megaup.net/17Dm4/Lake.v1.0.10.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/17Dm4/Lake.v1.0.10.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /17Dm4/Lake.v1.0.10.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 20 Oct 2022 20:18:26 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/17Dm4/Lake.v1.0.10.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 19:51:51 GMT
Expires: Thu, 20 Oct 2022 20:23:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: af3_3Tizem_FVLiEkfZl_OGZn38aR82uQwEHc7baVpKGXQm0PRT_1w==
Age: 1595
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18702
Expires: Fri, 21 Oct 2022 01:30:08 GMT
Date: Thu, 20 Oct 2022 20:18:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18701
Expires: Fri, 21 Oct 2022 01:30:07 GMT
Date: Thu, 20 Oct 2022 20:18:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4SdzdIgeOUIDgoaRDewrvUGDNVAkWc6AuIfRl8HoMVFU3w1n13SoDP4TDBTSkjq+Y2rSt7ICUfL+PVajXyOW/w==
x-amz-request-id: 7WYJRGWXYQNM1C8V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 20:04:49 GMT
age: 817
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 20 Oct 2022 19:43:40 GMT
Expires: Thu, 20 Oct 2022 20:27:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m3nYR0P_fT82i3TbYAoUozTetZBIRTeiBbHZuiVULzwVyfMM3NlYjA==
Age: 2087
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 030e1186a91c1b458192ed588383d4db
c08f09e58ccc3a5cf80279bcaf41b8a92b5ddf17
9b732b1e2a3962d53c74d6b651086e90e7b5db7292a91ef16b2527864e58b5da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 20:18:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 23:25:46 GMT
Expires: Mon, 24 Oct 2022 23:25:45 GMT
Etag: "c08f09e58ccc3a5cf80279bcaf41b8a92b5ddf17"
Cache-Control: max-age=356237,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d47156be1ffac8-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 3.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
File type assembler source, ASCII text, with CRLF line terminators
Hash fc1b3902f003f53da901b3a40943cbc1
35b17272d39f02193da48744bf801181860ed2aa
cc45c9e51d80d1a90753da38b26a1acaa41a3a72d24adf31bc64351ec9b43042
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.228200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.228:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188840 bytes)
Hash 809c557410eb0c92a429756275e49e90
a7c1b8e51ec3065be53d3ea1f845008d180bf3aa
818f995f0bc33ea59c8d33dc468c81ae411913df545abb23f1de53544fd81539
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188840
date: Thu, 20 Oct 2022 19:44:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c2zkU5nbaP9nexVImBj8arSfW06HJZtcKkLkvmmzFE-LDMLOnZMIdA==
age: 2035
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash b7a94e133ea108d05d4a2379efafa57e
fb64eb36c61d03408b42ac487f0294410231e256
4e5e20bfbd8ae4843855aa264a23874e03d2ad526863d3eac34443b69a6a44df
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 20:18:27 GMT
expires: Thu, 20 Oct 2022 20:18:27 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 19:50:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 6.6 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
Hash 6b223da49a708b7ba9a1e9ddfa732dd2
4dd6908a142038d9093488bd3f99d77e5f7044f1
92357f519525cba26ed4ff66010d6e3e33d38e70601029b11ec0d92683e378e9
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0770ab91eed51220395a4cc4652bbb9
