megaup.net/1WZh/SPORE.Collection.GOG.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1WZh/SPORE.Collection.GOG.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1WZh/SPORE.Collection.GOG.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 29 Sep 2022 06:30:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 06:29:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e-renwtZL1pQPgDI6o1xVOzHCQw9L2G8IGypQWUFzrJQnAn19rWCEA==
Age: 46
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2231
Expires: Thu, 29 Sep 2022 07:07:32 GMT
Date: Thu, 29 Sep 2022 06:30:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pznf6CNdN1FqkeWkgt2LKDgbOnnfQqNSFREqGbSpVherzssfggvDjQ==
age: 3714
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 55fc559ae8097427d7a66ec558f569a4
e1258370408ae50c859ec874ff7c260e3c850846
1df3b994d416e1ee8ee3494fc298862c80d5b3ea01d4d41ee4e05b80c7f48918
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:30:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 23:25:47 GMT
Expires: Mon, 03 Oct 2022 23:25:46 GMT
Etag: "e1258370408ae50c859ec874ff7c260e3c850846"
Cache-Control: max-age=405924,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7522ab6faca8b524-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 1.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 35139a9c9cdad5f791a44b059496b716
17cc1757fb2c0aba3a6695eecff52bd13d5f14f7
241fc5e36afa3c5cf29063cda6442e3fecb132ab1d8370d16902ab9ae27355cc
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 029d5a9cbb15fb960a8f6cc684df78f9
186cb914536e3960c8d33af689122fbc7b65f78a
85603d6c752bc43d67c64f2707fbc4b30e89e28f32efaa0c52fb32503b0e54fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85603D6C752BC43D67C64F2707FBC4B30E89E28F32EFAA0C52FB32503B0E54FC"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10932
Expires: Thu, 29 Sep 2022 09:32:33 GMT
Date: Thu, 29 Sep 2022 06:30:21 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 2.3 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 7c08f4a3db187293788261d2ca53fe98
1384b218db1e4fb93faf8e5cb4f5e6cb68dd2878
a0e45e91b6812b27fd528746e0d1ccbb94d8915095c6093ea739f6294be54c15
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
23.109.82.168200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 23.109.82.168:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 30-Sep-2022 06:30:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 30-Sep-2022 06:30:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 36bb9c30813b6781ce9816dc17e24bf0
a524bf79616d3343d26ab1d3314395eab4754e52
068dd69ad986816de6c57bde85e033e109208e385c32ed131d5a763521755d4d
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 06:30:21 GMT
expires: Thu, 29 Sep 2022 06:30:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.155200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.155:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 30-Sep-2022 06:30:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 30-Sep-2022 06:30:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 6.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
Hash 5034da36fc85b525ffa8f7db16066419
4315645dcf205970a490c725e749645f988ab47b
da0b077ec52e555e260586a279f97dd04ebfa5b91150c47cce902bd2ed9e21f4
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.225200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.225:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188757 bytes)
Hash 8739d915915b8ac6d64968dc5376d737
7f69718a750174a6f340d7c5e23a6b25be1fbb03
2912451bf4fda35801f56837a8353d3d8eb3bbc61890a0bbb73964d51e959b9e
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188757
date: Thu, 29 Sep 2022 06:30:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: --swit_0sOQT14B03Q9aTRGlDpcsOrb7V0NffnJVmPEVpZ89G0fKTA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 23 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
Hash 82f504c3534c211f76bc8e4b85eeb3f3
afd157708c8bd993d18e2a6cabfa63a203ed64a5
32a2b8ee199ed131c260c1b0a918b415e3eaec0a5507a60e247aaf231769692c
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 1.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash af40cf110fd9957be53a0ce813cd0e96
2a21e56f32ffcc84eda5b9f4506ff5b3ccafe713
fb233212c84ce7ae3aa9d12b62539cf3356704a434563349bd4ad34b305b541f
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.155200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.155:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
andamafraidt.xyz/djdBVDAXVSI5DxcKI3JFBFt8cQIwEnMSVBtaOz9WEg9zI1EPWW83XBlCJTJCGVk1el4TQ2RmdgxjGQEBOGJ5IXcaQxU3dB1UFAVYQlJxBXUyby0meEZtIB1kR34TFWUvdBMRdyJjeSR5RnkVE3MFWwRkdUd8FDN2M04MJ3dHfgg1YxFVFzNYUwUDNUgkZRdnekNicRJ2P3QbHWIgejUdch5UEC1HA3E5GnE6WQANZx0PLB1iGmIEHAA6ZgMndhdZeBJ4IwZkZnIQcQATVERHZGZ2JGEtN3kiUA8RcRIScxJ+IwcFNV4aAhQVakVWL212JAcPJVYcZgwVAjAOGRYdN38nLV8nYS1gVxdyJS5yRQ55BmEjcidnSCd1NgFAPHYlBWUPdnABcRJNJTpEFHUTGQYVchByWgVYLyQNBwcWEFRFTzEwZgBRFjJg
54.230.111.8200 OK 1.2 kB URL HTTP/2 andamafraidt.xyz/djdBVDAXVSI5DxcKI3JFBFt8cQIwEnMSVBtaOz9WEg9zI1EPWW83XBlCJTJCGVk1el4TQ2RmdgxjGQEBOGJ5IXcaQxU3dB1UFAVYQlJxBXUyby0meEZtIB1kR34TFWUvdBMRdyJjeSR5RnkVE3MFWwRkdUd8FDN2M04MJ3dHfgg1YxFVFzNYUwUDNUgkZRdnekNicRJ2P3QbHWIgejUdch5UEC1HA3E5GnE6WQANZx0PLB1iGmIEHAA6ZgMndhdZeBJ4IwZkZnIQcQATVERHZGZ2JGEtN3kiUA8RcRIScxJ+IwcFNV4aAhQVakVWL212JAcPJVYcZgwVAjAOGRYdN38nLV8nYS1gVxdyJS5yRQ55BmEjcidnSCd1NgFAPHYlBWUPdnABcRJNJTpEFHUTGQYVchByWgVYLyQNBwcWEFRFTzEwZgBRFjJg
IP 54.230.111.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 3aaaba075f3c6f93ec0d616557c7779a
09bfd8b69473770c283b9785f37cc4c89fd941b0
518bcac38e65b4f9a171043423229d1b33c0c5d8bb545f6c25be257238db3c41
GET /djdBVDAXVSI5DxcKI3JFBFt8cQIwEnMSVBtaOz9WEg9zI1EPWW83XBlCJTJCGVk1el4TQ2RmdgxjGQEBOGJ5IXcaQxU3dB1UFAVYQlJxBXUyby0meEZtIB1kR34TFWUvdBMRdyJjeSR5RnkVE3MFWwRkdUd8FDN2M04MJ3dHfgg1YxFVFzNYUwUDNUgkZRdnekNicRJ2P3QbHWIgejUdch5UEC1HA3E5GnE6WQANZx0PLB1iGmIEHAA6ZgMndhdZeBJ4IwZkZnIQcQATVERHZGZ2JGEtN3kiUA8RcRIScxJ+IwcFNV4aAhQVakVWL212JAcPJVYcZgwVAjAOGRYdN38nLV8nYS1gVxdyJS5yRQ55BmEjcidnSCd1NgFAPHYlBWUPdnABcRJNJTpEFHUTGQYVchByWgVYLyQNBwcWEFRFTzEwZgBRFjJg HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zDbXWCJH9UKIRGShYNzMZ0Pg1bJBLA0DitYGhTkm-W6KtmYteNqxEA==
X-Firefox-Spdy: h2
andamafraidt.xyz/SktEZ2srKScKVCt2JkEeOCd5QlkMbnYhDycmPgwNLnN2EAozJWoEByU+IAEZJSUwSQUvP2FVLScaEhcuHCAVDiUZJDMCER8xDSAfcih2XlIQeBIJJg4ocSwBDCUCJiF4BjwEJwAKHS0qAh4DKQEHBwUvKj0EPlJeECYNEyQzJDwCPCludiEgIB1xBCM9JwkOMXIpKS4CBAhwHw4ZBjUtP3IiFB4EIRspLgEAEzNUIDM8MCs/EycnVDICKXYXBhMTChYJCX51BCNzeAIgLTAqLQBOeA0PDTojEhM1WwUcDh4oEgF1AVgpHh0/JTsFLSUDKSMwXjINOzwEWWcNLwMoE252ISEwezY9LC0IHi85PSoqNQUuAwZCWQwvKT4CAQgjDyYJOHEBWBMaIj8Pei8MJhMsDDdBATkkKhdWGh92FSYFOQYvMXsbNhU6Dg
