megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 25 Sep 2022 05:21:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 05:14:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H8WMFbEGLB22wFxRJSolE6icIr7U9-sp1qGV7bxUpq4lE9maQd3iPw==
Age: 380
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3649
Expires: Sun, 25 Sep 2022 06:22:00 GMT
Date: Sun, 25 Sep 2022 05:21:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cugdwqf2bM7IL01cAXf-h6020z9k6aeqnfqhgPGyP0Dpr2PwGFtACQ==
age: 2757
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash fcd7fa3465af8d96c707d8db3a6113e5
34ad4813638837eb295367cc214833d6e3dacad0
2bd46d86dbae64da292dc88bf011d426c30aa35339d6372998bff11e3f8e288f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:21:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 11:25:45 GMT
Expires: Fri, 30 Sep 2022 11:25:44 GMT
Etag: "34ad4813638837eb295367cc214833d6e3dacad0"
Cache-Control: max-age=453272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750150a17a46b4f3-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdbb7e84a7b7eec5a40151c823b83160
29b38bb2db5a3a3c8ac8fb3b83681f2a3b4c525e
c270802829c0edd5488e77deb3b2790243cbda4e331e912bf4991850f29987be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C270802829C0EDD5488E77DEB3B2790243CBDA4E331E912BF4991850F29987BE"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=114
Expires: Sun, 25 Sep 2022 05:23:06 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8f195c9fade4163bf3803829bb96fb0
7346adcaef76d633143a2fce48b08a3454540a23
253115bd399e908097b63ebf4068b3261b07aa43290565e20b42caec6ae243b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "253115BD399E908097B63EBF4068B3261B07AA43290565E20B42CAEC6AE243B6"
Last-Modified: Sat, 24 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1471
Expires: Sun, 25 Sep 2022 05:45:43 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1720)
Hash 58edf3577b6032006ac134b5f0a463f1
db12aa41af535b4798cfa9b6ae4867bf4faa8a6b
f5b651182f03a2a9f3a23f0047cfbcf843fbc6de376f60845fa5d59a9f01247f
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 05:21:12 GMT
expires: Sun, 25 Sep 2022 05:21:12 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 26-Sep-2022 05:21:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 26-Sep-2022 05:21:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PXtfQ9btoCy6X80zJKBb7tEH4AoDSuBku1xhVuV-Juhzcg8e3LeKPw==
Age: 1015
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 26-Sep-2022 05:21:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 26-Sep-2022 05:21:12 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:12 GMT
Last-Modified: Sun, 25 Sep 2022 05:18:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188747 bytes)
Hash b24f93edcdddbe2eeb469b68a8a27199
ca4975a595e30e6d09db11d16269de67c025c8db
40c0f68925c9b30765e69ed00edb30794797e56e1ddfe01c5b65c27b54bdc09a
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188747
date: Sun, 25 Sep 2022 05:21:12 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cpcy_8BgM69shunj9wRqNP4HquT0K3DfGfRt7eqZUc57kuAUtNRMTw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 61 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 52cf25e50f9d484a5f9c17d539e957e1
335a73b89e1643d154625d9848564bd1cf4866a1
c44f0ac416562c85c5cba42b6b85db75dd97f2b37aa9ed3b1ae94c853d9737b0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 33 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash 1cd90542e79681240180950cc86057a5
1fa8311568ad402c88cf51b9a542045b849f335c
73f86912345668bda4f1875ee825239fa99751d32214409015d35fdcef0db2f9
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 22 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
Hash fe9362192955cc26176b6d06228613ff
824ea8ab3dbaef1adaeedaf5f8f881b4b316bd32
0ac4c060eb815cc953b05f8e2913c4a0ca50235d8bc9b85a9f990c23f52eea6c
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mv6+4grov8wu8nVFHOFXug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MxKxrER9nta7PmI0JVjgcrpg/E4=
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a25c9ec4a454a066602b75cf5ada8100
d5dd928f487e691aaf7ea9d80178eeb150388f05
5d6745ce630b5637da657f690babf0da4284c6246c785f24dd64c2e2b47f1473
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D6745CE630B5637DA657F690BABF0DA4284C6246C785F24DD64C2E2B47F1473"
Last-Modified: Sun, 25 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sun, 25 Sep 2022 08:42:45 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a25c9ec4a454a066602b75cf5ada8100
d5dd928f487e691aaf7ea9d80178eeb150388f05
5d6745ce630b5637da657f690babf0da4284c6246c785f24dd64c2e2b47f1473
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D6745CE630B5637DA657F690BABF0DA4284C6246C785F24DD64C2E2B47F1473"
Last-Modified: Sun, 25 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sun, 25 Sep 2022 08:42:45 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a25c9ec4a454a066602b75cf5ada8100
d5dd928f487e691aaf7ea9d80178eeb150388f05
5d6745ce630b5637da657f690babf0da4284c6246c785f24dd64c2e2b47f1473
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D6745CE630B5637DA657F690BABF0DA4284C6246C785F24DD64C2E2B47F1473"
Last-Modified: Sun, 25 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sun, 25 Sep 2022 08:42:45 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 3.0 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash c31a3191f58521c95d4375dfcb1f1ce8
d95b94d5bad388bc9a2e12b0259e12d621fb5ef6
126e20d2ac171f42a7eeb654d4df5bffb36fde6aa9a3cf86c25d089bf6b01f3f
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 39 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash f65998d4474b292b80d987dc0a31a038
7cc26097b9545d9ff6697576cd8950bdb48ffa7a
d11664f76dcbb42cf3f394806f235b7e154a42793e48e99756ecd3313ca49147
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
polerenewget.buzz/cXc0YlheSFcRZT4gQAMKGhx1NR8/D1EVbRMWfDhvNRtACDw5EBIWMRVKDFBtSEYFRCgYEwlRalcEQAMsBAQJU34YGVINZVcBCVJ2SVkNTGlXAglTfgUHVQVlQFFEFiwdSgVUbkVHDFFqRkYHV2A