c716b4ba05404261ee60b30513f0138b680ddd10
cd82e8280c15301b2ecb93030cac733dc30a6b1d9a77f2ce12a5caba0167a523
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD82E8280C15301B2ECB93030CAC733DC30A6B1D9A77F2CE12A5CABA0167A523"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19005
Expires: Fri, 21 Oct 2022 01:35:12 GMT
Date: Thu, 20 Oct 2022 20:18:27 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
Hash 55df196f85d1a672749beb54d270f82e
d2fbe4e36a84cba78d4edb0f30c5e33d1048d9d3
0995d2285375ea498a8b19f8895362db596c410675117517ef396f2c822ffd5c
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 37 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1259)
Hash e3724e79143f1eeabc10aa9e1e209f2f
080cfab8a61effc85183d5a0df6295cb010fefa7
8cd5f876a1bee51ccebc3f8a283dc567f2dab9e11771dd0435d815ed8b5e0ca9
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
Hash 283e68f26ee709d6b66ad28fe2eb4580
cb0071f8bce0eb62f24be429fb4ee4753caf7fd8
b46854e6c73a2e2678fc9865c2a3d825154978ec8b7ad8bcc5bd610b5ef14f97
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 26 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
Hash a3e64b2e4e72dcfd36eac65e1b0ebc1b
2313dd6044ae36187ca7967ae3995073b6670d35
442f8449c1695e84cf9df3151fca825f90f80c1c6e8258b638a2451a1a6a0c54
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vWSwTTbZ3zSHF9kHIkqIpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DEtZdAPAm1JjlcIHNYJlue4Cp6Q=
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.158200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.158:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 20:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 21-Oct-2022 20:18:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 21-Oct-2022 20:18:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
IP 142.250.74.3:0
Hash 8270dc9b5042518dfa259f5ec9f0cbd4
870971fa7a32a319469cb7f07c451b4dfea2846f
31a9af3dc2ae71a5b9681ea1cc57deddce4545f4cd8b779d19051e0bc49a0ce7
POST /s/gts1p5/TyKyq2Syz7Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.33200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.33:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 20:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 21-Oct-2022 20:18:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 21-Oct-2022 20:18:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1249)
Hash e41e9abf55d2448f94e945052f432d2d
328c2da80413eedcc8bfc82080751e6fdd8e6c8b
928cb3b55f73d94f997ea0e99dd134e414800ced7953c14b352fa319c3e355aa
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
IP 142.250.74.3:0
Hash 8270dc9b5042518dfa259f5ec9f0cbd4
870971fa7a32a319469cb7f07c451b4dfea2846f
31a9af3dc2ae71a5b9681ea1cc57deddce4545f4cd8b779d19051e0bc49a0ce7
POST /s/gts1p5/TyKyq2Syz7Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
IP 142.250.74.3:0
Hash 8270dc9b5042518dfa259f5ec9f0cbd4
870971fa7a32a319469cb7f07c451b4dfea2846f
31a9af3dc2ae71a5b9681ea1cc57deddce4545f4cd8b779d19051e0bc49a0ce7
POST /s/gts1p5/TyKyq2Syz7Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.158200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.158:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 20:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 1.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 97ae644c495ce814d343a20789bc4939