54.230.111.8200 OK 1.2 kB URL HTTP/2 andamafraidt.xyz/SktEZ2srKScKVCt2JkEeOCd5QlkMbnYhDycmPgwNLnN2EAozJWoEByU+IAEZJSUwSQUvP2FVLScaEhcuHCAVDiUZJDMCER8xDSAfcih2XlIQeBIJJg4ocSwBDCUCJiF4BjwEJwAKHS0qAh4DKQEHBwUvKj0EPlJeECYNEyQzJDwCPCludiEgIB1xBCM9JwkOMXIpKS4CBAhwHw4ZBjUtP3IiFB4EIRspLgEAEzNUIDM8MCs/EycnVDICKXYXBhMTChYJCX51BCNzeAIgLTAqLQBOeA0PDTojEhM1WwUcDh4oEgF1AVgpHh0/JTsFLSUDKSMwXjINOzwEWWcNLwMoE252ISEwezY9LC0IHi85PSoqNQUuAwZCWQwvKT4CAQgjDyYJOHEBWBMaIj8Pei8MJhMsDDdBATkkKhdWGh92FSYFOQYvMXsbNhU6Dg
IP 54.230.111.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash d92938d87ee4010bd0cd452054efa112
bdf8114798170bc64baef06f1afb7209d14edc4b
7e1c81f947d1f3dacaa27969c363f2807b49bf87bade76c6311a4c464e514699
GET /SktEZ2srKScKVCt2JkEeOCd5QlkMbnYhDycmPgwNLnN2EAozJWoEByU+IAEZJSUwSQUvP2FVLScaEhcuHCAVDiUZJDMCER8xDSAfcih2XlIQeBIJJg4ocSwBDCUCJiF4BjwEJwAKHS0qAh4DKQEHBwUvKj0EPlJeECYNEyQzJDwCPCludiEgIB1xBCM9JwkOMXIpKS4CBAhwHw4ZBjUtP3IiFB4EIRspLgEAEzNUIDM8MCs/EycnVDICKXYXBhMTChYJCX51BCNzeAIgLTAqLQBOeA0PDTojEhM1WwUcDh4oEgF1AVgpHh0/JTsFLSUDKSMwXjINOzwEWWcNLwMoE252ISEwezY9LC0IHi85PSoqNQUuAwZCWQwvKT4CAQgjDyYJOHEBWBMaIj8Pei8MJhMsDDdBATkkKhdWGh92FSYFOQYvMXsbNhU6Dg HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FMWaGPwdktoQeXzTTwwYLUapMKIFfvpF6njMRTivchGS-EKhzF9NKA==
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
23.109.82.168200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 23.109.82.168:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
andamafraidt.xyz/aEhGWWwJKiU0Uwl1JH8ZGiR7fF4ubXQfCAUlPDIKDHB0Lg0RJmg6AAc9Ij8eByYydwINPGNrKisddQMkPQ0xLis7I3Q6FQsuD2tdWBIDG1wxEBRoJCwZY2sqISEIFSovHTYYOFAxDzMfLgoHPhYpCnYxNTsZdBdcHHsiMC0RDwUbGAkiHwAmL3l/PT4LIgs3KgYdAhQLITIuFSISETMJBBs9DDBUHw4BHAAkH3I7JysnKgkUByUiAVg+GXQ1CwkfAB4OESB/AAAmeAM0AAAaLypZISEfFjUFAn4SXF0wAmocBh11CD8JHwAeIjsSNgAoDG10GzYFAiwBXkUCLz8oORwMHR8CLC0ILjEmPjA+BiwuPysiHCIOLRkHIQgFJiELKzlbHRE9Oz4RImo1XSotOkoCOyk3HFUbczw+IT00LjoaByUVIj8
54.230.111.8200 OK 1.2 kB URL HTTP/2 andamafraidt.xyz/aEhGWWwJKiU0Uwl1JH8ZGiR7fF4ubXQfCAUlPDIKDHB0Lg0RJmg6AAc9Ij8eByYydwINPGNrKisddQMkPQ0xLis7I3Q6FQsuD2tdWBIDG1wxEBRoJCwZY2sqISEIFSovHTYYOFAxDzMfLgoHPhYpCnYxNTsZdBdcHHsiMC0RDwUbGAkiHwAmL3l/PT4LIgs3KgYdAhQLITIuFSISETMJBBs9DDBUHw4BHAAkH3I7JysnKgkUByUiAVg+GXQ1CwkfAB4OESB/AAAmeAM0AAAaLypZISEfFjUFAn4SXF0wAmocBh11CD8JHwAeIjsSNgAoDG10GzYFAiwBXkUCLz8oORwMHR8CLC0ILjEmPjA+BiwuPysiHCIOLRkHIQgFJiELKzlbHRE9Oz4RImo1XSotOkoCOyk3HFUbczw+IT00LjoaByUVIj8
IP 54.230.111.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 12b0353bba830baefb2c994dc94173d7
b37b4ed96df65c9fd6802d405aac7aca4b2d8992
f5c363e9fb898fee7fc73ed2c9f4ad41270aadb4045753462c08225085a104fa
GET /aEhGWWwJKiU0Uwl1JH8ZGiR7fF4ubXQfCAUlPDIKDHB0Lg0RJmg6AAc9Ij8eByYydwINPGNrKisddQMkPQ0xLis7I3Q6FQsuD2tdWBIDG1wxEBRoJCwZY2sqISEIFSovHTYYOFAxDzMfLgoHPhYpCnYxNTsZdBdcHHsiMC0RDwUbGAkiHwAmL3l/PT4LIgs3KgYdAhQLITIuFSISETMJBBs9DDBUHw4BHAAkH3I7JysnKgkUByUiAVg+GXQ1CwkfAB4OESB/AAAmeAM0AAAaLypZISEfFjUFAn4SXF0wAmocBh11CD8JHwAeIjsSNgAoDG10GzYFAiwBXkUCLz8oORwMHR8CLC0ILjEmPjA+BiwuPysiHCIOLRkHIQgFJiELKzlbHRE9Oz4RImo1XSotOkoCOyk3HFUbczw+IT00LjoaByUVIj8 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wG_d_Xe_sR0wZwKmuTXA23ACTBvnId5EzCkjat98hZnquK_GkBwYWQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:30:22 GMT
Last-Modified: Thu, 29 Sep 2022 04:41:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 1.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 6d1e45e9a5bb132d1d34168252739112
9a9c23524ecaa571d24ee56c7b16da4332a6d4d2
ae9cf85067a8f40f7febd78135d93fafc387ab5d125bb3864fc227dfa73148f5
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 897686a552686e20ba40004fd8bd9431
80d42895a0333edee5c7c870ec2523c931247ffd
f766b7ca62bd9af820752ac0cd5b526d292aefe3757350638b7005a0eccc1b4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5005
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:30:22 GMT
Last-Modified: Thu, 29 Sep 2022 05:06:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
esathyaspsu.xyz/MEdVUnIfeDYhT30CJmEoZB4RNyNqHxc1OBV1FxAecQAUYT94HxQbVEQuMW9FBnNkZkMWNzw2TwFhJiYTRDImb0MWLjs0HQ1hI29DHnRhfEAIaWR0Bw12cyYCUSBoY1RAMyE+TwFxY2ZGA3RlY0sEdWI
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/MEdVUnIfeDYhT30CJmEoZB4RNyNqHxc1OBV1FxAecQAUYT94HxQbVEQuMW9FBnNkZkMWNzw2TwFhJiYTRDImb0MWLjs0HQ1hI29DHnRhfEAIaWR0Bw12cyYCUSBoY1RAMyE+TwFxY2ZGA3RlY0sEdWI
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MEdVUnIfeDYhT30CJmEoZB4RNyNqHxc1OBV1FxAecQAUYT94HxQbVEQuMW9FBnNkZkMWNzw2TwFhJiYTRDImb0MWLjs0HQ1hI29DHnRhfEAIaWR0Bw12cyYCUSBoY1RAMyE+TwFxY2ZGA3RlY0sEdWI HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WTAj8Sk0rhQDyHrZwom376JzUh454WMsvtxfZ%2BRaUs9ykDFTBBWoGD2rnRtR9JyQclvEYjh5Z%2FamD1e7wqqhTnF7QDd07FjsxCOAx4VyCdF1dkymdCGn96DCEyelVa3zOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab754851b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esathyaspsu.xyz/dkhyVDBZdxEnDSUcMD5SRxJGFWYsKyg6ADcdJA5cEC8kBWgbGVQgWRJ1SmMGRXlKckAfLE9mCVA7BjVEAztPZRYfJhQ7DVA+T2UeRmZHbR5HbgdpAVA8AjVXS3lUJEQCJE9lBkB8RmcDRnlLYABP
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/dkhyVDBZdxEnDSUcMD5SRxJGFWYsKyg6ADcdJA5cEC8kBWgbGVQgWRJ1SmMGRXlKckAfLE9mCVA7BjVEAztPZRYfJhQ7DVA+T2UeRmZHbR5HbgdpAVA8AjVXS3lUJEQCJE9lBkB8RmcDRnlLYABP
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dkhyVDBZdxEnDSUcMD5SRxJGFWYsKyg6ADcdJA5cEC8kBWgbGVQgWRJ1SmMGRXlKckAfLE9mCVA7BjVEAztPZRYfJhQ7DVA+T2UeRmZHbR5HbgdpAVA8AjVXS3lUJEQCJE9lBkB8RmcDRnlLYABP HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUfqVcvL7VUINI4GCgWIvgIQorSYYwKenVia%2BByQNzZw3hvqWGR1UG%2Bm5Kmr%2BTr6BfOWgrjMk7UunsrZ76WaRwncPrAKlEsq7UVbA78dL%2FBpMKEDZH%2FS1piGuAeb8UyCO8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab753841b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esathyaspsu.xyz/dGlJSzJbVio4DyAFGypQGhl9EV8ACxolAx0IeDt/EFsHJGohGm8/WxBUfn0DRVF/bUIdDXR6FAcdKD9HB1R4bVsaDyZ2FAJUeGUBQEd7cxxFTzx2A1IdOSpVSVhvO0YABXR6BEJdfXgBRFhweApH
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/dGlJSzJbVio4DyAFGypQGhl9EV8ACxolAx0IeDt/EFsHJGohGm8/WxBUfn0DRVF/bUIdDXR6FAcdKD9HB1R4bVsaDyZ2FAJUeGUBQEd7cxxFTzx2A1IdOSpVSVhvO0YABXR6BEJdfXgBRFhweApH
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dGlJSzJbVio4DyAFGypQGhl9EV8ACxolAx0IeDt/EFsHJGohGm8/WxBUfn0DRVF/bUIdDXR6FAcdKD9HB1R4bVsaDyZ2FAJUeGUBQEd7cxxFTzx2A1IdOSpVSVhvO0YABXR6BEJdfXgBRFhweApH HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ1YIOWgxvYPjWRctHA90mmIzgQ0pOVQXfVOh7STUfPpao7m8iIJRtTUSfSpwQ9DJqAStNv26e99HJzTlurxdgqIYnjzO6NEgzLmZeJNkriYzS89Tvv90p5hoEb83AMHxXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab753848b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esathyaspsu.xyz/d3lzd3lYRhAERDk9JQEjDTQ1NS9OITIQST8uNSI1Myg1LSEQKFUDEBNES0VMTkhCUQkeHU5ES1EKBxYNAgpORUlHTlUeFxEWTkVfAURDWUFZQF1GXwJEQlENBxgUSkhRCQcDFUpIRUFNQ0pAR0hOSkpP