204 No Content 0 B URL HTTP/2 polerenewget.buzz/cXc0YlheSFcRZT4gQAMKGhx1NR8/D1EVbRMWfDhvNRtACDw5EBIWMRVKDFBtSEYFRCgYEwlRalcEQAMsBAQJU34YGVINZVcBCVJ2SVkNTGlXAglTfgUHVQVlQFFEFiwdSgVUbkVHDFFqRkYHV2A
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cXc0YlheSFcRZT4gQAMKGhx1NR8/D1EVbRMWfDhvNRtACDw5EBIWMRVKDFBtSEYFRCgYEwlRalcEQAMsBAQJU34YGVINZVcBCVJ2SVkNTGlXAglTfgUHVQVlQFFEFiwdSgVUbkVHDFFqRkYHV2A HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 05:21:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oppQjzPXP6P11nAv2LLZMo6riQv8qU%2Fo%2BibUUmcq9voyCJW3w4DLfziyjkCbVKGFWJRhui5nh5bIGENkKHCUf7Uwi4L20htxvHfz9u9YT8KepRZtr2u3cdObz2CVmmHZ8luTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a68f190b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 5.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 7e4eb1f86db5e2a93f0ccbc7f0605677
f6484bdf3a95938abcf7bb3a4cbb50f00a458e0c
37bc8012eb8cab3901b632a0a484ccb869a04a15af188a0e8d60e019e1c73531
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 4.0 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
Hash b24ae06624fe75e047dfc77734fe3498
1820779c34a2019e8cf3b246d516a61d7b464072
241a6124ea566839aad53553c212668ce6c2a501a545ca4c242322c1f353239c
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
polerenewget.buzz/N21hNWUYUgJGWGElCVQGBisPYTJfKgBiAX0MUVECVTgVRDcFJEdBDFNQWAFcD1tVExVeCVwEXREeFVQRQh5cBENeAwdaWBEbXARLB0NQG1YRGFwEQ0MdAFJYBksRQRFbUFADUwNdWQZXAFxSAlM
204 No Content 0 B URL HTTP/2 polerenewget.buzz/N21hNWUYUgJGWGElCVQGBisPYTJfKgBiAX0MUVECVTgVRDcFJEdBDFNQWAFcD1tVExVeCVwEXREeFVQRQh5cBENeAwdaWBEbXARLB0NQG1YRGFwEQ0MdAFJYBksRQRFbUFADUwNdWQZXAFxSAlM
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N21hNWUYUgJGWGElCVQGBisPYTJfKgBiAX0MUVECVTgVRDcFJEdBDFNQWAFcD1tVExVeCVwEXREeFVQRQh5cBENeAwdaWBEbXARLB0NQG1YRGFwEQ0MdAFJYBksRQRFbUFADUwNdWQZXAFxSAlM HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 05:21:12 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FbAUcftTGvSp46z%2FHGAY1qDrDw9zPRI60%2BFBE8rlx2bALdDmSAsISINqA7xARW94pOE5NL%2FWnW%2ByY61i1tvj5owGAKFB4ov0imgmax2QsgkA8YXotMXNwelfxANZDd7YPip%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a6af380b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 6.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
File type ASCII text, with very long lines (1259)
Hash 5697d5fffd77801dc1da37d05796ebfe
b866c57f6683e544573ff52fbd054fe06a77db90
91b1d8006e8d5c5089b6c07d10cf7a0293e79d81f20d79cb411d9ac7623260ac
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
rtoomany.buzz/Z3hOQU8GGi0scAZFLGc6FRRzZH0hXXwHKwoVNCopA0B8Ni4eFmAiIwgNKic9CBY6byECDGtzCQ0aGBd9BT8HDgAPHwUZHQxACy0JMS98EwcxPhwNHxAtCgUNVhcMK3YxKDQMez8pA3IFJTk/DzYXFQMqIDA+NAcDPz0fAwElHwIZfxQPCQB2ASAGDBckOQwQFjE5FwQoLl18AxwQCx4JJSI1DyYOKjcpJQQhDzYuCBA1FwMLDBkKFCsBPX4PDDITJi8dDCkvGQg1LBY4DS4ifhgOJA8DJgsMFB8ZHFY3GSt+BSEYDykuPSYvHQ9MGxIIPksYFx0jIhhsdi0tCHE2Ig92Cw4JOgsKIyUcFAQVBC1/cCQySXsSDB0PCwIeNjsCFwECMggTJTA+NgQIIBAGZyUUFyAxchcreRMpKUkvGz4BPhsGfCM
200 OK 1.2 kB URL HTTP/2 rtoomany.buzz/Z3hOQU8GGi0scAZFLGc6FRRzZH0hXXwHKwoVNCopA0B8Ni4eFmAiIwgNKic9CBY6byECDGtzCQ0aGBd9BT8HDgAPHwUZHQxACy0JMS98EwcxPhwNHxAtCgUNVhcMK3YxKDQMez8pA3IFJTk/DzYXFQMqIDA+NAcDPz0fAwElHwIZfxQPCQB2ASAGDBckOQwQFjE5FwQoLl18AxwQCx4JJSI1DyYOKjcpJQQhDzYuCBA1FwMLDBkKFCsBPX4PDDITJi8dDCkvGQg1LBY4DS4ifhgOJA8DJgsMFB8ZHFY3GSt+BSEYDykuPSYvHQ9MGxIIPksYFx0jIhhsdi0tCHE2Ig92Cw4JOgsKIyUcFAQVBC1/cCQySXsSDB0PCwIeNjsCFwECMggTJTA+NgQIIBAGZyUUFyAxchcreRMpKUkvGz4BPhsGfCM
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3026), with no line terminators
Hash a5d3e22d1b31c38df044c24175a7d0ca
821f7e10c659791717ef9dcc791116ae87ee61ad
b5480788c4565c56d00df4b446350aeafb815337c0d068f825cd602b81ed3364
GET /Z3hOQU8GGi0scAZFLGc6FRRzZH0hXXwHKwoVNCopA0B8Ni4eFmAiIwgNKic9CBY6byECDGtzCQ0aGBd9BT8HDgAPHwUZHQxACy0JMS98EwcxPhwNHxAtCgUNVhcMK3YxKDQMez8pA3IFJTk/DzYXFQMqIDA+NAcDPz0fAwElHwIZfxQPCQB2ASAGDBckOQwQFjE5FwQoLl18AxwQCx4JJSI1DyYOKjcpJQQhDzYuCBA1FwMLDBkKFCsBPX4PDDITJi8dDCkvGQg1LBY4DS4ifhgOJA8DJgsMFB8ZHFY3GSt+BSEYDykuPSYvHQ9MGxIIPksYFx0jIhhsdi0tCHE2Ig92Cw4JOgsKIyUcFAQVBC1/cCQySXsSDB0PCwIeNjsCFwECMggTJTA+NgQIIBAGZyUUFyAxchcreRMpKUkvGz4BPhsGfCM HTTP/1.1
Host: rtoomany.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/html
content-length: 1186
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czp7ZfsLCr%2FSeokBgpnAz9praaCTPkpRs2fRndWVH8dNq7UU%2FM6eEfiwxwjwFzF1l2SodcKJj%2Bji0wqunV0F6o7M8FCaZvz84WHA1mn18S1KLTTXHqR6UPn%2BDrO%2BIALE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a70dfd768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rtoomany.buzz/S0hzRGcqKhApWCp1EWISOSROYVUNbUECAyYlCS8BL3BBMwYyJl0nCyQ9FyIVJCYHagkuPFZ2IXseHgIPEXoUdSMscDESHgIBMRIXGhI1Fj4dJB8zJDMBOgYOESsxFwgqDxswNA0eFHMhGR4hHDZ/CSE8KhgFHzw1GhkidyM8EhIQDQYYMigXESsyBSEJHiUtNTMdKwYdeis1BQwGBQQnLggZQz01Mxk0EjM4BzQzUw4HFAYiHRtGLjN6DjATChECNBI9EStCDQ0aJAMpIxovOQw0fg0mdQQaKh8nQnkKJhIfMR0aCiQcJSoQIXsCEQJWIxAgEg9uejUWIWYGKwAdBgswIw8FEjAgMx15HykyHQorEz8FHCYVIgkCMhUvCAoxPjIyLBYcCSMaITwtHRIEYg04Jx00Wi8FAQgdeDpDKRM/fkYcBg
200 OK 1.2 kB URL HTTP/2 rtoomany.buzz/S0hzRGcqKhApWCp1EWISOSROYVUNbUECAyYlCS8BL3BBMwYyJl0nCyQ9FyIVJCYHagkuPFZ2IXseHgIPEXoUdSMscDESHgIBMRIXGhI1Fj4dJB8zJDMBOgYOESsxFwgqDxswNA0eFHMhGR4hHDZ/CSE8KhgFHzw1GhkidyM8EhIQDQYYMigXESsyBSEJHiUtNTMdKwYdeis1BQwGBQQnLggZQz01Mxk0EjM4BzQzUw4HFAYiHRtGLjN6DjATChECNBI9EStCDQ0aJAMpIxovOQw0fg0mdQQaKh8nQnkKJhIfMR0aCiQcJSoQIXsCEQJWIxAgEg9uejUWIWYGKwAdBgswIw8FEjAgMx15HykyHQorEz8FHCYVIgkCMhUvCAoxPjIyLBYcCSMaITwtHRIEYg04Jx00Wi8FAQgdeDpDKRM/fkYcBg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash 0b2aec50dd47d622e9590a40b274e188
b4d241afb9c355d4c32d14df4e489fa9093c05d8
43b66b2042ed075e23275241d73bba7ec89e9e0cfbe3ab1cb73b7d5488df5e05
GET /S0hzRGcqKhApWCp1EWISOSROYVUNbUECAyYlCS8BL3BBMwYyJl0nCyQ9FyIVJCYHagkuPFZ2IXseHgIPEXoUdSMscDESHgIBMRIXGhI1Fj4dJB8zJDMBOgYOESsxFwgqDxswNA0eFHMhGR4hHDZ/CSE8KhgFHzw1GhkidyM8EhIQDQYYMigXESsyBSEJHiUtNTMdKwYdeis1BQwGBQQnLggZQz01Mxk0EjM4BzQzUw4HFAYiHRtGLjN6DjATChECNBI9EStCDQ0aJAMpIxovOQw0fg0mdQQaKh8nQnkKJhIfMR0aCiQcJSoQIXsCEQJWIxAgEg9uejUWIWYGKwAdBgswIw8FEjAgMx15HykyHQorEz8FHCYVIgkCMhUvCAoxPjIyLBYcCSMaITwtHRIEYg04Jx00Wi8FAQgdeDpDKRM/fkYcBg HTTP/1.1