15a3784bfb7fae4f553ae223b8ff22126dc47c7c
c36d1b9fe9760d5e93752efa7d974b53eaa71c5590e9d198463ed779eeb9c3f3
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 7.4 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
Hash e2ac0c2dbb3ac73ecd25d3c4d0b9c646
0c1a748d35e4282881f5deea9be59df3bddf3fd4
618a0d0dec0aafaa5810bf0b3c954caa9b9d9b06bc2f41b9fade02d8590fb82d
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
racareewituhi.xyz/M2R4b2JSBhsCXVJZGkkXQQhFSlB1QUopBl4JAgQEV1xKGANKClYMDlwRHAkQXAoMQQxWEF1dJFg9SwRXUTAbLiRfBzQsIFA1IDkjfDJILiBkEzYpJwMLOzgwfSEbKRpXKRIbEHohSF0udSkJOTMLUis6FncjKl8nazY9PyV1BzMsCWYHLhhWeDEUVjtwMi4KNmFcITkOBzEuBwZWIAA5O2AlLQM2cQAcKg51Lj09N3QxFBgpfxwyPTFlMT04MGomMClaeyNIKjJ+Az43OnILDioOdS4rFxFgMTwII2QcFDs3cRweLRViBy8IOGo2ExtHASIgGAZgNylCDlAmSSUBcFVJPSFUEBssU1QGIC4RQSAUOTpwMQwsOlgDXgURXAoIUisCDiktMH4eLToIdAYULBI
65.9.44.69200 OK 1.2 kB URL HTTP/2 racareewituhi.xyz/M2R4b2JSBhsCXVJZGkkXQQhFSlB1QUopBl4JAgQEV1xKGANKClYMDlwRHAkQXAoMQQxWEF1dJFg9SwRXUTAbLiRfBzQsIFA1IDkjfDJILiBkEzYpJwMLOzgwfSEbKRpXKRIbEHohSF0udSkJOTMLUis6FncjKl8nazY9PyV1BzMsCWYHLhhWeDEUVjtwMi4KNmFcITkOBzEuBwZWIAA5O2AlLQM2cQAcKg51Lj09N3QxFBgpfxwyPTFlMT04MGomMClaeyNIKjJ+Az43OnILDioOdS4rFxFgMTwII2QcFDs3cRweLRViBy8IOGo2ExtHASIgGAZgNylCDlAmSSUBcFVJPSFUEBssU1QGIC4RQSAUOTpwMQwsOlgDXgURXAoIUisCDiktMH4eLToIdAYULBI
IP 65.9.44.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash dfac6a4ec2c34b66db41b595fc668f67
ec9fe5863725a3e1ee01c0492624335f4eb852af
71ab4ed11fe6aecb99a401eaec9a1c763acd7ca777fdb52c168dd61386239acc
GET /M2R4b2JSBhsCXVJZGkkXQQhFSlB1QUopBl4JAgQEV1xKGANKClYMDlwRHAkQXAoMQQxWEF1dJFg9SwRXUTAbLiRfBzQsIFA1IDkjfDJILiBkEzYpJwMLOzgwfSEbKRpXKRIbEHohSF0udSkJOTMLUis6FncjKl8nazY9PyV1BzMsCWYHLhhWeDEUVjtwMi4KNmFcITkOBzEuBwZWIAA5O2AlLQM2cQAcKg51Lj09N3QxFBgpfxwyPTFlMT04MGomMClaeyNIKjJ+Az43OnILDioOdS4rFxFgMTwII2QcFDs3cRweLRViBy8IOGo2ExtHASIgGAZgNylCDlAmSSUBcFVJPSFUEBssU1QGIC4RQSAUOTpwMQwsOlgDXgURXAoIUisCDiktMH4eLToIdAYULBI HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1160
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: iEuA77GS29PWF3kP_xeom7AqFHuHTfdS2OhY_YHL9LwBoM3zFTi3vA==
X-Firefox-Spdy: h2
racareewituhi.xyz/NmRhaFRXBgIFa1dZA04hRAhcTWZwQVMuMFsJGwMyUlxTHzVPCk8LOFkRBQ4mWQoVRjpTEERaEm83KTIeVzAsGhNlBzEsEEECLT4FegEKJiNhJSsdHHILJjAAXigoAhZ1LjRcDXFWI18GQRckCQMCJywfZHkBJyk4dSJRHgcEXCwwB0IoBC1tZSgjOmRuNjRQFl89Iiw+Bj0tOSxgLTMPJ3I2NFESBTUkMBB/Ais5AmUGNDkEbiZQXAEFEDsvLnQsBC0jdycNJmNhMlkAE3ITMy46RiMsPhFwIlEqbWIlICMBBRA7OQADMAQBM30CDQBhZyY7XgZfSVUlAXUpOwoSQlUEAw4CMzAmYWQKCSUVbgMwIRZCMy0AP04wIC0bYldYIBUEUCUMElFCCxs7WBRcAw1HCVk5JmVXUCo5bA
65.9.44.69200 OK 1.2 kB URL HTTP/2 racareewituhi.xyz/NmRhaFRXBgIFa1dZA04hRAhcTWZwQVMuMFsJGwMyUlxTHzVPCk8LOFkRBQ4mWQoVRjpTEERaEm83KTIeVzAsGhNlBzEsEEECLT4FegEKJiNhJSsdHHILJjAAXigoAhZ1LjRcDXFWI18GQRckCQMCJywfZHkBJyk4dSJRHgcEXCwwB0IoBC1tZSgjOmRuNjRQFl89Iiw+Bj0tOSxgLTMPJ3I2NFESBTUkMBB/Ais5AmUGNDkEbiZQXAEFEDsvLnQsBC0jdycNJmNhMlkAE3ITMy46RiMsPhFwIlEqbWIlICMBBRA7OQADMAQBM30CDQBhZyY7XgZfSVUlAXUpOwoSQlUEAw4CMzAmYWQKCSUVbgMwIRZCMy0AP04wIC0bYldYIBUEUCUMElFCCxs7WBRcAw1HCVk5JmVXUCo5bA
IP 65.9.44.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 4d1ab6cfdd38c9fabe53727cc3b11b7e
087617b3b05bb1f1be97387ad02d859b397a19c6
dca148b1651d833df24d03f5696bbd8697d139f7427308371baa144a762cdb79