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/d3lzd3lYRhAERDk9JQEjDTQ1NS9OITIQST8uNSI1Myg1LSEQKFUDEBNES0VMTkhCUQkeHU5ES1EKBxYNAgpORUlHTlUeFxEWTkVfAURDWUFZQF1GXwJEQlENBxgUSkhRCQcDFUpIRUFNQ0pAR0hOSkpP
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d3lzd3lYRhAERDk9JQEjDTQ1NS9OITIQST8uNSI1Myg1LSEQKFUDEBNES0VMTkhCUQkeHU5ES1EKBxYNAgpORUlHTlUeFxEWTkVfAURDWUFZQF1GXwJEQlENBxgUSkhRCQcDFUpIRUFNQ0pAR0hOSkpP HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg%2FIIK5ObVuGQlxS5z%2FGlt6HSwTuIlrN%2Bt13clDZAs7Xe%2FrlKnSB2d3zW7qntnl3nvKz96AClwsaNbc%2FxRzbqdFZ%2BRlDo1U8NPwfET%2F4OIpKlJbfWnqVuQ8J78j%2BZEdgXtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab75484cb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esathyaspsu.xyz/MXBuOEUeTw1LeGRAFlIWZwAFXgNVRA8KEwYmNkA1ax4CYCBcPUhMLFVNVwx8CUZaHjVYFFMJfRcDGlkxRANTCWNYHghXeBcGUwlrAV5fFnYXBVMJY0UAD194AFYeTDFdTV8OcwVEXQt1AElaCXI
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/MXBuOEUeTw1LeGRAFlIWZwAFXgNVRA8KEwYmNkA1ax4CYCBcPUhMLFVNVwx8CUZaHjVYFFMJfRcDGlkxRANTCWNYHghXeBcGUwlrAV5fFnYXBVMJY0UAD194AFYeTDFdTV8OcwVEXQt1AElaCXI
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MXBuOEUeTw1LeGRAFlIWZwAFXgNVRA8KEwYmNkA1ax4CYCBcPUhMLFVNVwx8CUZaHjVYFFMJfRcDGlkxRANTCWNYHghXeBcGUwlrAV5fFnYXBVMJY0UAD194AFYeTDFdTV8OcwVEXQt1AElaCXI HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV6DAAvMT7yWjDOnH4zBS2RpZ%2BXwEHIZ4IHWDEfm1eT1xziw8mZ4j9CcSRXmb6p7nWx6uABrhYYfScHCVAihwXu%2FWTC%2BHhwlT0s3u99%2FDlQ8TcdWwbwcPDE2CFC%2BVwY57%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab75384ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
esathyaspsu.xyz/a2xpVGxEUwonUT9dOxc2BllMZi4xJCMDNFg2BDA6OTsNOS5bNFg/Sh8FDWlUWVlQZV1NHAAwUVheTycYChgcJ1FaSgA6CgRRTyJRW0JRelVFXU8hUVpKHSQNDFFYchwfGAVpXV1aXWBfWFxYbV9SWw
104.21.80.127204 No Content 0 B URL HTTP/2 esathyaspsu.xyz/a2xpVGxEUwonUT9dOxc2BllMZi4xJCMDNFg2BDA6OTsNOS5bNFg/Sh8FDWlUWVlQZV1NHAAwUVheTycYChgcJ1FaSgA6CgRRTyJRW0JRelVFXU8hUVpKHSQNDFFYchwfGAVpXV1aXWBfWFxYbV9SWw
IP 104.21.80.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a2xpVGxEUwonUT9dOxc2BllMZi4xJCMDNFg2BDA6OTsNOS5bNFg/Sh8FDWlUWVlQZV1NHAAwUVheTycYChgcJ1FaSgA6CgRRTyJRW0JRelVFXU8hUVpKHSQNDFFYchwfGAVpXV1aXWBfWFxYbV9SWw HTTP/1.1
Host: esathyaspsu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10Ej0VtyEmlkODx7ICD2lXCAuOUQYn9SCPLVsklIKOqyK2p%2BiU%2BNyFt7Bc5uKZtOlXcexyZZSpuVOHD3K5miwhHi9GO2g50QxNkcqtXUjj%2BlCmYkDi34zxsp3ASqR8UsHLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab753849b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/imageads/012.gif
91.209.70.182200 OK 498 kB URL HTTP/2 megaup.net/imageads/012.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 498 kB (498127 bytes)
Hash 008597da36f68c5f0a6324833164297d
bf10c016b0938ad06e51e416d063805d40b0265a
16628c257f8fea93d55efb135f326d1c7bca14645f353abe1a67ca289595ef2f
GET /imageads/012.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: image/gif
content-length: 498127
last-modified: Mon, 29 Mar 2021 20:01:24 GMT
vary: Accept-Encoding
etag: "60623214-799cf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
andamafraidt.xyz/Z0tkbm0GKQcDUgZ2BkgYFSdZS18hblYoCQomHgULA3NWGQweJUoNAQg+AAgfCCUQQAMCP0FcKzYpVSg+KA81Iz0NMwEtFRR/Kgk4KRxWBhwjLCYkIh4NPDkFXjgrXSdTADUJOjMKByslND8rPBoteC4FJzYeCShdMQ0xLCMKcwE7PCIyBhkGNA8OOxolGiYkJyMGIjk8JjkrXz8+Dwo8CgEsIiw0PygvLCgEOz0ZBjUTJiBeJCw1KiIjMyo6KBchPQUsKhw1WwYjCSINKFQoLywvVyUAGRlWHQkKVSQJVSU0VQECOzwQfTQ8XSAAMyAEJBo2CDQgZi0kKDF6DCArIQwnBA5eGiYoCSF5FyEqC3JXJBoyDUIEHgglFFMELQciNykTeA8iFBE4CQ
54.230.111.8200 OK 1.2 kB URL HTTP/2 andamafraidt.xyz/Z0tkbm0GKQcDUgZ2BkgYFSdZS18hblYoCQomHgULA3NWGQweJUoNAQg+AAgfCCUQQAMCP0FcKzYpVSg+KA81Iz0NMwEtFRR/Kgk4KRxWBhwjLCYkIh4NPDkFXjgrXSdTADUJOjMKByslND8rPBoteC4FJzYeCShdMQ0xLCMKcwE7PCIyBhkGNA8OOxolGiYkJyMGIjk8JjkrXz8+Dwo8CgEsIiw0PygvLCgEOz0ZBjUTJiBeJCw1KiIjMyo6KBchPQUsKhw1WwYjCSINKFQoLywvVyUAGRlWHQkKVSQJVSU0VQECOzwQfTQ8XSAAMyAEJBo2CDQgZi0kKDF6DCArIQwnBA5eGiYoCSF5FyEqC3JXJBoyDUIEHgglFFMELQciNykTeA8iFBE4CQ
IP 54.230.111.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3000), with no line terminators
Hash 854a29a45ba9ef388f957acfaa504376
aa4f0c2261eeaaa270bc8436604a0c96a9f73e60
23abe1dc848c6c44f6383ab5e61c057cade49552edee527d7f9fb6e00a62ad53
GET /Z0tkbm0GKQcDUgZ2BkgYFSdZS18hblYoCQomHgULA3NWGQweJUoNAQg+AAgfCCUQQAMCP0FcKzYpVSg+KA81Iz0NMwEtFRR/Kgk4KRxWBhwjLCYkIh4NPDkFXjgrXSdTADUJOjMKByslND8rPBoteC4FJzYeCShdMQ0xLCMKcwE7PCIyBhkGNA8OOxolGiYkJyMGIjk8JjkrXz8+Dwo8CgEsIiw0PygvLCgEOz0ZBjUTJiBeJCw1KiIjMyo6KBchPQUsKhw1WwYjCSINKFQoLywvVyUAGRlWHQkKVSQJVSU0VQECOzwQfTQ8XSAAMyAEJBo2CDQgZi0kKDF6DCArIQwnBA5eGiYoCSF5FyEqC3JXJBoyDUIEHgglFFMELQciNykTeA8iFBE4CQ HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1159
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fP5PdCt9RZpUuEN3ibiEAK1WLC7ekZ-_RCH1V4WejUqLbXXNJnGhXQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/zTXU1NU8uGltTcDkcUQh4e0QEDXlrH0ZaIT1IRAUYCREGTT8pI0NTGCslE0E1KUgFEyMsG1IIaSgbVgh+axRRV3J5U0FFICZIRVMtIBhcQywuFxNALnAYWk8mIRlUEH0LQBsFan9FHU1+fFAGd2p/RVlcITgNEAd/NU0Danl5UAZ3an9FR0NqfjQMA2F9XB-AHfyoQVl4gaEdzB398RQUEf3xQBwUpJAdQUyA1UAdzdntbBRM6cEQ
143.204.42.225200 OK 604 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/zTXU1NU8uGltTcDkcUQh4e0QEDXlrH0ZaIT1IRAUYCREGTT8pI0NTGCslE0E1KUgFEyMsG1IIaSgbVgh+axRRV3J5U0FFICZIRVMtIBhcQywuFxNALnAYWk8mIRlUEH0LQBsFan9FHU1+fFAGd2p/RVlcITgNEAd/NU0Danl5UAZ3an9FR0NqfjQMA2F9XB-AHfyoQVl4gaEdzB398RQUEf3xQBwUpJAdQUyA1UAdzdntbBRM6cEQ
IP 143.204.42.225:0
File type ASCII text, with very long lines (835), with no line terminators
Hash 73ad104706018f67ba2bf4d1365ace54
19603479f9909e2de37f8f0c4eb4dc14fa14902c
1c09f29ee708fe7d72b9ebcea40018737c3851414764c8f07337383af7d69a9b
GET /zTXU1NU8uGltTcDkcUQh4e0QEDXlrH0ZaIT1IRAUYCREGTT8pI0NTGCslE0E1KUgFEyMsG1IIaSgbVgh+axRRV3J5U0FFICZIRVMtIBhcQywuFxNALnAYWk8mIRlUEH0LQBsFan9FHU1+fFAGd2p/RVlcITgNEAd/NU0Danl5UAZ3an9FR0NqfjQMA2F9XB-AHfyoQVl4gaEdzB398RQUEf3xQBwUpJAdQUyA1UAdzdntbBRM6cEQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://andamafraidt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 604
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rI5h7_VXUWb14BajjEpVElA7zK59a-wrwVRS_bHKyich3UIanYC3PQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/mQVpEVkQiNSowezUzIGt8c299Z3VnMDc5KjFnFAJ2MxcLJAYJAHUGNjMLAHAwOz55ZmItOyoxeWc/KjV5cHwlMiZ8bmIiNC4xeSMqJT8iPyokPmIjJXw3KywtLTYlc3YHb2pmYXNqbC51cH93FGFzaig/KjQiYWR0OWJyCXJ1f3cUYXNqNiBhcht9YGpxc2-FkdCY/Jz0rZGgCZHRwanRndHB/dmYiKCghMCs5f3YQfXd0dHAxfGs
143.204.42.225200 OK 356 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/mQVpEVkQiNSowezUzIGt8c299Z3VnMDc5KjFnFAJ2MxcLJAYJAHUGNjMLAHAwOz55ZmItOyoxeWc/KjV5cHwlMiZ8bmIiNC4xeSMqJT8iPyokPmIjJXw3KywtLTYlc3YHb2pmYXNqbC51cH93FGFzaig/KjQiYWR0OWJyCXJ1f3cUYXNqNiBhcht9YGpxc2-FkdCY/Jz0rZGgCZHRwanRndHB/dmYiKCghMCs5f3YQfXd0dHAxfGs
IP 143.204.42.225:0
