0kQeDP94JwHhEdvvyXffza7WfuICWGmB9%2B9%2FvsAJM75Nbt5JocdHzIZrGjZXl4%2BXRqzcFIBlMyDKRDFTNUhqHiDBUxVCVDNXD3ZGraxu3J1NjIn%2BX2LHfcdnHCnpjq8Yd4G%2BvxcTPxRDtM%2Bt1OO%2Bz2%2B1Eou71OEAZS%2BDKMu6GEoX%2B3JvM%2FcNPAJo3ZUz%2F%2FhmLiFPkRIn4Akx5A0LPg9iJ45cDXHDZzB6m%2B4rokkcYFr%2FKWUBmK8jzKjcZ2esKenlIJPrn7nxsV2qHQDnfoIcNqenfnpqrY7k1VGfbNSlFSRpt8YptbJS%2Fj%2F3%2F2erxRKS2XFszo01fEBJiU99%2BITbnMc0n5qmGfXyEpY72otIjZt0vmzTi6Yc3aFatzWyzfeHVxKSt0bAypvAano6sfQ9CYnf%2Fwp%2Bl7uPjFSyBdQ1uHzJ4qBFI1RLEFU5z1jGLQ6dl%2FVDBU1u3odnTWnHggPZMaPHLb5nsYcigN%2BxsAAP%2F%2FAQAA%2F%2F%2FnPk2JVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1661741990&pid=91283&sub2=icon&auid=cbf978ad3a8c37cb4b3362ff66157685&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg IP172.67.155.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skxRev%2BX73snhRWfGywnhTkEn3zKSnx0UX12wkmN0suy56UqqrupO36e5qqrqmJzkFBdmTjHjQY%2BWTbIK6%2FvoDXKWz4CEgZG4RzdmborBXZcYxwQfNe%2F0%2Bj%2BLz6vOp97ftCWvB8uOFa2qT0pTPzbe85nNv%2Bf6l5jLldtgchsE7QfdSUw9e7Act7%2Fnma7FYV3Ntz%2Fc83%2FObi6TjRA3nJiCouN%2F3W32v1W23%2FPkuhtrB2AYMb0AOTtiTIDk%2B97BxASRq5NnXC7FZL1XxwtXMprxUGgO5fztfz1WVIzsrE91Aku%2FPpqHM0eIDqPzelCLU4HQwojFr%2FPAAUb4%2FI4ZosDvlFqWIc0TyMVSDGnFag3gNod4DySMGCInrK8izvetKV3zjH5RP0DE79%2BhPUDVm5365gDz78kpKw%2BYtldqSVG4wTBxoWINWaxT2AOUmA1UHEOW7IPkjm3u0jDzbXTGpAkk33Z2oBiU10ngEbhjs5CMGmzRgiwYyedwUvu%2F3PCm4F%2FaF6MheHAXS83kv8bnvBSGsmNAboSxGEOkIQm%2Bh0FtYpxG0%2FQBkaljuQIVDYfbC9nzf9xGLw8u%2FsmmA03FTREm%2FF3LZ4aHo9ETUjTqdoJ0kQeDP94JwHhEdvvyXffza7WfuICWGmB9%2B9%2FvsAJM75Nbt5JocdHzIZrGjZXl4%2BXRqzcFIBlMyDKRDFTNUhqHiDBUxVCVDNXD3ZGraxu3J1NjIn%2BX2LHfcdnHCnpjq8Yd4G%2BvxcTPxRDtM%2Bt1OO%2Bz2%2B1Eou71OEAZS%2BDKMu6GEoX%2B3JvM%2FcNPAJo3ZUz%2F%2FhmLiFPkRIn4Akx5A0LPg9iJ45cDXHDZzB6m%2B4rokkcYFr%2FKWUBmK8jzKjcZ2esKenlIJPrn7nxsV2qHQDnfoIcNqenfnpqrY7k1VGfbNSlFSRpt8YptbJS%2Fj%2F3%2F2erxRKS2XFszo01fEBJiU99%2BITbnMc0n5qmGfXyEpY72otIjZt0vmzTi6Yc3aFatzWyzfeHVxKSt0bAypvAano6sfQ9CYnf%2Fwp%2Bl7uPjFSyBdQ1uHzJ4qBFI1RLEFU5z1jGLQ6dl%2FVDBU1u3odnTWnHggPZMaPHLb5nsYcigN%2BxsAAP%2F%2FAQAA%2F%2F%2FnPk2JVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1661741990&pid=91283&sub2=icon&auid=cbf978ad3a8c37cb4b3362ff66157685&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: articlepawn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 29 Aug 2022 02:59:57 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: 540674507a1f702f5df17292abd933fc
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnE9g5tQw1sDaSWuMJeU1KTGLbVsjl2uTnCkaqVASUjLvxfv9ytiZ606NMHYykbimhR6AJ06ltDB6%2BbITLib2WZKerI6A5rWLgIy89Bkw%2B7YOA%2BsdOy5DmIGBD2ZCt8uPnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74220898aeccb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.iframe-transport.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/jquery.iframe-transport.js IP91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/custom/custom.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/custom/custom.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/responsive.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/responsive.css IP91.209.70.182:0
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/images/loading_small.gif | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/images/loading_small.gif IP91.209.70.182:0
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.tmpl.min.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/jquery.tmpl.min.js IP91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload-validate.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/jquery.fileupload-validate.js IP91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/sw.js | 91.209.70.182 | 200 OK | 0 B |
IP91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css IP91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/custom.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/custom.css IP91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/17E42/Jade.Order-Chronos.zip | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/17E42/Jade.Order-Chronos.zip IP91.209.70.182:0
GET /17E42/Jade.Order-Chronos.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1; expires=Tue, 30-Aug-2022 02:59:48 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ad.a-ads.com/1811811?size=300x250 | 136.243.14.10 | 200 OK | 0 B |
URL HTTP/2ad.a-ads.com/1811811?size=300x250 IP136.243.14.10:0 ASN#24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css IP91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freychang.fun/asd100.bin | 172.67.218.221 | 200 OK | 0 B |
IP172.67.218.221:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3480