GET /NmRhaFRXBgIFa1dZA04hRAhcTWZwQVMuMFsJGwMyUlxTHzVPCk8LOFkRBQ4mWQoVRjpTEERaEm83KTIeVzAsGhNlBzEsEEECLT4FegEKJiNhJSsdHHILJjAAXigoAhZ1LjRcDXFWI18GQRckCQMCJywfZHkBJyk4dSJRHgcEXCwwB0IoBC1tZSgjOmRuNjRQFl89Iiw+Bj0tOSxgLTMPJ3I2NFESBTUkMBB/Ais5AmUGNDkEbiZQXAEFEDsvLnQsBC0jdycNJmNhMlkAE3ITMy46RiMsPhFwIlEqbWIlICMBBRA7OQADMAQBM30CDQBhZyY7XgZfSVUlAXUpOwoSQlUEAw4CMzAmYWQKCSUVbgMwIRZCMy0AP04wIC0bYldYIBUEUCUMElFCCxs7WBRcAw1HCVk5JmVXUCo5bA HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1177
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: pLy_BUxQQwaFBRfBrTsNLN67NN1ov5AVdHS0ghkF1oiQdDHXfPvi_A==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 1.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash b0c7966e0c9bd0f22fdd26454cb2111f
598e3faea5bfce588cbed3206b6c26f921d6c998
13d8c446cbe2089546c4d5f45d35670bf7bfdb2649790880ebc0c672e9a1893a
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 2.3 kB URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
Hash be6fbeac933e98ae2a91244eacfb236c
abb32a307290c23a368636fcfc2f2ed26c94a035
e78ebb972b7908690007518099757112a48120cd1f458ba6e38c6f3d84627c90
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
oherhome.xyz/ZHZKMllLSSlBZABHCEAICR4aaB8uDh93PQkuAmgLNiEAYToyAWxGMABLfQRtVUJ7FCkNEncDfxcCK0YsF0t7FDAKECUPfxJLexxqUFh4C3dUUD8PaEICOlM+WUdsQi0QGncDb1JAeAtuVUdzAGhR
172.67.155.180204 No Content 0 B URL HTTP/2 oherhome.xyz/ZHZKMllLSSlBZABHCEAICR4aaB8uDh93PQkuAmgLNiEAYToyAWxGMABLfQRtVUJ7FCkNEncDfxcCK0YsF0t7FDAKECUPfxJLexxqUFh4C3dUUD8PaEICOlM+WUdsQi0QGncDb1JAeAtuVUdzAGhR
IP 172.67.155.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZHZKMllLSSlBZABHCEAICR4aaB8uDh93PQkuAmgLNiEAYToyAWxGMABLfQRtVUJ7FCkNEncDfxcCK0YsF0t7FDAKECUPfxJLexxqUFh4C3dUUD8PaEICOlM+WUdsQi0QGncDb1JAeAtuVUdzAGhR HTTP/1.1
Host: oherhome.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrUsnKBxjVhl8e1fayR%2B6JRPxoT7PGJ92pygz20BArWtquj1hl2wc3WKkSqTnVDiJTrn9GPRz8JEFCCImQYxmdu6LKCgmEX5QrhPLz5QBhcz0nTK5L%2B3pJa45EYSRJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715dab77fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oherhome.xyz/T3pyd3JgRREETysQJA4RCAowMzcZMiocIwwrNx8XGx00MSMjCVQDGytHRUFDfkJEUQImHk9GVDwOEwMHPEdDURshHB1KVDlHQ1lBe1RATlx/XAdKQ2kOAhYVcktUBwY7Fk9GRHlMQE5FfktLRkV/
172.67.155.180204 No Content 0 B URL HTTP/2 oherhome.xyz/T3pyd3JgRREETysQJA4RCAowMzcZMiocIwwrNx8XGx00MSMjCVQDGytHRUFDfkJEUQImHk9GVDwOEwMHPEdDURshHB1KVDlHQ1lBe1RATlx/XAdKQ2kOAhYVcktUBwY7Fk9GRHlMQE5FfktLRkV/
IP 172.67.155.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /T3pyd3JgRREETysQJA4RCAowMzcZMiocIwwrNx8XGx00MSMjCVQDGytHRUFDfkJEUQImHk9GVDwOEwMHPEdDURshHB1KVDlHQ1lBe1RATlx/XAdKQ2kOAhYVcktUBwY7Fk9GRHlMQE5FfktLRkV/ HTTP/1.1
Host: oherhome.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fwDooWXmLyoN0HKKw5Rkc%2FfI45vXk3QzOP4RQI62i%2FuKFR6vESgwar%2BUqrHpagweHrC%2FLsW4VVJ7cVbJnTdn0RxiBz%2F7Df9mUCkOOds2plqpaGy3pTF6BGLGo8oArA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715dab76fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oherhome.xyz/dGdCRDhbWCE3BRAvCAtpGiEDFVYEUBMBbjIBLAJ5IDIAcFwxImQwURBaenYNTVZzYkgdA393ClIUNiVMARR/dR4dCSQrBVIRf3QWTElzdBZEQTd5CVITMiVfSVZkNEwAC391DkJRcH0PRVZ7dQBA
172.67.155.180204 No Content 0 B URL HTTP/2 oherhome.xyz/dGdCRDhbWCE3BRAvCAtpGiEDFVYEUBMBbjIBLAJ5IDIAcFwxImQwURBaenYNTVZzYkgdA393ClIUNiVMARR/dR4dCSQrBVIRf3QWTElzdBZEQTd5CVITMiVfSVZkNEwAC391DkJRcH0PRVZ7dQBA