File type ASCII text, with very long lines (460), with no line terminators
Hash f5f7205edfa003782ea4acb4eb345c6f
25e72b505160932fffb3890ce27f062728480b03
d48d85524c1cd4b04c4535ed80889ce6f5202a707da35741accba9d86d1cdd4b
GET /mQVpEVkQiNSowezUzIGt8c299Z3VnMDc5KjFnFAJ2MxcLJAYJAHUGNjMLAHAwOz55ZmItOyoxeWc/KjV5cHwlMiZ8bmIiNC4xeSMqJT8iPyokPmIjJXw3KywtLTYlc3YHb2pmYXNqbC51cH93FGFzaig/KjQiYWR0OWJyCXJ1f3cUYXNqNiBhcht9YGpxc2-FkdCY/Jz0rZGgCZHRwanRndHB/dmYiKCghMCs5f3YQfXd0dHAxfGs HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://andamafraidt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 356
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i2y7yuj3RrZw_1FTWBsrSQ2nFvMmJg0XccGlQCnuZCpbP6JfevMI8Q==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:30:22 GMT
Last-Modified: Thu, 29 Sep 2022 05:23:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
platform.bidgear.com/media/img/b15.png
104.26.2.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.2.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 506709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmVwW5Q3UT5%2BrrQlgaY7u0z1DsknE%2FdmAxTuc93ADUM9ulrxs4RqLp4%2FE5E7LLnKvhP5Sef6nUgbus1gNHjaijHXe6Gq%2Bpo%2FxfxDZ%2B9z7lwGO23%2BelrWT4XZwrZZDNwbQJJWwr63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7522ab773ccdb51d-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 3.0 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash c31a3191f58521c95d4375dfcb1f1ce8
d95b94d5bad388bc9a2e12b0259e12d621fb5ef6
126e20d2ac171f42a7eeb654d4df5bffb36fde6aa9a3cf86c25d089bf6b01f3f
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c3da91f34812391491a0b02df83a7670
c1bb27bae663584e2b1af0632e291cb1b16475ec
604e15400aa4b851d27581040b17fc890d74bc9f7b6533c699dc682266fdc939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 04:41:09 GMT
expires: Thu, 29 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 6553
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 749 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 90d2049d397db0aa8bcd0c9e83841fe2
db5012c32722048ac178159d596ff24f0feec268
fff64c7aaecb9706dba15a71cd3ee66e19c8b01733be10509e45753b7dd25e1a
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/CU3ZHUEwwGSk2cycfI210ZEB0YXR1HDQ/IiNLFGUpAT8yIjsFBAgzAB0hYSQ2N0t3diAyGCBtajYYJG19dRcjMnFnUDMgIzhLNzYuPhsuJi8wFGElLW4bKColPxomdX4VQ2lgaWFGbyh9YlN0EmlhRis5IiYOYmJ8K05xD3pnU3QSaWFGNSZpYDd+ZmJjX2-JifDQTJDsjdkQBYnxiRndhfGJTdWAqOgQiNiMrU3UWdWVYd3Y5bkc
143.204.42.225200 OK 454 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/CU3ZHUEwwGSk2cycfI210ZEB0YXR1HDQ/IiNLFGUpAT8yIjsFBAgzAB0hYSQ2N0t3diAyGCBtajYYJG19dRcjMnFnUDMgIzhLNzYuPhsuJi8wFGElLW4bKColPxomdX4VQ2lgaWFGbyh9YlN0EmlhRis5IiYOYmJ8K05xD3pnU3QSaWFGNSZpYDd+ZmJjX2-JifDQTJDsjdkQBYnxiRndhfGJTdWAqOgQiNiMrU3UWdWVYd3Y5bkc
IP 143.204.42.225:0
File type ASCII text, with very long lines (599), with no line terminators
Hash 4e90f229eee543e2a99253081489dcf8
b43f86dc10b88c87d67c1a4b047255a147fc4330
8389140dd9be27ba8d0d7a3c21424592cde71296cf75dd2796a394130ea5be7d
GET /CU3ZHUEwwGSk2cycfI210ZEB0YXR1HDQ/IiNLFGUpAT8yIjsFBAgzAB0hYSQ2N0t3diAyGCBtajYYJG19dRcjMnFnUDMgIzhLNzYuPhsuJi8wFGElLW4bKColPxomdX4VQ2lgaWFGbyh9YlN0EmlhRis5IiYOYmJ8K05xD3pnU3QSaWFGNSZpYDd+ZmJjX2-JifDQTJDsjdkQBYnxiRndhfGJTdWAqOgQiNiMrU3UWdWVYd3Y5bkc HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://andamafraidt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 454
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xDhi-bIJe5t33waJBbDl4T9UyQCdknUdaKgn6CtDUt9iuecx_6R5Zg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash f1bfc8329b66eac98d29c0f0f8cbb4d8
2071e5d1f792c7ad631128bebf2e7d11e4256c9c
333a16dc2728b74da0afd2a1a6e84f095af530100fefc92feb52e512e570809a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 06:30:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S957121861%3A1664433022666480&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoD-ZiEFRZ2J9UbBTGjL-0f8NNe9AtydPLGTaxQvXp7lT9ba2tAGFwGL7axlHISyyqUpduPdg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-fb7VWdTG2VMUuaYoEk_4bw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:7P7JQuVBixmEI1QzWD9dcglfS3mSdg:H19RZr0t4nmy2Vkc;Path=/;Expires=Sat, 28-Sep-2024 06:30:22 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/gTENoQ0YvLAYleTgqDH5xendZd3dqKRssKDx+GnBzAzk6CHMfdAt0CDU5X2UyNidVc2AgIgYke2omBiB7fWUJJyRxd043NiMoVTMgLi4FKjAvIAplMy1+BSw8JS8EImN+BV1tdmlxWGs+fXJNcARpcVgvLyI2EGZ0fDtQdRl6d01wBGlxWDEwaXApenBic0-FmdHwkDSAtI2ZaBXR8clhzd3xyTXF2KioaJiAjO01xAHV1RnNgOX5Z
143.204.42.225200 OK 589 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/gTENoQ0YvLAYleTgqDH5xendZd3dqKRssKDx+GnBzAzk6CHMfdAt0CDU5X2UyNidVc2AgIgYke2omBiB7fWUJJyRxd043NiMoVTMgLi4FKjAvIAplMy1+BSw8JS8EImN+BV1tdmlxWGs+fXJNcARpcVgvLyI2EGZ0fDtQdRl6d01wBGlxWDEwaXApenBic0-FmdHwkDSAtI2ZaBXR8clhzd3xyTXF2KioaJiAjO01xAHV1RnNgOX5Z
IP 143.204.42.225:0
File type ASCII text, with very long lines (836), with no line terminators
Hash ec9de9cbc5aca58b870e33a3fec5dc2e
8b3f7f8dad8958f190fe9f69c14f6eefbc4594a9
8effeb2405e31add6dab5baec42783ed50c56aae34fb6df90c6254374dc399a1
GET /gTENoQ0YvLAYleTgqDH5xendZd3dqKRssKDx+GnBzAzk6CHMfdAt0CDU5X2UyNidVc2AgIgYke2omBiB7fWUJJyRxd043NiMoVTMgLi4FKjAvIAplMy1+BSw8JS8EImN+BV1tdmlxWGs+fXJNcARpcVgvLyI2EGZ0fDtQdRl6d01wBGlxWDEwaXApenBic0-FmdHwkDSAtI2ZaBXR8clhzd3xyTXF2KioaJiAjO01xAHV1RnNgOX5Z HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://andamafraidt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 589
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9BXeX6KqPMzqmvoGSn-gaQHfqpBwEYSVR37GPZzh_WkBUOuWCKBI0g==
X-Firefox-Spdy: h2
andamafraidt.xyz/utx?cb=knZm1vgem4Ov&top=megaup.net&tid=761186
54.230.111.8204 No Content 0 B URL HTTP/2 andamafraidt.xyz/utx?cb=knZm1vgem4Ov&top=megaup.net&tid=761186
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=knZm1vgem4Ov&top=megaup.net&tid=761186 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 06:31:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TTv7eBE2JtfMEcR5iicQhGp-_CcOl91TBH5tE1L0oqi_ymjOEx01Sw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/Qb1FSODQMPjxeCxs4NgUNW2hqDgBJOyFXWh9sO3J4KQgWTAcEHStORwJ3JkJQUmF0VFUBNm8eUQEybwkSDjUwBQBJJDMFWQArO1RYDnRgfgFBYXcKBEcpYwkRXBN3CgQDODxNTEpjYkAMWQ5kDBFcE3cKBB0ndwt1Vmd8CB1KY2JfUQw6PR0GKWNiCQRfYG-IJEV1hNFFGCjc9QBFdF2sOGl93JwUF
143.204.42.225200 OK 189 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/Qb1FSODQMPjxeCxs4NgUNW2hqDgBJOyFXWh9sO3J4KQgWTAcEHStORwJ3JkJQUmF0VFUBNm8eUQEybwkSDjUwBQBJJDMFWQArO1RYDnRgfgFBYXcKBEcpYwkRXBN3CgQDODxNTEpjYkAMWQ5kDBFcE3cKBB0ndwt1Vmd8CB1KY2JfUQw6PR0GKWNiCQRfYG-IJEV1hNFFGCjc9QBFdF2sOGl93JwUF
IP 143.204.42.225:0
File type ASCII text, with no line terminators
Hash 63814742bcacea9231679374204dcb9a
af5f39b568092310248ef59a78c9bd469aa70e9c