Host: rtoomany.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/html
content-length: 1178
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAGAdHWPtT5VhDTdr%2F5Xbc55B%2BhwcmScGLr7zytCKzbRqcgFCGHugXGNleWaPZVwy5PdOgHVBurF%2FFxU5mSxjflRi0nAc6%2BIVlteoIpYy1VmbgpQcajxDqt6MqQ%2F2Jr6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a6fdf7768b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 3.3 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
Hash 3740fb897358ea0dfcb230185022ddf5
924724a3fede51a021a0fd7409e3f68fd9e48ca4
7b2cb14275434c8dc975c396c21b5a4a7d805a223bae1539840257fdf1c6187a
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 1.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
File type ASCII text, with CRLF line terminators
Hash 3517e7265d7c082cbf7446ecc711bdab
ab21c84d005015036121d934063d2b6da61dea1e
95bddfa381e03a00ec82567e0849a127f59b0e7a93eb3a3eb659d1406d91041d
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash a25c9ec4a454a066602b75cf5ada8100
d5dd928f487e691aaf7ea9d80178eeb150388f05
5d6745ce630b5637da657f690babf0da4284c6246c785f24dd64c2e2b47f1473
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D6745CE630B5637DA657F690BABF0DA4284C6246C785F24DD64C2E2B47F1473"
Last-Modified: Sun, 25 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sun, 25 Sep 2022 08:42:45 GMT
Date: Sun, 25 Sep 2022 05:21:12 GMT
Connection: keep-alive
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664083271475
200 OK 2.4 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664083271475
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash 0a978e2db4adfa7a03aa8266fd2798ed
2cb6e7c3fe4272664db2db1a248ea32da3c62eab
997e28fda57e7de45492e87b32d7b39ed8ae69015432b4d4d690d3a3bd4bd15e
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664083271475 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaZkh1Sm1PwqSrSoMd7o2Rg%2BqBMKmgKb%2BY1Uuc%2F8eXwUTcVRZPkDJ469FidmBWMuVvXUhcH97w8W12CjVjB7GBWVvxJ7Ot%2B8zyLwgFRjriUCuIFonBz1IjRBvwCgXtuposgCgi%2Fu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a79d75b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fdfa0de4e778513744472e47e22569e2
93625945b770c1270d922fb367a2d222dbfd1289
dd9218664d1e00b10803a694403d340a354ae825e83d46f056c839ded4bcdb54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD9218664D1E00B10803A694403D340A354AE825E83D46F056C839DED4BCDB54"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14977
Expires: Sun, 25 Sep 2022 09:30:50 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
a.exdynsrv.com/ad-provider.js
200 OK 24 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81ef2e5397caa335947731e7e737f5c3
6a05a4b2d22c13ad2692170510bc8685b16002bf
cec22380c4f1438b29077d202d0396a6ad32b41761ed51d968f1bfbdf2423378
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23727
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"d944899a6eb421496e94cbddc42"
X-HW: 1664083273.dop009.sk1.t,1664083273.cds250.sk1.shn,1664083273.dop009.sk1.t,1664083273.cds235.sk1.c
Access-Control-Allow-Origin: *, *
dmmzkfd82wayn.cloudfront.net/jbVV2bGIOOhgKXRk8ElFVW2RHVFRLPwUDDB1oBj9VPzM4XQM3JBAqNypmMkoWFzFLXEQBNBgLX0swGA9fXHMXCABQYVAYEgI+SwsPHjEMAgAMOgdKFwxoGwMYBDkaDUdfE0NCUkhnRkQaXGRTXyBIZ0YACwMgDklQXS1OWj1bYVNfIEhnRh4USGY3VVRDZV-9JUF0yEw8JAnBEKlBdZEZcU11kU15SCzwECQQCLVNeJFRjWFxEGGhH
200 OK 583 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/jbVV2bGIOOhgKXRk8ElFVW2RHVFRLPwUDDB1oBj9VPzM4XQM3JBAqNypmMkoWFzFLXEQBNBgLX0swGA9fXHMXCABQYVAYEgI+SwsPHjEMAgAMOgdKFwxoGwMYBDkaDUdfE0NCUkhnRkQaXGRTXyBIZ0YACwMgDklQXS1OWj1bYVNfIEhnRh4USGY3VVRDZV-9JUF0yEw8JAnBEKlBdZEZcU11kU15SCzwECQQCLVNeJFRjWFxEGGhH
IP
File type ASCII text, with very long lines (828), with no line terminators
Hash b41dcd498f49f3a9886737e69f196484
ef6749244e60542754201585162c2ea69d190a52
afddd608349f7cdd3fb3631b617130898f4c52e205fd70bdd522132cce4d3f20
GET /jbVV2bGIOOhgKXRk8ElFVW2RHVFRLPwUDDB1oBj9VPzM4XQM3JBAqNypmMkoWFzFLXEQBNBgLX0swGA9fXHMXCABQYVAYEgI+SwsPHjEMAgAMOgdKFwxoGwMYBDkaDUdfE0NCUkhnRkQaXGRTXyBIZ0YACwMgDklQXS1OWj1bYVNfIEhnRh4USGY3VVRDZV-9JUF0yEw8JAnBEKlBdZEZcU11kU15SCzwECQQCLVNeJFRjWFxEGGhH HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtoomany.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 583
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DQeIiSc4FtZysRHMdEuctPHm3UeA9rvOsE4Zhx3wSrqKWJKg9Hwmww==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/0VmFhZ2g1Dg8BVyIIBVpQZFRYVllwCxIIBiZcBSoaGhtSFVg7FRVRXQ4ARxMSMlxRQQQ3DwZaTjMPAlpZcAAFBVViRxUXBz1cFAkMMwcICQ0yRxQGVTsOGw4EOgBEVS5jT1FCWmZJGVZZc1IjQlpmDQgJHS5EU1cQblc+UVxzUiNCWmYTF0JbF1hXSVh/RF-NXDzMCCghNZCdTV1lmUVBXWXNTUQEBJAQHCBBzUydeXnhRRxJVZw
200 OK 363 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/0VmFhZ2g1Dg8BVyIIBVpQZFRYVllwCxIIBiZcBSoaGhtSFVg7FRVRXQ4ARxMSMlxRQQQ3DwZaTjMPAlpZcAAFBVViRxUXBz1cFAkMMwcICQ0yRxQGVTsOGw4EOgBEVS5jT1FCWmZJGVZZc1IjQlpmDQgJHS5EU1cQblc+UVxzUiNCWmYTF0JbF1hXSVh/RF-NXDzMCCghNZCdTV1lmUVBXWXNTUQEBJAQHCBBzUydeXnhRRxJVZw
IP
File type ASCII text, with very long lines (459), with no line terminators
Hash 8c0a0bb37bb09d35eaeeb1dc5b3dc819
731146789efb4b55ace51348ef012742707ed51f
9c1037f3d1c2838d2ac230a6bfdc948ed2c8a2c6100c76fe923cacc3e874be64
GET /0VmFhZ2g1Dg8BVyIIBVpQZFRYVllwCxIIBiZcBSoaGhtSFVg7FRVRXQ4ARxMSMlxRQQQ3DwZaTjMPAlpZcAAFBVViRxUXBz1cFAkMMwcICQ0yRxQGVTsOGw4EOgBEVS5jT1FCWmZJGVZZc1IjQlpmDQgJHS5EU1cQblc+UVxzUiNCWmYTF0JbF1hXSVh/RF-NXDzMCCghNZCdTV1lmUVBXWXNTUQEBJAQHCBBzUydeXnhRRxJVZw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtoomany.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 363
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zlbLEhs4FGrIIJBM6wvQQijxeMcl1JKxybBgTY16VlCWhXdyuWz0Ow==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/USkpnaEkpJQkOdj4jA1VwfnNfXn1sIBQHJzp3FVoQEwgWCjt4CxMcB3lsExItd3pBBCgkLVpOLCQpWllvKy4FVX1sPwZVJCUwDgQlK29VLnxkekJaeWIyVllseQhCWnkmIwkdMW94VxBxfBVRXGx5CEJaeTg8QlsIc3xJWGBveFcPLCkhCE17DHhXWXl6e1-dZbHh6AQE7LywIEGx4DF5eZ3psElV4