IP 172.67.155.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dGdCRDhbWCE3BRAvCAtpGiEDFVYEUBMBbjIBLAJ5IDIAcFwxImQwURBaenYNTVZzYkgdA393ClIUNiVMARR/dR4dCSQrBVIRf3QWTElzdBZEQTd5CVITMiVfSVZkNEwAC391DkJRcH0PRVZ7dQBA HTTP/1.1
Host: oherhome.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIRObSt6TK0FzgHYXChlezHi7RwLJ%2FdOhJDU2onI%2BnNR5oV%2BSbw1VVthqjoyOm8Gf2CYOV%2FqjYFLY5ChFGBU1%2FJaKNyPB6FfbRRz0vxn4zecyqOrBeyUmYa51p7cSY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715dbb7ffac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 165 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash d9a482f3cecac321171489c73ee7a350
fbfe4b8362112dedca078cb027b218bba7cb2996
64156bd3da05f9a15e02c1a0aa9d3999c1098636c47f86bca083bd35f5d55d1c
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
oherhome.xyz/blgyZUlBZ1EWdDdpXjcaBShqBB44IldUAxsBagl+OTVGCy8mNxQRIAplCld8V2kDQzkHPA9We0grRgQ9GysPV3lebxQMJwg3D1dvGGUCS3FAaQJLeUgtD1RvGihTAnRffkIRPQJlA1N/WGoLUnhfYQNdfA
172.67.155.180204 No Content 0 B URL HTTP/2 oherhome.xyz/blgyZUlBZ1EWdDdpXjcaBShqBB44IldUAxsBagl+OTVGCy8mNxQRIAplCld8V2kDQzkHPA9We0grRgQ9GysPV3lebxQMJwg3D1dvGGUCS3FAaQJLeUgtD1RvGihTAnRffkIRPQJlA1N/WGoLUnhfYQNdfA
IP 172.67.155.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blgyZUlBZ1EWdDdpXjcaBShqBB44IldUAxsBagl+OTVGCy8mNxQRIAplCld8V2kDQzkHPA9We0grRgQ9GysPV3lebxQMJwg3D1dvGGUCS3FAaQJLeUgtD1RvGihTAnRffkIRPQJlA1N/WGoLUnhfYQNdfA HTTP/1.1
Host: oherhome.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRnAF8dWOHKmi7vAPLYgbAjtpLwYSmGQzuS2I2Gc%2FPQnaCtpCt9YMrBQud9p58pLlXtVKJ8%2BDJl7Pg4llxteNjvrIdH1cDqPWyHuOYomQrnK%2BN0v9PhjE4QZPk3Yg3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715dcb95fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oherhome.xyz/WGlqN2V3VglEWA0+JGA2NCsHYQgOXTBgLw0LWV8CAlgwUAY1OExDDDxUUgBTa1hSERUxDVcFXH4aHlYRLRpXBkMxBwxYWH4fVwZLaEdcB0toTx8KVH4dGlYCZVhMRxEsBVcGU25fWA5SaVhTBlxt
172.67.155.180204 No Content 0 B URL HTTP/2 oherhome.xyz/WGlqN2V3VglEWA0+JGA2NCsHYQgOXTBgLw0LWV8CAlgwUAY1OExDDDxUUgBTa1hSERUxDVcFXH4aHlYRLRpXBkMxBwxYWH4fVwZLaEdcB0toTx8KVH4dGlYCZVhMRxEsBVcGU25fWA5SaVhTBlxt
IP 172.67.155.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WGlqN2V3VglEWA0+JGA2NCsHYQgOXTBgLw0LWV8CAlgwUAY1OExDDDxUUgBTa1hSERUxDVcFXH4aHlYRLRpXBkMxBwxYWH4fVwZLaEdcB0toTx8KVH4dGlYCZVhMRxEsBVcGU25fWA5SaVhTBlxt HTTP/1.1
Host: oherhome.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQAcw5d7hjfHxwDvsIt4YCijwbuikChk%2BSg1YX5gqcEp8dbbj7SDZ17KIGlLw9RRW7Td98SOKXqzuXXiQvQtUULuZKevnxE%2BxC1p92tAREjhuRFK6oGSQJuz%2B7jadHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715dcb9bfac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TyKyq2Syz7Q
IP 142.250.74.3:0
Hash 8270dc9b5042518dfa259f5ec9f0cbd4
870971fa7a32a319469cb7f07c451b4dfea2846f
31a9af3dc2ae71a5b9681ea1cc57deddce4545f4cd8b779d19051e0bc49a0ce7
POST /s/gts1p5/TyKyq2Syz7Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.bidgear.com/media/img/b15.png
104.26.2.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.2.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 2370795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVybQhqmo2YZGDFQGASCL58obPnpE1mygkfbEfeKt3SLOHGvczS%2BKqtO6QGD6bIZrnFdxTUuoYBZYJGr1J8UBsA8VUabD33ckhiKRr4WXS0dlcflNkaq5LfIgKjNcQOmgPb5s45D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d4715efc92b4f1-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1666297119370
104.26.2.107200 OK 26 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1666297119370