e586546c48934362ca7018feb28d9cb47a30fb187e68558c43ac3cff14f94674
GET /Qb1FSODQMPjxeCxs4NgUNW2hqDgBJOyFXWh9sO3J4KQgWTAcEHStORwJ3JkJQUmF0VFUBNm8eUQEybwkSDjUwBQBJJDMFWQArO1RYDnRgfgFBYXcKBEcpYwkRXBN3CgQDODxNTEpjYkAMWQ5kDBFcE3cKBB0ndwt1Vmd8CB1KY2JfUQw6PR0GKWNiCQRfYG-IJEV1hNFFGCjc9QBFdF2sOGl93JwUF HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://andamafraidt.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wpAP_oTQpmOHxsuIkaGhFRUSSRXxeQBVxVMgQR0JsiwI8zbR92o1zA==
X-Firefox-Spdy: h2
andamafraidt.xyz/utx?cb=VrNDLxSIpLe9&top=megaup.net&tid=825911
54.230.111.8204 No Content 0 B URL HTTP/2 andamafraidt.xyz/utx?cb=VrNDLxSIpLe9&top=megaup.net&tid=825911
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=VrNDLxSIpLe9&top=megaup.net&tid=825911 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 06:31:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cglmc0dEIYbnHfzBDZTTA7xheJ56q4_a5x6e7HMkbw2cqASNJxtnEA==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=3dcc7b70b5b54ae7b41e49ce4a8a65a0&p=28&g=NO&token=4a44335432&tbg=1664433022
104.26.2.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=3dcc7b70b5b54ae7b41e49ce4a8a65a0&p=28&g=NO&token=4a44335432&tbg=1664433022
IP 104.26.2.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=3dcc7b70b5b54ae7b41e49ce4a8a65a0&p=28&g=NO&token=4a44335432&tbg=1664433022 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B2ZYjfPZoFo%2BqS3XX%2B20WYVBLoLysbxs12hQmcDpvL37vsgR%2Fn79xwAXQSV%2FsMAzXaUoTkcAUvDWt8mg2ThYWNPCe%2Ft5Lghqa3kuuc4FT13bv%2F8g588888zI8fFz8pbzG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab774cd2b51d-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 29 Sep 2022 10:53:52 GMT
Date: Thu, 29 Sep 2022 06:30:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 29 Sep 2022 10:53:52 GMT
Date: Thu, 29 Sep 2022 06:30:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 29 Sep 2022 10:53:52 GMT
Date: Thu, 29 Sep 2022 06:30:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Thu, 29 Sep 2022 10:53:52 GMT
Date: Thu, 29 Sep 2022 06:30:22 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 0201aafc91b562df8b30605a2ae90c0b
27e9fc45d3913a345a0a9950c641f75001c78859
27cf117c8cc17bab3a100a70528cf431601a0b50389a35263f485236ba54980a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 06:30:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1677044768%3A1664433022712020&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpMDH5goLNF_B8DW-O3LVAU-0aiDRsmp5GuOrahZWuLHe8E1XijhEF47eaHnAs-k4jxEaktfw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-bKHjp1VfRCjC3gQp2-s-aQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:BBwY_ork5H114sgJGYlx-T-OwbSM-A:IKtKJbnSQRAjbP-8;Path=/;Expires=Sat, 28-Sep-2024 06:30:22 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
143.204.42.225200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.225:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Thu, 29 Sep 2022 06:30:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8hByJuGSseGOXBXEXeskuQG50K6cKdwwtcrlMuCvHGeY08ivmzzEmg==
X-Firefox-Spdy: h2
a.exdynsrv.com/ad-provider.js
205.185.216.42200 OK 24 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81ef2e5397caa335947731e7e737f5c3
6a05a4b2d22c13ad2692170510bc8685b16002bf
cec22380c4f1438b29077d202d0396a6ad32b41761ed51d968f1bfbdf2423378
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:30:22 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23727
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"d944899a6eb421496e94cbddc42"
X-HW: 1664433022.dop016.sk1.t,1664433022.cds012.sk1.shn,1664433022.dop016.sk1.t,1664433022.cds246.sk1.c
Access-Control-Allow-Origin: *, *
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 2.0 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash fedfc283c374d00f98c49e1954d408cd
d30ac61dd750d9fd612cf94220a3beb16e30ab20
267fc3a5602b543bd47d2dbdc306c491c18134789067b86ad1478d59223a67d1
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 6VWIUAg5NYBu8JB+yVIZVA/+pPzIbha0G161803RlhhLh6ARy4mrt+SPve/EMGYa1NCn9DBf4fGj3D/W3lyfcA==
date: Thu, 29 Sep 2022 06:30:22 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
andamafraidt.xyz/utx?cb=XM1n6tCUFEbp&top=megaup.net&tid=876318
54.230.111.8204 No Content 0 B URL HTTP/2 andamafraidt.xyz/utx?cb=XM1n6tCUFEbp&top=megaup.net&tid=876318
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=XM1n6tCUFEbp&top=megaup.net&tid=876318 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 06:31:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -EInRrahJxTr3zEIgtgifGo0VGvZUtKtDIkIm6V7zomAJJtq12BT3w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:30:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
andamafraidt.xyz/utx?cb=UAOcLOEov1NX&top=megaup.net&tid=764141
54.230.111.8204 No Content 0 B URL HTTP/2 andamafraidt.xyz/utx?cb=UAOcLOEov1NX&top=megaup.net&tid=764141
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=UAOcLOEov1NX&top=megaup.net&tid=764141 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 29 Sep 2022 06:30:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 29 Sep 2022 06:31:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4LgNVbdvB7INbMFb7oKZ1ZjW28H4FbLi7fhxxLU-8bB5yXMUF7fJQA==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S957121861%3A1664433022666480&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoD-ZiEFRZ2J9UbBTGjL-0f8NNe9AtydPLGTaxQvXp7lT9ba2tAGFwGL7axlHISyyqUpduPdg
216.58.207.237403 Forbidden 1.2 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S957121861%3A1664433022666480&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoD-ZiEFRZ2J9UbBTGjL-0f8NNe9AtydPLGTaxQvXp7lT9ba2tAGFwGL7axlHISyyqUpduPdg
IP 216.58.207.237:0
Hash fe8894cc420638ee56050b8f96036071
dc7f95c70a47c231101d9b1630ba75b62c073c33
c05155f0c5cec683c758c31d1ef2852336079653891d02267500233d340cf0a9
GET /v3/signin/identifier?dsh=S957121861%3A1664433022666480&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWoD-ZiEFRZ2J9UbBTGjL-0f8NNe9AtydPLGTaxQvXp7lT9ba2tAGFwGL7axlHISyyqUpduPdg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 06:30:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-XqXbT6b9cpC9Z8keISvlCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=MwOFv69M5XFAsApAkK7PgHjx71m-Qc9w0e5LsuzLzVqEj14lV5MhA1s57XYIHQfSGg4M1AahxKus1ec6t89B5LLFRbE8_0HvYCUcRx_x1q7K6fmN0uoyc218HUvHUc2VmRH494v9zN3nCo4UIhEA15u-ReVce8ZeaWUhvdO14jg; expires=Fri, 31-Mar-2023 06:30:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.245200 OK 2.4 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5238), with no line terminators
Hash 7770f2b39123f77bc0611268b237196b
da42b2e205ec17b549e536cbf2d89a1d47c494f9
99552e320c42975496f8dad71396e0522888f0a062ee431d304fa14a0a50daf1
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 286