200 OK 189 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/USkpnaEkpJQkOdj4jA1VwfnNfXn1sIBQHJzp3FVoQEwgWCjt4CxMcB3lsExItd3pBBCgkLVpOLCQpWllvKy4FVX1sPwZVJCUwDgQlK29VLnxkekJaeWIyVllseQhCWnkmIwkdMW94VxBxfBVRXGx5CEJaeTg8QlsIc3xJWGBveFcPLCkhCE17DHhXWXl6e1-dZbHh6AQE7LywIEGx4DF5eZ3psElV4
IP
File type ASCII text, with no line terminators
Hash d3cfa65bd086dbdefba45949b796dcce
8f58426c4907606c71296f3d16f8bc970757bed7
2fb2952f1f5cd55bb10973540fa312249b6d47434487866db6986b21ae8adca8
GET /USkpnaEkpJQkOdj4jA1VwfnNfXn1sIBQHJzp3FVoQEwgWCjt4CxMcB3lsExItd3pBBCgkLVpOLCQpWllvKy4FVX1sPwZVJCUwDgQlK29VLnxkekJaeWIyVllseQhCWnkmIwkdMW94VxBxfBVRXGx5CEJaeTg8QlsIc3xJWGBveFcPLCkhCE17DHhXWXl6e1-dZbHh6AQE7LywIEGx4DF5eZ3psElV4 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtoomany.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1N_qP_k7KGGZ1hcPjasFlvxmkDZI4m5rqZ3TqVR1XIkDcBAKfcQy-w==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/WeXNTZ2IaHD0BXQ0aN1paTkVgVlpfGSAIDAlOBjNRFCckK1EgVScdBkRDdQsDFxRuQQcXEG5WRBgXMVpWXwcjCAlEFD4UBgMdMQYNCFUmBl8UHCkODhUSdlUkTF1jQlBJWytWU1xAEUJQSR86CRcBVmFXGkFFDFFWXEARQlBJASVCUThKZUlSUFZhVwUcED-gIR0s1YVdTSUNiV1NcQWMBCwsWNQgaXEEVXlRXQ3USX0g
200 OK 455 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/WeXNTZ2IaHD0BXQ0aN1paTkVgVlpfGSAIDAlOBjNRFCckK1EgVScdBkRDdQsDFxRuQQcXEG5WRBgXMVpWXwcjCAlEFD4UBgMdMQYNCFUmBl8UHCkODhUSdlUkTF1jQlBJWytWU1xAEUJQSR86CRcBVmFXGkFFDFFWXEARQlBJASVCUThKZUlSUFZhVwUcED-gIR0s1YVdTSUNiV1NcQWMBCwsWNQgaXEEVXlRXQ3USX0g
IP
File type ASCII text, with very long lines (593), with no line terminators
Hash e65c1e5605fa1a1a69d80347d0f5fc83
157904eab85cb3b1ec0af80015440ea46c8ea8b8
04eb0528ce1f137e7f95a25bf1375409abdb895a6e3b7f1dda983780d07db3af
GET /WeXNTZ2IaHD0BXQ0aN1paTkVgVlpfGSAIDAlOBjNRFCckK1EgVScdBkRDdQsDFxRuQQcXEG5WRBgXMVpWXwcjCAlEFD4UBgMdMQYNCFUmBl8UHCkODhUSdlUkTF1jQlBJWytWU1xAEUJQSR86CRcBVmFXGkFFDFFWXEARQlBJASVCUThKZUlSUFZhVwUcED-gIR0s1YVdTSUNiV1NcQWMBCwsWNQgaXEEVXlRXQ3USX0g HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtoomany.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 455
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bjGoc4ZgVnWPT1qvMEqvHbGnBd1QwXHLZGGUjDN5P9SOa5yKsKC9dw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/7MWQ2UzJSC1g1DUUNUm4FB1AHZwMXDkU8XEFZdzVIADNwBVZTNXhgdktCQilWDFQQP1NfAwt1V18HC2IUUABUbgYXEEY8WQwDWyBWSwpUMl1AQkMyD1wLTDpeXQUTYXQESgZ2AAFMTmIDFFd0dgABCF89R0lBBGNKCVJpZQYUV3R2AAEWQHYBcF0AfQIYQQ-RjVVQHXTwXAyIEYwMBVAdjAxRWBjVbQwFQPEoUVnBqBB9UECYPAA
200 OK 597 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/7MWQ2UzJSC1g1DUUNUm4FB1AHZwMXDkU8XEFZdzVIADNwBVZTNXhgdktCQilWDFQQP1NfAwt1V18HC2IUUABUbgYXEEY8WQwDWyBWSwpUMl1AQkMyD1wLTDpeXQUTYXQESgZ2AAFMTmIDFFd0dgABCF89R0lBBGNKCVJpZQYUV3R2AAEWQHYBcF0AfQIYQQ-RjVVQHXTwXAyIEYwMBVAdjAxRWBjVbQwFQPEoUVnBqBB9UECYPAA
IP
File type ASCII text, with very long lines (826), with no line terminators
Hash 7ee84bac74d2d863b62ab1478c28909b
5492420e8cc200df94671bfa8635669b4f40073e
c7302c79c04378139da96715be65b4e277a619e54ceac02ffc96f2a7cac44ea5
GET /7MWQ2UzJSC1g1DUUNUm4FB1AHZwMXDkU8XEFZdzVIADNwBVZTNXhgdktCQilWDFQQP1NfAwt1V18HC2IUUABUbgYXEEY8WQwDWyBWSwpUMl1AQkMyD1wLTDpeXQUTYXQESgZ2AAFMTmIDFFd0dgABCF89R0lBBGNKCVJpZQYUV3R2AAEWQHYBcF0AfQIYQQ-RjVVQHXTwXAyIEYwMBVAdjAxRWBjVbQwFQPEoUVnBqBB9UECYPAA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtoomany.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 597
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: B07gppkqEIjBbWEEq1c-ix4gtOhLGEf7ktdMpK35fnSIopklPStFLg==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=5f6ca3ee220d406da2d67d87eac4d34d&p=28&g=NO&token=4a44335432&tbg=1664083272
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=5f6ca3ee220d406da2d67d87eac4d34d&p=28&g=NO&token=4a44335432&tbg=1664083272
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=5f6ca3ee220d406da2d67d87eac4d34d&p=28&g=NO&token=4a44335432&tbg=1664083272 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsxHzB9xPGMrxzcLDJWlt3OxCBEYP%2Br3Bj2g2%2FvfaVrtpFBUPKJ6%2BIkmeYCNUEZedENI5u5rkbMn9%2FbLoEmy8ZSEacebpmjDYUTZYVGrno7m7%2FWP3cJiMIXTaZtxjD04xJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150a87e16b4fa-OSL
X-Firefox-Spdy: h2
megaup.net/imageads/010.gif
200 OK 405 kB URL HTTP/2 megaup.net/imageads/010.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 405 kB (405401 bytes)
Hash 476aacd0bb92e7780930beafd9416b43
01d14cc1f8d036708198ad81e25e81a4b37f49d1
d7e128bdd677563b5d41a3590509662bbb2706166de7af5e53c1d04d9ceab187
GET /imageads/010.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: image/gif
content-length: 405401
last-modified: Thu, 01 Apr 2021 04:06:22 GMT
vary: Accept-Encoding
etag: "606546be-62f99"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
200 OK 2.3 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5218), with no line terminators
Hash ff084e48554b9027a1a9b686c5879c24
50fc03da86db43c5958803f3bf5be555007ce1f4
632e006f6cffaaffa537794285d583f48f12040212553e5d035f37bde33144b1
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 299
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEMRC8ihfYoR/VSXq//VZQPEB2ZvTLRXAFhTq8mVlc7CKhki6quk3MDpIHizvRo+lRnalTygSbNMCHxydC+b6+9a+P6bxeGKGQwpIpaExHs0KgQFthqDIsLYeihoeUJtSgUwYsHNjYJCKKViIDkopSOXQvz/f70QETjntLpzVicPneLEaery7eK7w70sR97qhNej8tq2zC/9PKFdPYs262fx90hRuMB709wFHCvd0/f84zeZNf52bsDk4FtqhokmWJpWiN+eSrAHnqda7+mmvR5RfXIjfFXwEAAA==
200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEMRC8ihfYoR/VSXq//VZQPEB2ZvTLRXAFhTq8mVlc7CKhki6quk3MDpIHizvRo+lRnalTygSbNMCHxydC+b6+9a+P6bxeGKGQwpIpaExHs0KgQFthqDIsLYeihoeUJtSgUwYsHNjYJCKKViIDkopSOXQvz/f70QETjntLpzVicPneLEaery7eK7w70sR97qhNej8tq2zC/9PKFdPYs262fx90hRuMB709wFHCvd0/f84zeZNf52bsDk4FtqhokmWJpWiN+eSrAHnqda7+mmvR5RfXIjfFXwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PW0oEMRC8ihfYoR/VSXq//VZQPEB2ZvTLRXAFhTq8mVlc7CKhki6quk3MDpIHizvRo+lRnalTygSbNMCHxydC+b6+9a+P6bxeGKGQwpIpaExHs0KgQFthqDIsLYeihoeUJtSgUwYsHNjYJCKKViIDkopSOXQvz/f70QETjntLpzVicPneLEaery7eK7w70sR97qhNej8tq2zC/9PKFdPYs262fx90hRuMB709wFHCvd0/f84zeZNf52bsDk4FtqhokmWJpWiN+eSrAHnqda7+mmvR5RfXIjfFXwEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 05:21:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632fe549551974.664112972625110835%22%3B%7D; expires=Tue, 24 Sep 2024 05:21:13 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22632fe549551974.664112972625110835%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Tue, 24 Sep 2024 05:21:13 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 6738d1761d3c5000a4a15aa4abf2f7d0