IP 104.26.2.107:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash 61468107c6ea6673e3f99afa22e4b10e
b5f7af0c5b24566c72bac2ec785794de5237116d
975c92362441879e26884c45bdb6b724304f9057d3bfb80b9aa51495e801f67e
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1666297119370 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnnIjhwcBDRDiKF%2FQxs106TspbXaz9PU4CZsuleFl4ZCCU%2FTQ8pCpHOh0%2BugfoquU69EQWkMHLTd6%2Fd3hzBCTDVevBu2rlHqqNjqtezI%2BcRV%2BQ3EreI2Zqo4MkP7H3I%2BUm2IJHaF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715e1b6ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb481980e2c49fc7d318d7c49a0f6773
04762f6afffd4771f7e70f92daf5c28ddd7fed7c
cac4b8593721ecc58e3dfc95719b2597fae797e20504caed208e272d197afe09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAC4B8593721ECC58E3DFC95719B2597FAE797E20504CAED208E272D197AFE09"
Last-Modified: Wed, 19 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19217
Expires: Fri, 21 Oct 2022 01:38:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
dmmzkfd82wayn.cloudfront.net/OckNSOGsRLDxeVAYqNgVcRHJjAF1UKSFXBQJ+PUkyFSoUDwdKEnRMERZ+Yh4HEy01BU0XLTEFWlQiNlpWRmUmSAQZfiFTGBUkPlQcFjZ0TQpPLj1CAh4vMx1ZNHZ8CE5Ac3pAWkNmYXpOQHM+UQUHO3cKWwp7ZGddRmZhek5AcyBOTkECaw5FQmp3ClsVJj-FTBFdxFApbQ3NiCVtDZmAIDRsxN14ECmZgflJEbWIeHk9y
143.204.42.228200 OK 600 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/OckNSOGsRLDxeVAYqNgVcRHJjAF1UKSFXBQJ+PUkyFSoUDwdKEnRMERZ+Yh4HEy01BU0XLTEFWlQiNlpWRmUmSAQZfiFTGBUkPlQcFjZ0TQpPLj1CAh4vMx1ZNHZ8CE5Ac3pAWkNmYXpOQHM+UQUHO3cKWwp7ZGddRmZhek5AcyBOTkECaw5FQmp3ClsVJj-FTBFdxFApbQ3NiCVtDZmAIDRsxN14ECmZgflJEbWIeHk9y
IP 143.204.42.228:0
File type ASCII text, with very long lines (826), with no line terminators
Hash 8bec8afe34ac39b953ccd0a606e856e5
099d4db81ee28d3e94ad642082d886837e51f412
0860877e6edac021972c7a85a128300fcf6116a6f502e9e72314876856004f48
GET /OckNSOGsRLDxeVAYqNgVcRHJjAF1UKSFXBQJ+PUkyFSoUDwdKEnRMERZ+Yh4HEy01BU0XLTEFWlQiNlpWRmUmSAQZfiFTGBUkPlQcFjZ0TQpPLj1CAh4vMx1ZNHZ8CE5Ac3pAWkNmYXpOQHM+UQUHO3cKWwp7ZGddRmZhek5AcyBOTkECaw5FQmp3ClsVJj-FTBFdxFApbQ3NiCVtDZmAIDRsxN14ECmZgflJEbWIeHk9y HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racareewituhi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 600
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dul4UFRKK6ZhKYs9hXubv1jnDil2NBY8HNFAS3NTqzFAJ8ilDiCO-A==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash 313087d856e78d2eb897a1f2698f1759
526ca6b9dd1bfb221daa37b9e7f6aeb960993426
cedf418bd93e73c23d30fc6b6a4d6c42c9e2c36c05bd92baac182c85d3de21bf
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/5VXNjanA2HA0MTyEaB1dHY0dSXkFzGRAFHiVOLBM5PBYoHwMFOCorFTomJEwELxdeWlY5Eg0NTXMWDQlNZFUCDhJoR0UeADoYXhkbJhQEBhwiFxZMBTRODgUKPB8PC1VnNVZEQHBBU0IIZEJGWTJwQVMGGTsGG09CZQtbXC9jR0ZZMnBBUxgGcEAiU0Z7Q0-pPQmUUBgkbOlZRLEJlQlNaQWVCRlhAMxoRDxY6C0ZYNmxFTVpWIE5S
143.204.42.228200 OK 594 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/5VXNjanA2HA0MTyEaB1dHY0dSXkFzGRAFHiVOLBM5PBYoHwMFOCorFTomJEwELxdeWlY5Eg0NTXMWDQlNZFUCDhJoR0UeADoYXhkbJhQEBhwiFxZMBTRODgUKPB8PC1VnNVZEQHBBU0IIZEJGWTJwQVMGGTsGG09CZQtbXC9jR0ZZMnBBUxgGcEAiU0Z7Q0-pPQmUUBgkbOlZRLEJlQlNaQWVCRlhAMxoRDxY6C0ZYNmxFTVpWIE5S
IP 143.204.42.228:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 228401f0b7c8ddd84a6470c2f6b2e568
3873bb817fa4526dfbee4482c5d141817757679f