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263353b7ed270b2.688987763551097170%22%3B%7D; expires=Sat, 28-Sep-2024 06:30:22 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJs/uzn77raB4gO6Z0S8XwRUU6vB2z+JiioQ8KqkIiSwUi8QdyUnpJILgFJRMErvh4fEJxnjf39rXRzrvF7izUUaOIKsItSoZZtm4ZjgzXEJiMIqrUy4V7FDQgLiazSwREXNGJbw83x/OA0IYcUpCKmzk9D33Wll1I95a21n7tjZRXXsPqkOLGk3i/xfpikScfZ79a0DZVEyw8K0wDCMc4/b5c16BG/36LPy4oGCzKVW2V7baq1v41kNyp172VU1LNM3tF+AfF6JUAQAA
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJs/uzn77raB4gO6Z0S8XwRUU6vB2z+JiioQ8KqkIiSwUi8QdyUnpJILgFJRMErvh4fEJxnjf39rXRzrvF7izUUaOIKsItSoZZtm4ZjgzXEJiMIqrUy4V7FDQgLiazSwREXNGJbw83x/OA0IYcUpCKmzk9D33Wll1I95a21n7tjZRXXsPqkOLGk3i/xfpikScfZ79a0DZVEyw8K0wDCMc4/b5c16BG/36LPy4oGCzKVW2V7baq1v41kNyp172VU1LNM3tF+AfF6JUAQAA
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYJs/uzn77raB4gO6Z0S8XwRUU6vB2z+JiioQ8KqkIiSwUi8QdyUnpJILgFJRMErvh4fEJxnjf39rXRzrvF7izUUaOIKsItSoZZtm4ZjgzXEJiMIqrUy4V7FDQgLiazSwREXNGJbw83x/OA0IYcUpCKmzk9D33Wll1I95a21n7tjZRXXsPqkOLGk3i/xfpikScfZ79a0DZVEyw8K0wDCMc4/b5c16BG/36LPy4oGCzKVW2V7baq1v41kNyp172VU1LNM3tF+AfF6JUAQAA HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263353b7ed270b2.688987763551097170%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 06:30:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263353b7ed270b2.688987763551097170%22%3B%7D; expires=Sat, 28 Sep 2024 06:30:22 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%2263353b7ed270b2.688987763551097170%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sat, 28 Sep 2024 06:30:22 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 645
last-modified: Thu, 29 Sep 2022 06:19:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btFqgN0tWUBKLZ2Vs0sUseYQMERMZWzqbk%2BKUMxqMWM0Xt1XlbP5gHfryuvKTGaRMauycnmRgHXngbAcLjPpaYMUgneuoS7lFm40%2FZQt6okG2z8qJJ30fvW40JpMVjd6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7522ab784ba676ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg
185.76.9.15200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 2f1ee77f4701e8d6b0258466d99fc010
afd0544e028fe06635d1d3c51cd1eef2a7c975a8
8d0328ae01c3531184b0a2376386caa4c9275747e5037d85be6ff0e06ffeda43
GET /library/551406/afd0544e028fe06635d1d3c51cd1eef2a7c975a8.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:23 GMT
content-type: image/jpeg
content-length: 18807
last-modified: Wed, 26 May 2021 05:14:02 GMT
etag: "60add91a-4977"
expires: Sat, 29 Jul 2023 23:25:57 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690680215
server: CDN77-Turbo
x-77-nzt: AblMCQ0DPNn/aLNQAA
x-77-nzt-ray: 0q4Dm4NQIkI
x-cache: HIT
x-age: 5288808
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
andamafraidt.xyz/multi?cs=SFNmRld5YlN1Z3xjVH9kf2ZVd2U&abt=0&red=1&sm=76&k=download%20file%20spore%20collection&v=1.0.59.1&sts=0&prn=0&emb=0&tid=876318&fs=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_EpHO=1664433020128&crc=1
54.230.111.8200 OK 1.6 kB URL HTTP/2 andamafraidt.xyz/multi?cs=SFNmRld5YlN1Z3xjVH9kf2ZVd2U&abt=0&red=1&sm=76&k=download%20file%20spore%20collection&v=1.0.59.1&sts=0&prn=0&emb=0&tid=876318&fs=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_EpHO=1664433020128&crc=1
IP 54.230.111.8:0
Hash 82a4e2b991c5417fa5b7eedad0ff3d11
b8c25a58db6b1c9497cbe6663961eabab964b21b
7785999eea6bac524cde1edade43b9d8f4fad52feb70a8e01e9a42a9c1a687f4
GET /multi?cs=SFNmRld5YlN1Z3xjVH9kf2ZVd2U&abt=0&red=1&sm=76&k=download%20file%20spore%20collection&v=1.0.59.1&sts=0&prn=0&emb=0&tid=876318&fs=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_EpHO=1664433020128&crc=1 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1564
date: Thu, 29 Sep 2022 06:30:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2900cb2d-4f2a-4082-8cdf-6ad8e76a768e
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8W8TGGQhbP_wZtb9-cQ4YeTPEOCtanaBv9s9SZGsIv92loiMBwa7Cw==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash 76d1f6267026a53ba2e40c12aff0c2c8
9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0
915114bd4ebe358031f5f2aef414fea695d66012a6069d339e6997cb2263d38b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:30:23 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 09:53:49 GMT
Expires: Tue, 04 Oct 2022 09:53:48 GMT
Etag: "9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0"
Cache-Control: max-age=443604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7522ab76bb9db524-OSL
andamafraidt.xyz/floater?cs=SGIyOWx5UgIJXXFQBQtUcVYEAFs&abt=0&red=1&sm=83&k=download%20file%20spore%20collection&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=ta9_oi1_&_7uuU=1664433020126&crc=1
54.230.111.8200 OK 7.1 kB URL HTTP/2 andamafraidt.xyz/floater?cs=SGIyOWx5UgIJXXFQBQtUcVYEAFs&abt=0&red=1&sm=83&k=download%20file%20spore%20collection&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=ta9_oi1_&_7uuU=1664433020126&crc=1
IP 54.230.111.8:0
File type ASCII text, with very long lines (10251), with no line terminators
Hash 76999862b928cc1f049baaaa6c2faa8d
14ad11e0fdfac0bc138e394697405ccf5d7c01d1
a9915e44180788e3254883ac05beefc7aa34a815a813119c46862d82cafa1006
GET /floater?cs=SGIyOWx5UgIJXXFQBQtUcVYEAFs&abt=0&red=1&sm=83&k=download%20file%20spore%20collection&v=0.8.9.1&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=140.64697609001408&ref=https%3A%2F%2Fmegaup.net%2F1WZh%2FSPORE.Collection.GOG.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=ta9_oi1_&_7uuU=1664433020126&crc=1 HTTP/1.1
Host: andamafraidt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 7050
date: Thu, 29 Sep 2022 06:30:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=58a2f0ae-4a7c-4e4a-b1e9-93fe38199b30
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GBkNop9NMteOJU35Gy6Vr00G9kUWSOE2udc1S6XkwOwkqBCln2D8YQ==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/416295/300x250?region=eu-central-1
116.202.214.170200 OK 93 kB URL HTTP/2 static.a-ads.com/a-ads-banners/416295/300x250?region=eu-central-1
IP 116.202.214.170:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash f8b372cb388275921a83047368fe2906
e2f08edab869336f9937e76516d6bd80233d285a
c97de4021837b325d20bdca0eb0cb606e8403e891e6f419a9c0ad5e04e7496c2
GET /a-ads-banners/416295/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:23 GMT
content-type: image/jpeg
content-length: 93340
x-amz-id-2: WxTVz7u1pu2xATMZ7xmhyHjbakobxdGkG3hZj3hC83GnbQvG1nEoNEea89hbBVXjmDePXAS9yHE=
x-amz-request-id: ENYGMDNVPMZ6JBY1
x-amz-replication-status: COMPLETED
last-modified: Sat, 17 Sep 2022 10:55:48 GMT
etag: "f8b372cb388275921a83047368fe2906"
cache-control: max-age=315360000
x-amz-version-id: ARia2ZYMUA50_BRqUrfoLcuPowtOu1YD