7a81af5cdb7fb0d139ac3974e1fc3a031a0b0b49
7920e24baa7bcf6ac07d419e4e2a71ad39e8ad273e6d12003e0730adb95c9afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:13 GMT
Last-Modified: Sun, 25 Sep 2022 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8692d33b1fe20cdfa090658a85160398
8bee6221dedcf1a66801ffb9ff527b12e9aa7334
14e044d96d2b421c6562fd3cbd2273474f2da0e1224eff3aa4547c3877f5d0c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2404
Expires: Sun, 25 Sep 2022 06:01:17 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 04:41:09 GMT
expires: Sun, 25 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 2404
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8692d33b1fe20cdfa090658a85160398
8bee6221dedcf1a66801ffb9ff527b12e9aa7334
14e044d96d2b421c6562fd3cbd2273474f2da0e1224eff3aa4547c3877f5d0c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash c604733607e4c25e7409b3fcd341c39d
0ed3d7d99c5e0ffabfab4e31b9e3aeae60d9f50f
5bfbf1f6f5738def889c231c0121b50d01d97496729e7186b1d3988241efce43
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 25 Sep 2022 05:21:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S638426888%3A1664083273432181&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWok36CMzndXi5eLmpLJiNreHkFUOxg7AuF4-pZ8bYSz0jEE-m5XdbCyo2-kKhYKNFq10Inv-g
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-mBZ4y4Vr_9mkhOtGcUrqzA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:-qBOg2COUu6Z118i4cjPOk3J4OsfcA:bm2d-3UT_ZzElLfV;Path=/;Expires=Tue, 24-Sep-2024 05:21:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3283
Expires: Sun, 25 Sep 2022 06:15:56 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg
200 OK 16 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash 075ae891da5893d6a4914c673bcb23df
9666970f3af4e2c1501312eadc910fa7da72a5ce
06d0a655b9bf19996a5b1ffd875265a285bb753cf2798a61beb4aefd5e430657
GET /library/551406/9666970f3af4e2c1501312eadc910fa7da72a5ce.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: image/jpeg
content-length: 15657
last-modified: Wed, 26 May 2021 05:14:02 GMT
etag: "60add91a-3d29"
expires: Sat, 29 Jul 2023 14:09:02 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690681173
server: CDN77-Turbo
x-77-nzt: AblMCQ0LIXb/dFlLAA
x-77-nzt-ray: fxbLsANLdJA
x-cache: HIT
x-age: 4938100
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 281 B IP
Hash acfbcadde701fb86bc70f74356f4da4c
2ba30a75a3707961f8729e65465a4ca2272e1f63
f84e8390045fb1d1a3153e5b8f3b884328371e70c84de974f1026eed842fe999
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:21:13 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 21:53:49 GMT
Expires: Fri, 30 Sep 2022 21:53:48 GMT
Etag: "2ba30a75a3707961f8729e65465a4ca2272e1f63"
Cache-Control: max-age=490954,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750150a82e56b4f3-OSL
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Sun, 25 Sep 2022 05:21:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vqqJsWQAvsdIlQaPYT1cinFGUFMe-8TJ4PPlAlMqQxPehTUpS6a0gw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 83510e51b09827b77f6097db0fbbab76
430693734a47a33cfe45b061d102b84fd957291f
69ca04e2f4213edc9064bde720c3ebe33e4fbc22b746d8ed9ee51e990d43ad17
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 25 Sep 2022 05:21:13 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1627567651%3A1664083273481383&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqjsH0itPyNqyeG8eIGtNlrMd9Xt67VEJ1-6JNCI-ELp3XFTApoAXjfYBipPebmIJqvJ2xpxw
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-c1vc9PsvXl_NEyclDVwDsA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:3-sdHdlGW7KGRcOds54K86Rn5aB4bg:hh6ClLklgAkHPYA6;Path=/;Expires=Tue, 24-Sep-2024 05:21:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2404
Expires: Sun, 25 Sep 2022 06:01:17 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 6738d1761d3c5000a4a15aa4abf2f7d0
7a81af5cdb7fb0d139ac3974e1fc3a031a0b0b49
7920e24baa7bcf6ac07d419e4e2a71ad39e8ad273e6d12003e0730adb95c9afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:21:13 GMT
Last-Modified: Sun, 25 Sep 2022 04:18:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
andindee.buzz/utx?tid=832633&top=megaup.net&cb=EFVP1aHcUSiE
204 No Content 0 B URL HTTP/2 andindee.buzz/utx?tid=832633&top=megaup.net&cb=EFVP1aHcUSiE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=EFVP1aHcUSiE HTTP/1.1
Host: andindee.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 25 Sep 2022 05:22:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1fpcW7gCHy15n2nHOWK9KnXrTcgLz%2FuP89VmWm1NdolCjnTxSnr9RzmztwCwH%2BGa3n2a5dEtiBWnloofWATkH0IKT25PE%2BtNg9WrB3l1cZbUfR9y8KlTDGOTyS08J5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150ab3cb10b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 7f36b0758555cb1293271b2affda4d24
6022dbed3f280ac0d110d72e11de68b69cbeb247
f72893ff5f621761907d2cb09273db978a2719ad4f7cc6283cbf79cc5fb31b35
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F72893FF5F621761907D2CB09273DB978A2719AD4F7CC6283CBF79CC5FB31B35"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3283
Expires: Sun, 25 Sep 2022 06:15:56 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f464219ae940d1a4ac7b088d96501497
4dc6ca2c66a78e549f28ccd00502eb05458c66e6
5ffb914fe2e2fafcf84a6b3a611b2120ad72a1355115ee1ec1d7134ae7cd8cb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FFB914FE2E2FAFCF84A6B3A611B2120AD72A1355115EE1EC1D7134AE7CD8CB7"
Last-Modified: Fri, 23 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15255
Expires: Sun, 25 Sep 2022 09:35:28 GMT
Date: Sun, 25 Sep 2022 05:21:13 GMT
Connection: keep-alive
static.a-ads.com/a-ads-banners/417237/300x250?region=eu-central-1