730ffd883db0b75d3a435321944ee99e814f8ab767388b9bc72610d267f19768
GET /5VXNjanA2HA0MTyEaB1dHY0dSXkFzGRAFHiVOLBM5PBYoHwMFOCorFTomJEwELxdeWlY5Eg0NTXMWDQlNZFUCDhJoR0UeADoYXhkbJhQEBhwiFxZMBTRODgUKPB8PC1VnNVZEQHBBU0IIZEJGWTJwQVMGGTsGG09CZQtbXC9jR0ZZMnBBUxgGcEAiU0Z7Q0-pPQmUUBgkbOlZRLEJlQlNaQWVCRlhAMxoRDxY6C0ZYNmxFTVpWIE5S HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racareewituhi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NipYvziqbeDaOcUlESRwlEeXwqLLucJlwbhP-0oJPe6SjTAcHtPusA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 1.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
Hash 3a78f913f7f2cfa87679518e20e37b6c
3b714349238679fc02239bb2ec5ced774eeab543
16ce19f61688591caf10a757e95934a7d42a3f82c718f35c44b619d5a4715694
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=3e3fbf0e7ce8485885540663a28eaf88&p=28&g=NO&token=4a44335432&tbg=1666297108
104.26.2.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=3e3fbf0e7ce8485885540663a28eaf88&p=28&g=NO&token=4a44335432&tbg=1666297108
IP 104.26.2.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=3e3fbf0e7ce8485885540663a28eaf88&p=28&g=NO&token=4a44335432&tbg=1666297108 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TPkhDu8kYjQeIUgRv2HoAKjsN2aw96DReBo5xVC8LEzKYwnQ3tjlUePesB%2F%2FFJByq4e2TO9K8o9ugsS5vr3t3qyLehCA1ifZ6y8K5w0IcPB5QwHGhFjVVivCRHbLkYH5HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d4715efc94b4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aa4e4decf9754b159cfec13a9fbda4a6
996be3f45d6f1d6edcf8dd0fb5fd28ce8c0f1ddf
a00833ede543721271030f484d6b682de199cb72daef7e6a13bc95284399131a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f290cedd01b4a81b6a04cc063ffae78
bee7247a8fe4989960ee73053fd70ac45859b066
9a334b44fbaf8c430e23d564b2ccc751f1313d60bfe545b49ab4f56cf8d9323d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4593
Cache-Control: max-age=133879
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Etag: "6351031a-1d7"
Expires: Sat, 22 Oct 2022 09:29:47 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
dmmzkfd82wayn.cloudfront.net/TWlZOSTE5OSAvDi4/KnQJbWB9eAl8PD0mXyprLy1UazcJHgNjNSYhAjsTBm9FIDJzeRc2NyAuDHwzICoMa3AvLVNnYmg9QTU9czpaKTEpJV0tMjtvRDtrIyZLMzoiKBRoEHtnAX9kfmFJa2drenN/ZH4lWDQjNmwDai52f25sYmt6c39kfjtHf2UPcAd0Zm-dsA2oxKypaNXN8DwNqZ355AGpna3sBPD88LFc1Lmt7d2NgYHkXL2t/
143.204.42.228200 OK 447 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/TWlZOSTE5OSAvDi4/KnQJbWB9eAl8PD0mXyprLy1UazcJHgNjNSYhAjsTBm9FIDJzeRc2NyAuDHwzICoMa3AvLVNnYmg9QTU9czpaKTEpJV0tMjtvRDtrIyZLMzoiKBRoEHtnAX9kfmFJa2drenN/ZH4lWDQjNmwDai52f25sYmt6c39kfjtHf2UPcAd0Zm-dsA2oxKypaNXN8DwNqZ355AGpna3sBPD88LFc1Lmt7d2NgYHkXL2t/
IP 143.204.42.228:0
File type ASCII text, with very long lines (592), with no line terminators
Hash 0766b82f061772cc4241057933dc46da
535457412b4b9b43b9ed1a9903f6254d9eaf5fb5
cc9b35167975bcf828e8862984bfa265077998993ca083c3b16b37bf89416b4b
GET /TWlZOSTE5OSAvDi4/KnQJbWB9eAl8PD0mXyprLy1UazcJHgNjNSYhAjsTBm9FIDJzeRc2NyAuDHwzICoMa3AvLVNnYmg9QTU9czpaKTEpJV0tMjtvRDtrIyZLMzoiKBRoEHtnAX9kfmFJa2drenN/ZH4lWDQjNmwDai52f25sYmt6c39kfjtHf2UPcAd0Zm-dsA2oxKypaNXN8DwNqZ355AGpna3sBPD88LFc1Lmt7d2NgYHkXL2t/ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racareewituhi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 447
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -oKH8AXxR6eEqJm1-Cz1H7lER1Qe3OhW5zQuVTSqs7TxPzsfxAVr8w==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 20 Oct 2022 18:41:09 GMT