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1; _ga=GA1.2.1726450235.1664433020; _gid=GA1.2.1689387551.1664433020; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:23 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:30:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:30:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:30:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8621
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:30:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 7783
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 7783
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 41163
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iJqlMznUxlZhvkId6f8cJu8dbVThmd6iLiZxHTATX7TeHm_0vYplDA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:30 GMT
age: 10913
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: ff9cdb43-e7f3-4fb3-a2c9-28059f7749e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtFlRoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-2b426b8e379fb9da122731e6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v_9XHswnO6iHo9-XgqSOIDYxa_RSEzQTDqJ5Uoi5pB9sJ3kl3H-XSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 23:45:29 GMT
age: 24294
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:47:43 GMT
age: 2560
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=SCeE7J-5oFpKzKWFCXJxx8FXNzo2L6yySxNBck35sbzMHyKuHzgQqsZnpA60FbOc1HnOVP5AECWjJbvfu2vkWGEawGfE8aEon9QLMM1zITdhBE1f8dtJxEIgaygWH15y5ahbRx3nEZA6YHosUc2IN57L_p4kXB7wIfm9Vw_OTqVnuB-reGy2dr1ltokfC9w4QcSLXUNpph2KDwKxadrP8JN5NmXmQa538fPPyNCk74bhfc4geqJTfz3T51wS_MrrtdwpvYqKnydo9jy4zXd6iHME8K4CM5xwjbc1-U4J34wiPg3fkVGLng7nhQCShJfMfm7TYLqNOFCLXQSYfT0qaK--PAbq3AHACRUIHTpbR6bII9lpZ4_35MW4vLj-BZUzo4OUwqrezU6kl3VnPm8C-jI1y9ogfB4wO188HsT8SlFire8bzpZQPPDHseiaxwiBE9cUYR-_85X481EqHVcvHdwwhyO1sBi_OwxsvAB8t4smCbI-PBQlo_nP17uU2m1wd2OpMiNDOBMWohvE9Asi3faNw-oCIAC8aGnbutAqmhkwGArbOIq_7pqdZpX7VmKx5hKNpQ33kr-KWYLAQ_2OMmn3WAnVVWPBx0h1VvubgAJ6rxIbQsTYe5tgkOcdQ0t2bfQYFddtWmaJnLngUZycBw5frvPjZqWV9RWca6qGUdcREtygzBkGCYYeiVxnHB6TRzLReagIrT2PTdvJCWt3wZGqL_aD6FwxCezXlsUCXIBMq0PXk6eLKqSz_obKepAbr9VYgWPL2_hvrCjQ4YxG-OkMtBDmM6tLwi8iqgq1g_uGlbuCC40Njxr_nc7pr6mdrzKCBimJr8MvVrMn66jwhtQdrJj_rPBv5eQdmrjowoFUDWQACKtborKIKC1SNDOnIy-yWv0WLjD5wNYwhsjuNTzfFKl93T0bgl7VnWUvM2mbyczg3WUd0IlnMwR8xgRp-768Z3fBUJXxD_cEcgua4X3KX2Ko5pI0AAaiqr5k7s7PPYzGojGKbwYFtA34OT-gOh_zkrhSAOTZf-VuAVDqla7BcJmpyhdfAXJOEC68hz7IuyPM4yH9&rd=RVU7_gp_Nzp0vYY136tHrhTBR4ylYn2Yrd3-6ZMc4Ca_SsjDYvfwJcf0-jCqki3dy7YihrU4a7GMTWlyTPMkfZeaNAbOWKM8pqLaSFnkol6r0p2Vr13GH5hO889qw-ZANZevxLOOeMjdtj8LVjodsUQ=
62.122.171.12302 Found 108 B URL HTTP/2 hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=SCeE7J-5oFpKzKWFCXJxx8FXNzo2L6yySxNBck35sbzMHyKuHzgQqsZnpA60FbOc1HnOVP5AECWjJbvfu2vkWGEawGfE8aEon9QLMM1zITdhBE1f8dtJxEIgaygWH15y5ahbRx3nEZA6YHosUc2IN57L_p4kXB7wIfm9Vw_OTqVnuB-reGy2dr1ltokfC9w4QcSLXUNpph2KDwKxadrP8JN5NmXmQa538fPPyNCk74bhfc4geqJTfz3T51wS_MrrtdwpvYqKnydo9jy4zXd6iHME8K4CM5xwjbc1-U4J34wiPg3fkVGLng7nhQCShJfMfm7TYLqNOFCLXQSYfT0qaK--PAbq3AHACRUIHTpbR6bII9lpZ4_35MW4vLj-BZUzo4OUwqrezU6kl3VnPm8C-jI1y9ogfB4wO188HsT8SlFire8bzpZQPPDHseiaxwiBE9cUYR-_85X481EqHVcvHdwwhyO1sBi_OwxsvAB8t4smCbI-PBQlo_nP17uU2m1wd2OpMiNDOBMWohvE9Asi3faNw-oCIAC8aGnbutAqmhkwGArbOIq_7pqdZpX7VmKx5hKNpQ33kr-KWYLAQ_2OMmn3WAnVVWPBx0h1VvubgAJ6rxIbQsTYe5tgkOcdQ0t2bfQYFddtWmaJnLngUZycBw5frvPjZqWV9RWca6qGUdcREtygzBkGCYYeiVxnHB6TRzLReagIrT2PTdvJCWt3wZGqL_aD6FwxCezXlsUCXIBMq0PXk6eLKqSz_obKepAbr9VYgWPL2_hvrCjQ4YxG-OkMtBDmM6tLwi8iqgq1g_uGlbuCC40Njxr_nc7pr6mdrzKCBimJr8MvVrMn66jwhtQdrJj_rPBv5eQdmrjowoFUDWQACKtborKIKC1SNDOnIy-yWv0WLjD5wNYwhsjuNTzfFKl93T0bgl7VnWUvM2mbyczg3WUd0IlnMwR8xgRp-768Z3fBUJXxD_cEcgua4X3KX2Ko5pI0AAaiqr5k7s7PPYzGojGKbwYFtA34OT-gOh_zkrhSAOTZf-VuAVDqla7BcJmpyhdfAXJOEC68hz7IuyPM4yH9&rd=RVU7_gp_Nzp0vYY136tHrhTBR4ylYn2Yrd3-6ZMc4Ca_SsjDYvfwJcf0-jCqki3dy7YihrU4a7GMTWlyTPMkfZeaNAbOWKM8pqLaSFnkol6r0p2Vr13GH5hO889qw-ZANZevxLOOeMjdtj8LVjodsUQ=
IP 62.122.171.12:0
File type HTML document, ASCII text
Hash f23ac69cb92f31e35484bf5cb8b4e3ee
a06747f841dade6bc3393d0b8941c0ef98968aac
bdff3dd3bbf327d16ba79e288968afe70ac86d4b335fc68e0816af42d538cdb0
GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0&ip=91.90.42.154&pl=SCeE7J-5oFpKzKWFCXJxx8FXNzo2L6yySxNBck35sbzMHyKuHzgQqsZnpA60FbOc1HnOVP5AECWjJbvfu2vkWGEawGfE8aEon9QLMM1zITdhBE1f8dtJxEIgaygWH15y5ahbRx3nEZA6YHosUc2IN57L_p4kXB7wIfm9Vw_OTqVnuB-reGy2dr1ltokfC9w4QcSLXUNpph2KDwKxadrP8JN5NmXmQa538fPPyNCk74bhfc4geqJTfz3T51wS_MrrtdwpvYqKnydo9jy4zXd6iHME8K4CM5xwjbc1-U4J34wiPg3fkVGLng7nhQCShJfMfm7TYLqNOFCLXQSYfT0qaK--PAbq3AHACRUIHTpbR6bII9lpZ4_35MW4vLj-BZUzo4OUwqrezU6kl3VnPm8C-jI1y9ogfB4wO188HsT8SlFire8bzpZQPPDHseiaxwiBE9cUYR-_85X481EqHVcvHdwwhyO1sBi_OwxsvAB8t4smCbI-PBQlo_nP17uU2m1wd2OpMiNDOBMWohvE9Asi3faNw-oCIAC8aGnbutAqmhkwGArbOIq_7pqdZpX7VmKx5hKNpQ33kr-KWYLAQ_2OMmn3WAnVVWPBx0h1VvubgAJ6rxIbQsTYe5tgkOcdQ0t2bfQYFddtWmaJnLngUZycBw5frvPjZqWV9RWca6qGUdcREtygzBkGCYYeiVxnHB6TRzLReagIrT2PTdvJCWt3wZGqL_aD6FwxCezXlsUCXIBMq0PXk6eLKqSz_obKepAbr9VYgWPL2_hvrCjQ4YxG-OkMtBDmM6tLwi8iqgq1g_uGlbuCC40Njxr_nc7pr6mdrzKCBimJr8MvVrMn66jwhtQdrJj_rPBv5eQdmrjowoFUDWQACKtborKIKC1SNDOnIy-yWv0WLjD5wNYwhsjuNTzfFKl93T0bgl7VnWUvM2mbyczg3WUd0IlnMwR8xgRp-768Z3fBUJXxD_cEcgua4X3KX2Ko5pI0AAaiqr5k7s7PPYzGojGKbwYFtA34OT-gOh_zkrhSAOTZf-VuAVDqla7BcJmpyhdfAXJOEC68hz7IuyPM4yH9&rd=RVU7_gp_Nzp0vYY136tHrhTBR4ylYn2Yrd3-6ZMc4Ca_SsjDYvfwJcf0-jCqki3dy7YihrU4a7GMTWlyTPMkfZeaNAbOWKM8pqLaSFnkol6r0p2Vr13GH5hO889qw-ZANZevxLOOeMjdtj8LVjodsUQ= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 29 Sep 2022 06:30:25 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
172.67.25.161200 OK 22 kB URL HTTP/2 cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
IP 172.67.25.161:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd339d0abd644dfc62b8dcd2cd15bd2b
0af5c8cec4712fb169744df0ecc88faf9125e9df
385adfface9b1e607e43242a9d9877fbdf7c71278940709ecad3d2e53e0e931a
GET /pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:25 GMT
content-type: image/webp
content-length: 22450
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=40774
content-disposition: inline; filename="514b34fc18d3f446e094227228e3b1595fe3abf9.webp"
etag: 19e0f2a507ac755f9419ea98d0121544
expires: Fri, 30 Sep 2022 15:29:15 GMT
last-modified: Thu, 22 Sep 2022 09:48:57 GMT
vary: Accept
x-openstack-request-id: tx7c030a591e2a48f1aae4d-00632c2fcb
x-proxy-cache: HIT
x-timestamp: 1663840136.02468
x-trans-id: tx7c030a591e2a48f1aae4d-00632c2fcb
cf-cache-status: HIT
age: 54070
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7522ab8a1986b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f5d12cf4a2f87a4a9dd7d5d62a560c0
91d3679a36e63805d986ecdf1048fb3f2e061e85
869fc97f3ddbe99a120ece299c47ef091b4aa552089c9f1495649af7c1cfcf41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "869FC97F3DDBE99A120ECE299C47EF091B4AA552089C9F1495649AF7C1CFCF41"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11334