200 OK 376 kB URL HTTP/2 static.a-ads.com/a-ads-banners/417237/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 376 kB (376319 bytes)
Hash 8137e9ddce59b4421b455c77ba514c03
83e3d9aa6a1608adbb83247d9f690a801c7aeb65
bc7416d9e447516bd49a1bb3dd311340ae5406361a6fc01a1fbd39c5710318bc
GET /a-ads-banners/417237/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: image/gif
content-length: 376319
x-amz-id-2: WkdNLC0vpQpBQl5XWpQoDOyfe2UMuhR0PxAmVs78YIdrlj7reA0jld9l+q/W6dCDa4uc+u5Isn4=
x-amz-request-id: P1SMDZKZY11E6Z7X
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Sep 2022 08:35:42 GMT
etag: "8137e9ddce59b4421b455c77ba514c03"
cache-control: max-age=315360000
x-amz-version-id: sV_f6a_eOVGQVoxpmJqd9qTe2PlP8Mf9
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 384
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:21:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:21:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:21:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:21:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3886
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:21:14 GMT
Connection: keep-alive
pogothere.xyz/
200 OK 26 kB IP
File type ASCII text, with no line terminators
Hash 3c48cd558ae6c12d6b2258d3109f611a
c5ba0316f902dc4a52515195ff051dde3021ff19
8f42dad27177da72ff22603b63240073989e73ebe5a5600c5a65a1038eb434f9
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: text/plain
set-cookie: csu=834251789553302@1@1664083273; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iijX86lk3ErQEH39G%2BFHg2Nt3G9wCiD4LhpxKYGnoopq8uhDT4n0JOBHFGcGLgQ9cQ1wPtCigqXLe1HJyruBzfjtPuWri0krQIIT1C1cvHShql9Absx4p825Nd306sZ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750150ab0bf57761-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a0d2b8beddf9f866a2bfe96ac21c2e
dfe5c93dc1637162a0b6ac174dcd7107af80763a
0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12552
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YlYTrHz0oAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 27822
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 716068d10c9e3a16d3a8e727992f71ec
f18edf7b5080b39e00bde335c16ca0f771428e8e
5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L6IiWD_BO-6-lBIZ-DGLVNr19LxOcEYX402OmOgqNRsbzbpfZWuhgw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:58:23 GMT
age: 26571
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7eba9d4ed7413abb8e8824cc86071b50
1ec47b0f11a2b1173a1dcd32d541e5680b0088b1
399622d6099137974fa30a332c145b45182a7be272523a325418c63bfe70e5a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78aaf154-de5d-4fec-94c5-4e185b4c0cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4320
x-amzn-requestid: 72d102a6-8552-473f-b3f8-99450722017d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmHEgIAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-7e4789b1723913e2500ea5f2;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pai6CsC8F_VDgt6BkP9aRekL5WzUkwNdrvetIijRKlGByWm6skpb6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:14 GMT
age: 26400
etag: "1ec47b0f11a2b1173a1dcd32d541e5680b0088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JHbRgCQOZp244YWkU4o78m9HhC77v7LOWAvwnc2eRTW2vHnv99ygaA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:31:45 GMT
age: 78569
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 7.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
File type ASCII text, with very long lines (1249)
Hash 31c342adf083fe0a691362d49662eda1
922189aa3718dd622c4817cfb6d9c5c373a6cc7b
4e18fd1d5f6f1b5733ea1d453d190ad9eaf11f9e017a7d8c7300b544392906ae
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 349f94c73cf8b59f6506e27f398e2114
3af68c8903e3a32f21259771ccfb0a07a19c5254
1c25d99aecda45447b7e3a313931d4a6eb042ed1c9c0decaee7ea8dcc199df9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C25D99AECDA45447B7E3A313931D4A6EB042ED1C9C0DECAEE7EA8DCC199DF9C"
Last-Modified: Fri, 23 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14043
Expires: Sun, 25 Sep 2022 09:15:19 GMT
Date: Sun, 25 Sep 2022 05:21:16 GMT
Connection: keep-alive
semidapt.com/winnotice?sid=H4sIAAAAAAAC%2F1RTT2gkxReu%2Bf32snhS1oOwh%2FGmIJPunslMj4sEYzYSjJtlV9GTUl1VkzzT3dVUdU9PcgoKsqdlxIN%2FTpUv%2F1Cj6MGjq3QWPQSEzC2iuXsQRWG9yowxow%2Ba9%2Bd7h6%2Ff99Xb28UZ81Dw04UX9SbFMZ%2BZbXj1J171%2FWv1ZUqLQX0Qtl9vt67VTf%2FpbrvhPVl%2FXol1PRN4vuf5nl9fJKN6ejAzBkHZYddvdL1GK2j4sy0MjIMtarC8Btk%2FY4%2BA5OjS%2FdoVkKiQJp8vKLue6%2Byp60kR81wb9OXBy%2Bl6qssUybTsmRp66cH5NrQ9WbwHne5NKEL3LxYjGrHad%2FcQpQfnxBD1dyfcohgqRSQfQtmvoOIKxCsI%2FRZInjBASNxYQZrs39Cm5Bt%2Fo3yMjtilB3%2BAyhG79NMVpMln8zEN6rd1XOSkU4tBz4EGFWi1QlYcId9koPIIIn8TJL9nMw%2BWkSa7KzbWIOkm%2F05UgXoVYjUEtwzF%2BCOGoldDkdWQyNO68H2%2F40nBvbArRFN2VNSWns87PZ%2F7XjtEIcb0hsizIUQ8hDBbyMwW1mkIU9wF2QoFd6DMIbP7YTDb9X0ocTz38wfj%2BBCcTutC%2BkEQdERTzc6GXlN2vFbXb0WdQIVd4XlNRHQ8x7790335y13ExKD48de%2FsUnApg5p4XZSQw5GHbPz2DEyP5672FpzsJLB5gx96VAqhtIylJyhJIYyZyj7bk%2FGNrBuX8a2iPzzHJznptvR%2Barb0%2FmqStl2dsYenmjzu3gN6%2Bq03vNEEPa6rWYQtrrdKJStTrMdtqXwZahaoYSlfy5A9n%2FgtoZNGrFHf%2FwV2dg18l1E%2FAg2PoKgx8GLq%2BClA19z2EwdpD60KiHJs7whdIIsv4x8o7Ydn7HHJjza79%2F5z2mFcciMwxt0n2E1vrNzS5ds95YuLftiJcspoU0%2B9s%2FtnOfq%2Fx%2B%2FoDZKbeTSgh1%2B9KwYA%2BPy8CVl82WeSkpXLftknqRUZlEbodhXS%2FYVFd0s7Np8YdIiW7753OJSkhllLem0AqeT6%2B9B0IhdfueHycO4%2BukzIFPBFA5JcSEVSFcQ2RZsNp1ZzWDiaR9lDGXhdkwQTYdjM8RTzcEjB%2FuvPprW2%2FYbWHLILfsLAAD%2F%2FwEAAP%2F%2F8ZDrvnUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664083273&pid=91283&sub2=icon&auid=cd12227c3e55803d704914b72e89c003&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