last-modified: Mon, 29 Aug 2022 02:01:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svo1y%2B%2FSi9bbScBAcnWc3ejdQmdorro8ZK%2FeSweWds%2F4vCApQlhyeNpVI%2BFW4UPocFXjmfxV1ayTAAzRoM5%2FxG3NB8BgzhA2xrsGlYGOLB%2BOXRmWzWmGhZzwRbWIDdBK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7422086c9879b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp |  31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp IP31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WQ1tNN59CTWykhceB6s29D5PSl2Qx32RLwZbHKCWo5nxt/RusiWo53vleqQuMSIOt/Pivr/Oqtj6Grcp0VvEBg==
date: Mon, 29 Aug 2022 02:59:49 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?dsh=S1862995335%3A1661741989861104&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU2YfGWO-po7oFoQ3ifFH0aUqkirVKmCW_X_m8VfWbqyUhzEWaScdO0AC0klNFwif6oFPMDxw | 216.58.207.237 | 403 Forbidden | 0 B |
URL HTTP/2accounts.google.com/v3/signin/identifier?dsh=S1862995335%3A1661741989861104&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU2YfGWO-po7oFoQ3ifFH0aUqkirVKmCW_X_m8VfWbqyUhzEWaScdO0AC0klNFwif6oFPMDxw IP216.58.207.237:0
GET /v3/signin/identifier?dsh=S1862995335%3A1661741989861104&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU2YfGWO-po7oFoQ3ifFH0aUqkirVKmCW_X_m8VfWbqyUhzEWaScdO0AC0klNFwif6oFPMDxw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 02:59:49 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-iO5BBbwD-SLVDGcBD04cNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=PU1vAcyi5pFXdwiSCucbr6Emc90TjFUXKRDAvGGww47oQ8a1mIkbVcxPY7BVJ5LyUlRdHoEGG71pDUurTEGlYPdi9OMNE6btIKZqJbvS2eBwuzRUaWoj7JrNxm0xglyVaaKuGK7gi94o_zp7SGv64qpeHWsE0mZDbG35CYKVgIg; expires=Tue, 28-Feb-2023 02:59:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/global.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/global.js IP91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css IP91.209.70.182:0
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661741989349 | 172.67.74.36 | 200 OK | 0 B |
URL HTTP/2platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661741989349 IP172.67.74.36:0
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661741989349 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4w2%2Fs%2FYOrb1wgTcR0MYeAhe9U9VfxVIhDDzh9vPRkkk2ZOUP0shkPMeGp4PSSNymvqECAM%2FDdiM%2BBL0OSSIsHwvXW1cW3w%2FnQj%2BrZfZLqnRWclxZSxhJI4m2yLF%2BP0sj%2BfYdeSoa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7422086a4a07b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freychang.fun/asd100.bin | 172.67.218.221 | 200 OK | 0 B |
IP172.67.218.221:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3480
last-modified: Mon, 29 Aug 2022 02:01:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opiZ6n%2BOL9lQN8mA6EMrNkR%2FocY9W4sD%2FMKSmLz7gV5v1LQEq0Fq6fNV5%2F8MWeE7XkF5Mn7xf7pQdp9SLl%2BFTC7%2FjXIe6Q47B22aGuw0%2F8xQ3V4hrUrFke7XMssZkkmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7422086c987ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freychang.fun/asd100.bin | 172.67.218.221 | 200 OK | 0 B |
IP172.67.218.221:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3480
last-modified: Mon, 29 Aug 2022 02:01:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIno1Pp%2BEbmDTpmuqaaF0bAmXidhqBYgxvgnfknyYN5LAB43f2sKs9ftymaWh0y%2BXzZ9qL7%2BCDV1YeXDZqXDE5r8c%2F47oks3t62E4zFSvF2iBbWzsWf2oqCwwO%2FeqMH8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7422086c9877b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js IP91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/jquery.fileupload.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/jquery.fileupload.js IP91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico IP91.209.70.182:0
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:49 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 216.58.207.237 | 200 OK | 0 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP216.58.207.237:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: DENY
x-auto-login: realm=com.google&args=service%3Dyoutube%26continue%3Dhttps%253A%252F%252Fwww.youtube.com%252Ffavicon.ico
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 02:59:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-IcldFHg58jPapw_e8tT6cg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:harSOVa3P-luye2_htHuOElH_sj7Aw:3Nin9IPJjzfMkmnT;Path=/;Expires=Wed, 28-Aug-2024 02:59:49 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/js/clipboardjs/clipboard.min.js | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/js/clipboardjs/clipboard.min.js IP91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17E42/Jade.Order-Chronos.zip
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
| megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css | 91.209.70.182 | 200 OK | 0 B |
URL HTTP/2megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css IP91.209.70.182:0
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=60d1k5gsr40s1tfdp54bteb2q1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 02:59:48 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
|
|
0.0.0.0