Expires: Thu, 29 Sep 2022 09:39:23 GMT
Date: Thu, 29 Sep 2022 06:30:29 GMT
Connection: keep-alive
agagraveleran.com/icon?ctx=xNFbmX2KVC26G1x7u1rkGdW9aExkDuuguobiYLfCHVpImhai61wNL4KVQtlHRzJ6rAqq5wrpJi_qmxdj2EFMGJc7yOKTgf0yfFfxAm7KJa3GwthiTAzSmbJnkCmcdZvc2qb2ZKihNfLUcww76xY3hB-Aq5ZaZQ59ZDHH-byV2VDfApxWKAhu_OYpLy7vbfTkMlWA7mGiWMjyno7OpTrat0oL-9DiuVuJRJRu67BZWJI0UD4A9K-7zlRk79JE41Qv&z=3317464
139.45.195.6301 Moved Permanently 0 B URL HTTP/1.1 agagraveleran.com/icon?ctx=xNFbmX2KVC26G1x7u1rkGdW9aExkDuuguobiYLfCHVpImhai61wNL4KVQtlHRzJ6rAqq5wrpJi_qmxdj2EFMGJc7yOKTgf0yfFfxAm7KJa3GwthiTAzSmbJnkCmcdZvc2qb2ZKihNfLUcww76xY3hB-Aq5ZaZQ59ZDHH-byV2VDfApxWKAhu_OYpLy7vbfTkMlWA7mGiWMjyno7OpTrat0oL-9DiuVuJRJRu67BZWJI0UD4A9K-7zlRk79JE41Qv&z=3317464
IP 139.45.195.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /icon?ctx=xNFbmX2KVC26G1x7u1rkGdW9aExkDuuguobiYLfCHVpImhai61wNL4KVQtlHRzJ6rAqq5wrpJi_qmxdj2EFMGJc7yOKTgf0yfFfxAm7KJa3GwthiTAzSmbJnkCmcdZvc2qb2ZKihNfLUcww76xY3hB-Aq5ZaZQ59ZDHH-byV2VDfApxWKAhu_OYpLy7vbfTkMlWA7mGiWMjyno7OpTrat0oL-9DiuVuJRJRu67BZWJI0UD4A9K-7zlRk79JE41Qv&z=3317464 HTTP/1.1
Host: agagraveleran.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 29 Sep 2022 06:30:29 GMT
Content-Length: 0
Connection: keep-alive
Location: https://outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6ad9bd3e02bffd476ac9e1163fb4d7d
01d10622c27771769df4fe6eaa7e32a1b0ddd2c1
e0e5c78793cc8f9b7885d5ff002264240c534c671e0f11aad092df05c98e7eb8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E0E5C78793CC8F9B7885D5FF002264240C534C671E0F11AAD092DF05C98E7EB8"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3144
Expires: Thu, 29 Sep 2022 07:22:53 GMT
Date: Thu, 29 Sep 2022 06:30:29 GMT
Connection: keep-alive
outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg
172.67.12.156200 OK 23 kB URL HTTP/2 outsimiseara.com/www/images/7a555faea541a27da9de79a0e67abf9b.jpeg
IP 172.67.12.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7a555faea541a27da9de79a0e67abf9b
c6650bdf11a8badb1f4ea8eff3003928c5df877f
170b360c4605bbcc8939aa230ff5bb5d274bb6163e50cf47c6e00d3284e4c01e
GET /www/images/7a555faea541a27da9de79a0e67abf9b.jpeg HTTP/1.1
Host: outsimiseara.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:29 GMT
content-type: image/jpeg
content-length: 23018
cache-control: max-age=86400
cf-bgj: h2pri
etag: "5e240fa2-59ea"
expires: Thu, 29 Sep 2022 10:07:12 GMT
last-modified: Sun, 19 Jan 2020 08:13:22 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 73397
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7522aba2ed5b0b65-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 645
last-modified: Thu, 29 Sep 2022 06:19:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK1wztdjNToz0Aw93QZeknoashYxX6VfuRBJLJbmSV5D%2FR7F2vjkoMAHeLbAnO%2BcjHNNr%2FDyxXPgotWpbTJkSgQs90sKE3CgaKE5X07%2BG0cx7B1AtaAzprzjMpA8gm4W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7522ab783ba076ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
116.202.214.170200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 116.202.214.170:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:23 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: text/plain
set-cookie: csu=520837868550838@1@1664433022; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGxVLrRHLkQTW0FJgyH%2Fp2w%2Fx5SPJazTHogORiAqLogf3xri3n44RfUmP7xgVpl3AN0hmS9zec5bXzK3lM3ue%2BqeAfBbyZPST4pjuBs%2BNcV%2BxM9ycnzGhAx7F2lmFu3N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab782b8076ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/1WZh/SPORE.Collection.GOG.rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/1WZh/SPORE.Collection.GOG.rar
IP 91.209.70.182:0
GET /1WZh/SPORE.Collection.GOG.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1; expires=Fri, 30-Sep-2022 06:30:21 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?bVRuajQ2dlZZBltnXUgYT3ZCSFJZMFdfBQgwQ1kEXW1DXgxaMkNSUlthQ1IFD20PXQMIZVsJUk94TA9RDGRdXgBVeV9cBQx5Wl9RXnkPWAUIeVZZDFoyXl9WC2NeXhZBdh0dFkF2HQVXBDEaA1oKOg9EXQMyAUgYT21AWBZBMg8GRwh4CAtYHjEz
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?bVRuajQ2dlZZBltnXUgYT3ZCSFJZMFdfBQgwQ1kEXW1DXgxaMkNSUlthQ1IFD20PXQMIZVsJUk94TA9RDGRdXgBVeV9cBQx5Wl9RXnkPWAUIeVZZDFoyXl9WC2NeXhZBdh0dFkF2HQVXBDEaA1oKOg9EXQMyAUgYT21AWBZBMg8GRwh4CAtYHjEz
IP 91.209.70.182:0
GET /sw.js?bVRuajQ2dlZZBltnXUgYT3ZCSFJZMFdfBQgwQ1kEXW1DXgxaMkNSUlthQ1IFD20PXQMIZVsJUk94TA9RDGRdXgBVeV9cBQx5Wl9RXnkPWAUIeVZZDFoyXl9WC2NeXhZBdh0dFkF2HQVXBDEaA1oKOg9EXQMyAUgYT21AWBZBMg8GRwh4CAtYHjEz HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1677044768%3A1664433022712020&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpMDH5goLNF_B8DW-O3LVAU-0aiDRsmp5GuOrahZWuLHe8E1XijhEF47eaHnAs-k4jxEaktfw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1677044768%3A1664433022712020&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpMDH5goLNF_B8DW-O3LVAU-0aiDRsmp5GuOrahZWuLHe8E1XijhEF47eaHnAs-k4jxEaktfw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1677044768%3A1664433022712020&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpMDH5goLNF_B8DW-O3LVAU-0aiDRsmp5GuOrahZWuLHe8E1XijhEF47eaHnAs-k4jxEaktfw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 06:30:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-ci7LyUrJ-gdOV4DkLvobIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=P57Pd139sQas74YXGki57jzvnM2R7gTcQk4NUnSxh7Wbi8Wee2D3JoRPhsusSc1Rw4c4scm6RfP2uuqXwQ5MlLZxKNEC3I2rm9J67dFoqdPDffgesCw-2xpWuo0NJgXE9wT1SFu__0JeksliSvGARWnb4w4DxHulIqX1oLSBVGQ; expires=Fri, 31-Mar-2023 06:30:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664433019576
104.26.2.107200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664433019576
IP 104.26.2.107:0
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664433019576 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUfkjXpCzpXmJSns7R4qV9ufei%2BTz1K65Lxo8nTDp5DuXR3uw3%2BGmXlYVZ4W%2FBI2vW%2BlkHQpfjCos%2BTpRRZPs9upAWqFfrdI%2FiEmtJVGfoJs0NPuKg1XNdyCEBD%2F4XqI9vuByDkt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7522ab764bc7b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:30:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 645
last-modified: Thu, 29 Sep 2022 06:19:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRIUG0CvqfdT9dApTEaQwvFMO2IXzZhnpnbTOC7EJ99swqH%2BFn1YodzffZDBBgSBw%2BBx0v8%2F%2Bp%2FpTDzFVpP%2BFt9piWRKYodkl1bla4gvlOgKM1fbyYZaKNS5pNqbApiy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7522ab784ba176ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1WZh/SPORE.Collection.GOG.rar
Connection: keep-alive
Cookie: filehosting=3qf9isk70ch3v020ilck4r7ho1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:30:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2