307 Temporary Redirect 0 B URL HTTP/1.1 semidapt.com/winnotice?sid=H4sIAAAAAAAC%2F1RTT2gkxReu%2Bf32snhS1oOwh%2FGmIJPunslMj4sEYzYSjJtlV9GTUl1VkzzT3dVUdU9PcgoKsqdlxIN%2FTpUv%2F1Cj6MGjq3QWPQSEzC2iuXsQRWG9yowxow%2Ba9%2Bd7h6%2Ff99Xb28UZ81Dw04UX9SbFMZ%2BZbXj1J171%2FWv1ZUqLQX0Qtl9vt67VTf%2FpbrvhPVl%2FXol1PRN4vuf5nl9fJKN6ejAzBkHZYddvdL1GK2j4sy0MjIMtarC8Btk%2FY4%2BA5OjS%2FdoVkKiQJp8vKLue6%2Byp60kR81wb9OXBy%2Bl6qssUybTsmRp66cH5NrQ9WbwHne5NKEL3LxYjGrHad%2FcQpQfnxBD1dyfcohgqRSQfQtmvoOIKxCsI%2FRZInjBASNxYQZrs39Cm5Bt%2Fo3yMjtilB3%2BAyhG79NMVpMln8zEN6rd1XOSkU4tBz4EGFWi1QlYcId9koPIIIn8TJL9nMw%2BWkSa7KzbWIOkm%2F05UgXoVYjUEtwzF%2BCOGoldDkdWQyNO68H2%2F40nBvbArRFN2VNSWns87PZ%2F7XjtEIcb0hsizIUQ8hDBbyMwW1mkIU9wF2QoFd6DMIbP7YTDb9X0ocTz38wfj%2BBCcTutC%2BkEQdERTzc6GXlN2vFbXb0WdQIVd4XlNRHQ8x7790335y13ExKD48de%2FsUnApg5p4XZSQw5GHbPz2DEyP5672FpzsJLB5gx96VAqhtIylJyhJIYyZyj7bk%2FGNrBuX8a2iPzzHJznptvR%2Barb0%2FmqStl2dsYenmjzu3gN6%2Bq03vNEEPa6rWYQtrrdKJStTrMdtqXwZahaoYSlfy5A9n%2FgtoZNGrFHf%2FwV2dg18l1E%2FAg2PoKgx8GLq%2BClA19z2EwdpD60KiHJs7whdIIsv4x8o7Ydn7HHJjza79%2F5z2mFcciMwxt0n2E1vrNzS5ds95YuLftiJcspoU0%2B9s%2FtnOfq%2Fx%2B%2FoDZKbeTSgh1%2B9KwYA%2BPy8CVl82WeSkpXLftknqRUZlEbodhXS%2FYVFd0s7Np8YdIiW7753OJSkhllLem0AqeT6%2B9B0IhdfueHycO4%2BukzIFPBFA5JcSEVSFcQ2RZsNp1ZzWDiaR9lDGXhdkwQTYdjM8RTzcEjB%2FuvPprW2%2FYbWHLILfsLAAD%2F%2FwEAAP%2F%2F8ZDrvnUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664083273&pid=91283&sub2=icon&auid=cd12227c3e55803d704914b72e89c003&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTT2gkxReu%2Bf32snhS1oOwh%2FGmIJPunslMj4sEYzYSjJtlV9GTUl1VkzzT3dVUdU9PcgoKsqdlxIN%2FTpUv%2F1Cj6MGjq3QWPQSEzC2iuXsQRWG9yowxow%2Ba9%2Bd7h6%2Ff99Xb28UZ81Dw04UX9SbFMZ%2BZbXj1J171%2FWv1ZUqLQX0Qtl9vt67VTf%2FpbrvhPVl%2FXol1PRN4vuf5nl9fJKN6ejAzBkHZYddvdL1GK2j4sy0MjIMtarC8Btk%2FY4%2BA5OjS%2FdoVkKiQJp8vKLue6%2Byp60kR81wb9OXBy%2Bl6qssUybTsmRp66cH5NrQ9WbwHne5NKEL3LxYjGrHad%2FcQpQfnxBD1dyfcohgqRSQfQtmvoOIKxCsI%2FRZInjBASNxYQZrs39Cm5Bt%2Fo3yMjtilB3%2BAyhG79NMVpMln8zEN6rd1XOSkU4tBz4EGFWi1QlYcId9koPIIIn8TJL9nMw%2BWkSa7KzbWIOkm%2F05UgXoVYjUEtwzF%2BCOGoldDkdWQyNO68H2%2F40nBvbArRFN2VNSWns87PZ%2F7XjtEIcb0hsizIUQ8hDBbyMwW1mkIU9wF2QoFd6DMIbP7YTDb9X0ocTz38wfj%2BBCcTutC%2BkEQdERTzc6GXlN2vFbXb0WdQIVd4XlNRHQ8x7790335y13ExKD48de%2FsUnApg5p4XZSQw5GHbPz2DEyP5672FpzsJLB5gx96VAqhtIylJyhJIYyZyj7bk%2FGNrBuX8a2iPzzHJznptvR%2Barb0%2FmqStl2dsYenmjzu3gN6%2Bq03vNEEPa6rWYQtrrdKJStTrMdtqXwZahaoYSlfy5A9n%2FgtoZNGrFHf%2FwV2dg18l1E%2FAg2PoKgx8GLq%2BClA19z2EwdpD60KiHJs7whdIIsv4x8o7Ydn7HHJjza79%2F5z2mFcciMwxt0n2E1vrNzS5ds95YuLftiJcspoU0%2B9s%2FtnOfq%2Fx%2B%2FoDZKbeTSgh1%2B9KwYA%2BPy8CVl82WeSkpXLftknqRUZlEbodhXS%2FYVFd0s7Np8YdIiW7753OJSkhllLem0AqeT6%2B9B0IhdfueHycO4%2BukzIFPBFA5JcSEVSFcQ2RZsNp1ZzWDiaR9lDGXhdkwQTYdjM8RTzcEjB%2FuvPprW2%2FYbWHLILfsLAAD%2F%2FwEAAP%2F%2F8ZDrvnUEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664083273&pid=91283&sub2=icon&auid=cd12227c3e55803d704914b72e89c003&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: semidapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sun, 25 Sep 2022 05:21:16 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be6029f6e6f19b930c218da0ac76450a
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cae5fcdd09783524eef5f8e8b850092b
c939f84eb5656000e67cccad93aef492ac502115
cfc15ce5f0c38caeeac023aebfc065e597959176d2cd36a00605bb6411eb62ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFC15CE5F0C38CAEEAC023AEBFC065E597959176D2CD36A00605BB6411EB62AD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2677
Expires: Sun, 25 Sep 2022 06:05:53 GMT
Date: Sun, 25 Sep 2022 05:21:16 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:16 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 27 Sep 2022 05:21:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:18 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=s4OM1fm9aEAk9KbRDHpbCzMm-61c_M6bjIUEhReBnM2zzviHXBa3vfVCFdXmTqBu-XGb5Gx1DmMFXsn2bv6XvLqBr232_KEJgMiY1l_R-YOKB2nv8HVx_HrlZbN9GRDDiUU5ZK59CfqjoIM4I8B3aHPzvfUSOT6WUZ3ojyvgz1HOpp41Z5VLchMGXWS25ZMbdy0-iR-5cwr8nHobNItDJ_yIhx3OOjr8JAczYakssyJ534-iph4mketvWx3DMpgF0T5Ev0lf5XwFnFniWUXHCh1PWaARK99Mqo-yqxFofbJgFF3VRr-qUDiCJUzNI4VylW4-sBNc1Mv4FgqMcUk4U_KytqDv66tij9EKQoTVy7b5sTvraeBIO1LBFmWE82-j1K0YTt2jBO-wvJ4Da4pUEdOShP-BbNgYBBgkYqFA-yJ-u1lBHOka7JMi1BP-iBDVCbxGtaRilnfmvtkmqWks1V3K6jozWF-seYnZ9wQ8vQWEtBHbLcJqzAQouGpEUfn64aEntJZ191ycsCDPVVlU7_xTvsVaTCSypzvVZej01vHMeqDtDQJemjWm5cZh4DUf1RcHtWDClD9wFzEFb0ETGDNue8XWebynC-C6L-jessvTy6Af_eNkZyz0tGErudUaE1v6Qa8gflNZ5D29FxaQgStspg2nHBuHckswYbSFoSAqZONxwswM0IGxLGuq0Sy3peicsbPs0k-HBM82wk-mFHjiSw7SMZ41Rld3TSKmKnCKbDTUkX1hfeYwU-Wvmal7xdgDzeWOF6VlTih0XiNHCMm0x4pogMvVLcIwttuWFqRTeHXjnjBvB6N-kD9cJNhVypn82SzxSuXdgqsR8mx-fBSpc2uNv10p6hwJW211XpJ49_wIiGC7K0eyDQW_6gXID84Ad-Nfxtd96G1RXCQHGKnemmnX6QY5k23K_3lkkStnKsmOZKWrcXV-KBgjWkg6sQgs6wJNcOupm6H2YTIwIUxIIC6y_hUsd3pf4ld9cVFZiKK4J68keat542BjNhO-ZbgTNBMSY-0EP1WdlGgAjY26AYybFEh6FvRZEKAbys_7uSn9ykW9Socs&rd=cX5rl4E-BOkQ6qCyqQ_jzy1HGU26FRE7iTknnd_1qdwXA7gg-UsDHqJOngFBgEfaAabBh6qV0Ji-wXeB94vvXQxitcb4VNzlN8O-eQuKlSgU4Pnh2AhDs0GGREO1mB0Xc7SxUT9m33L3ODjhlnOLWis=
302 Found 108 B URL HTTP/2 hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=s4OM1fm9aEAk9KbRDHpbCzMm-61c_M6bjIUEhReBnM2zzviHXBa3vfVCFdXmTqBu-XGb5Gx1DmMFXsn2bv6XvLqBr232_KEJgMiY1l_R-YOKB2nv8HVx_HrlZbN9GRDDiUU5ZK59CfqjoIM4I8B3aHPzvfUSOT6WUZ3ojyvgz1HOpp41Z5VLchMGXWS25ZMbdy0-iR-5cwr8nHobNItDJ_yIhx3OOjr8JAczYakssyJ534-iph4mketvWx3DMpgF0T5Ev0lf5XwFnFniWUXHCh1PWaARK99Mqo-yqxFofbJgFF3VRr-qUDiCJUzNI4VylW4-sBNc1Mv4FgqMcUk4U_KytqDv66tij9EKQoTVy7b5sTvraeBIO1LBFmWE82-j1K0YTt2jBO-wvJ4Da4pUEdOShP-BbNgYBBgkYqFA-yJ-u1lBHOka7JMi1BP-iBDVCbxGtaRilnfmvtkmqWks1V3K6jozWF-seYnZ9wQ8vQWEtBHbLcJqzAQouGpEUfn64aEntJZ191ycsCDPVVlU7_xTvsVaTCSypzvVZej01vHMeqDtDQJemjWm5cZh4DUf1RcHtWDClD9wFzEFb0ETGDNue8XWebynC-C6L-jessvTy6Af_eNkZyz0tGErudUaE1v6Qa8gflNZ5D29FxaQgStspg2nHBuHckswYbSFoSAqZONxwswM0IGxLGuq0Sy3peicsbPs0k-HBM82wk-mFHjiSw7SMZ41Rld3TSKmKnCKbDTUkX1hfeYwU-Wvmal7xdgDzeWOF6VlTih0XiNHCMm0x4pogMvVLcIwttuWFqRTeHXjnjBvB6N-kD9cJNhVypn82SzxSuXdgqsR8mx-fBSpc2uNv10p6hwJW211XpJ49_wIiGC7K0eyDQW_6gXID84Ad-Nfxtd96G1RXCQHGKnemmnX6QY5k23K_3lkkStnKsmOZKWrcXV-KBgjWkg6sQgs6wJNcOupm6H2YTIwIUxIIC6y_hUsd3pf4ld9cVFZiKK4J68keat542BjNhO-ZbgTNBMSY-0EP1WdlGgAjY26AYybFEh6FvRZEKAbys_7uSn9ykW9Socs&rd=cX5rl4E-BOkQ6qCyqQ_jzy1HGU26FRE7iTknnd_1qdwXA7gg-UsDHqJOngFBgEfaAabBh6qV0Ji-wXeB94vvXQxitcb4VNzlN8O-eQuKlSgU4Pnh2AhDs0GGREO1mB0Xc7SxUT9m33L3ODjhlnOLWis=
IP
File type HTML document, ASCII text
Hash f23ac69cb92f31e35484bf5cb8b4e3ee
a06747f841dade6bc3393d0b8941c0ef98968aac
bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=s4OM1fm9aEAk9KbRDHpbCzMm-61c_M6bjIUEhReBnM2zzviHXBa3vfVCFdXmTqBu-XGb5Gx1DmMFXsn2bv6XvLqBr232_KEJgMiY1l_R-YOKB2nv8HVx_HrlZbN9GRDDiUU5ZK59CfqjoIM4I8B3aHPzvfUSOT6WUZ3ojyvgz1HOpp41Z5VLchMGXWS25ZMbdy0-iR-5cwr8nHobNItDJ_yIhx3OOjr8JAczYakssyJ534-iph4mketvWx3DMpgF0T5Ev0lf5XwFnFniWUXHCh1PWaARK99Mqo-yqxFofbJgFF3VRr-qUDiCJUzNI4VylW4-sBNc1Mv4FgqMcUk4U_KytqDv66tij9EKQoTVy7b5sTvraeBIO1LBFmWE82-j1K0YTt2jBO-wvJ4Da4pUEdOShP-BbNgYBBgkYqFA-yJ-u1lBHOka7JMi1BP-iBDVCbxGtaRilnfmvtkmqWks1V3K6jozWF-seYnZ9wQ8vQWEtBHbLcJqzAQouGpEUfn64aEntJZ191ycsCDPVVlU7_xTvsVaTCSypzvVZej01vHMeqDtDQJemjWm5cZh4DUf1RcHtWDClD9wFzEFb0ETGDNue8XWebynC-C6L-jessvTy6Af_eNkZyz0tGErudUaE1v6Qa8gflNZ5D29FxaQgStspg2nHBuHckswYbSFoSAqZONxwswM0IGxLGuq0Sy3peicsbPs0k-HBM82wk-mFHjiSw7SMZ41Rld3TSKmKnCKbDTUkX1hfeYwU-Wvmal7xdgDzeWOF6VlTih0XiNHCMm0x4pogMvVLcIwttuWFqRTeHXjnjBvB6N-kD9cJNhVypn82SzxSuXdgqsR8mx-fBSpc2uNv10p6hwJW211XpJ49_wIiGC7K0eyDQW_6gXID84Ad-Nfxtd96G1RXCQHGKnemmnX6QY5k23K_3lkkStnKsmOZKWrcXV-KBgjWkg6sQgs6wJNcOupm6H2YTIwIUxIIC6y_hUsd3pf4ld9cVFZiKK4J68keat542BjNhO-ZbgTNBMSY-0EP1WdlGgAjY26AYybFEh6FvRZEKAbys_7uSn9ykW9Socs&rd=cX5rl4E-BOkQ6qCyqQ_jzy1HGU26FRE7iTknnd_1qdwXA7gg-UsDHqJOngFBgEfaAabBh6qV0Ji-wXeB94vvXQxitcb4VNzlN8O-eQuKlSgU4Pnh2AhDs0GGREO1mB0Xc7SxUT9m33L3ODjhlnOLWis= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 25 Sep 2022 05:21:20 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
200 OK 22 kB URL HTTP/2 cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd339d0abd644dfc62b8dcd2cd15bd2b
0af5c8cec4712fb169744df0ecc88faf9125e9df
385adfface9b1e607e43242a9d9877fbdf7c71278940709ecad3d2e53e0e931a
GET /pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:20 GMT
content-type: image/webp
content-length: 22450
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=40774
content-disposition: inline; filename="514b34fc18d3f446e094227228e3b1595fe3abf9.webp"
etag: 19e0f2a507ac755f9419ea98d0121544
expires: Mon, 26 Sep 2022 22:52:57 GMT
last-modified: Thu, 22 Sep 2022 09:48:57 GMT
vary: Accept
x-openstack-request-id: tx7c030a591e2a48f1aae4d-00632c2fcb
x-proxy-cache: HIT
x-timestamp: 1663840136.02468
x-trans-id: tx7c030a591e2a48f1aae4d-00632c2fcb
cf-cache-status: HIT
age: 23303
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 750150d59cd7b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?akFraGUxY1NbV1xyWEpJSGNHSgNeJVJdVA8lRltVWnhGXF1dJ0ZQA1x0RlBUCHgKX1IPcF4LA0htSVgAWHkJWQBSbFNfBAtsX14EXWwKDQFebFNbUllwXAlUU3dYXEdGYxgfR0ZjGB0JHigFDwYFJEUKEBA7SURHW3FFXUdGJwoEFg9tDQkJGSRHDgQGMg41
200 OK 0 B URL HTTP/2 megaup.net/sw.js?akFraGUxY1NbV1xyWEpJSGNHSgNeJVJdVA8lRltVWnhGXF1dJ0ZQA1x0RlBUCHgKX1IPcF4LA0htSVgAWHkJWQBSbFNfBAtsX14EXWwKDQFebFNbUllwXAlUU3dYXEdGYxgfR0ZjGB0JHigFDwYFJEUKEBA7SURHW3FFXUdGJwoEFg9tDQkJGSRHDgQGMg41
IP
GET /sw.js?akFraGUxY1NbV1xyWEpJSGNHSgNeJVJdVA8lRltVWnhGXF1dJ0ZQA1x0RlBUCHgKX1IPcF4LA0htSVgAWHkJWQBSbFNfBAtsX14EXWwKDQFebFNbUllwXAlUU3dYXEdGYxgfR0ZjGB0JHigFDwYFJEUKEBA7SURHW3FFXUdGJwoEFg9tDQkJGSRHDgQGMg41 HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 904
last-modified: Sun, 25 Sep 2022 05:06:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFFJnTBmA34ixlRv%2BbiCc6AUFb8t7lJWc01tSEPVeMhfr1i4qQ5L8jAVkY78SMOBdK9mnAHcK0KTwmdZ2uLwAkhzVBpCy1OmJdhzzo41RkfiwYS3D5rU9%2BlU1HMrXVsi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750150aaebe77761-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3szMX0S+AKki1ZEDtYHIxlHPF43jsDQLPWMXQo4tEEIpl7AnmyELBjbjIf+wGeNaWhFYCk/UOJCWAOoDThWu1g==
date: Sun, 25 Sep 2022 05:21:13 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 904
last-modified: Sun, 25 Sep 2022 05:06:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SYRH6mjD%2F5vE1rsDZogxVIXZgulvi4aPOp1s1NwxZfSl3MXvA2Uah5gNG71U67IKvZdZIsizHsVWZZAKbgyeH%2Bi0OyomkeF1u9RoDGFpG9%2BXmVwIoUJipx9S5%2FRFPJo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750150aaebe17761-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 904
last-modified: Sun, 25 Sep 2022 05:06:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNxfHjl%2BpTYNOyPrxVLEWuwwXT7ssNjXErXbR3VhXmLHMjk%2FeWiSmQw370YRACEoSrcPG6e%2BwJICwnoFc8w3xL74%2BNT7RKolJ01aEJhNsGCnhncxlpge48nuXRiCuQ3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750150aafbeb7761-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/Skd3OXYxZQROKT81GxtMaC8DTQY5fVgWGy8gFkwGZCkSTVk5MFlTBWhrVUobLGVNCFpoMxZeKSMjVQNUcnRFD0V5ZVsbBT8lKFASeGVNGxB%2BI04MRy8jWgpGen5aDU59IVoBEHxyWgFHKH4WDkEvdkJaEGg6
200 OK 0 B URL HTTP/2 societingna.info/Skd3OXYxZQROKT81GxtMaC8DTQY5fVgWGy8gFkwGZCkSTVk5MFlTBWhrVUobLGVNCFpoMxZeKSMjVQNUcnRFD0V5ZVsbBT8lKFASeGVNGxB%2BI04MRy8jWgpGen5aDU59IVoBEHxyWgFHKH4WDkEvdkJaEGg6
IP
Analyzer Verdict Alert fortinet Malware
GET /Skd3OXYxZQROKT81GxtMaC8DTQY5fVgWGy8gFkwGZCkSTVk5MFlTBWhrVUobLGVNCFpoMxZeKSMjVQNUcnRFD0V5ZVsbBT8lKFASeGVNGxB%2BI04MRy8jWgpGen5aDU59IVoBEHxyWgFHKH4WDkEvdkJaEGg6 HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: bc6944ee8f67a8d43080988a874f55aa=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f5-HPYCdpXnvdEEek4vCBdXBwqUTMs"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:21:13 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 904
last-modified: Sun, 25 Sep 2022 05:06:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecH%2FXgB%2FKC6Pb%2FfS7%2FpejC1v8w2ef9Z9RppNVkxeiwAXYyTlKLAPt9SiwVeYKqo5pQQ6HlY43a1rbFhbW3xkkK2suyniOylCHpBTbOoLg834rr6MtnSz91b9rbJPLZ9r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750150aafbf07761-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
200 OK 0 B URL HTTP/2 megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
IP
GET /1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1Lx3a/Deep.Rock.Galactic.v1.36.72051.0.rar
Connection: keep-alive
Cookie: filehosting=90f7bves5scb2mjbkbl48rcu05; _ga=GA1.2.1328513691.1664073888; _gid=GA1.2.1337734027.1664073888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:21:12 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
104.26.2.107
23.109.150.146
23.36.77.32
157.240.200.35
93.184.220.29
144.76.38.164
185.76.9.16
104.22.58.221