expires: Thu, 20 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5839
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aa4e4decf9754b159cfec13a9fbda4a6
996be3f45d6f1d6edcf8dd0fb5fd28ce8c0f1ddf
a00833ede543721271030f484d6b682de199cb72daef7e6a13bc95284399131a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/kY3k5bTcAFlcLCBcQXVAOV0ABWwNFE0oCWRNEcFxdMjtrIE02LFMqVQ86SUtDGR0EXREPGFcKCkUcVw4KUl9YCVVeTR8YVl4UVhdeDxVYSAUlTBddElFJERUGUlwKLxJRSVUEWRYBHF8HG0EPMgFXXAovElFJSxsSUDgAWxlTUBxfBwQcWgZYRkt/XwdSSQ-lcB1JcC11RCgtcC1gbXAsrDlVXCUtCXkg
143.204.42.228200 OK 189 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/kY3k5bTcAFlcLCBcQXVAOV0ABWwNFE0oCWRNEcFxdMjtrIE02LFMqVQ86SUtDGR0EXREPGFcKCkUcVw4KUl9YCVVeTR8YVl4UVhdeDxVYSAUlTBddElFJERUGUlwKLxJRSVUEWRYBHF8HG0EPMgFXXAovElFJSxsSUDgAWxlTUBxfBwQcWgZYRkt/XwdSSQ-lcB1JcC11RCgtcC1gbXAsrDlVXCUtCXkg
IP 143.204.42.228:0
File type ASCII text, with no line terminators
Hash d97ca86e9059233f05e6ca29f5293ec1
03755135797794da2d3554538ea5485f1907b454
4c38ef4ef274efe3442ada10e54c346d12900c3c6e70b4e7a9917cc5e55ba563
GET /kY3k5bTcAFlcLCBcQXVAOV0ABWwNFE0oCWRNEcFxdMjtrIE02LFMqVQ86SUtDGR0EXREPGFcKCkUcVw4KUl9YCVVeTR8YVl4UVhdeDxVYSAUlTBddElFJERUGUlwKLxJRSVUEWRYBHF8HG0EPMgFXXAovElFJSxsSUDgAWxlTUBxfBwQcWgZYRkt/XwdSSQ-lcB1JcC11RCgtcC1gbXAsrDlVXCUtCXkg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racareewituhi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MhqwpN1GRlyXMsj-5TU8XTvMEL1XCptOg0om3dGg8w1XRQmnKTx_wQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/YSHZJaTMrGScPDDwfLVQLekNwWAJuHDoGXThLIjBCJU4YG2B7RwsEaW4CMw0OeFAlCF0vS28MXStLeE9SLBR0XRU8BiYCDj0YLQxVIRgsDRU9F3QEXDIfJQVSbUQPXB14U3tZGzBHeEwAClN7WV8hGDwRFnpGMVEFF0B9TAAKU3tZQT5TeigKflh5QBZ6Ri-4MUCMZbFt1ekZ4WQN5RnhMAXgQIBtWLhkxTAEOT39HA24DdFg
143.204.42.228200 OK 353 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/YSHZJaTMrGScPDDwfLVQLekNwWAJuHDoGXThLIjBCJU4YG2B7RwsEaW4CMw0OeFAlCF0vS28MXStLeE9SLBR0XRU8BiYCDj0YLQxVIRgsDRU9F3QEXDIfJQVSbUQPXB14U3tZGzBHeEwAClN7WV8hGDwRFnpGMVEFF0B9TAAKU3tZQT5TeigKflh5QBZ6Ri-4MUCMZbFt1ekZ4WQN5RnhMAXgQIBtWLhkxTAEOT39HA24DdFg
IP 143.204.42.228:0
File type ASCII text, with very long lines (453), with no line terminators
Hash 068cf6f91556db865f4a3f4737b620c0
798e8d8dac6a048aa9ce3d2a737a9fc6c956a4ec
4f6b1489abc2cfd366f1492f37a1d8956851007a30d79b538797609bdc5e1648
GET /YSHZJaTMrGScPDDwfLVQLekNwWAJuHDoGXThLIjBCJU4YG2B7RwsEaW4CMw0OeFAlCF0vS28MXStLeE9SLBR0XRU8BiYCDj0YLQxVIRgsDRU9F3QEXDIfJQVSbUQPXB14U3tZGzBHeEwAClN7WV8hGDwRFnpGMVEFF0B9TAAKU3tZQT5TeigKflh5QBZ6Ri-4MUCMZbFt1ekZ4WQN5RnhMAXgQIBtWLhkxTAEOT39HA24DdFg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racareewituhi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 353
date: Thu, 20 Oct 2022 20:18:28 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YN-25YJ0cSEWY4s9ycr_LxdIfS6myZRXsmSYv2ygSNFZw_i5Qr7rZg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash a20f9db1d899ed777b60089d4b468e4c
979a87d969a6105e282695d75defa63093b5ec95
2d9e74124303273fcba3c12883c9d2f6808ff4c527b85d323fd791527a372125
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 Oct 2022 20:18:28 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-620138976%3A1666297108477914&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpLuPYI3yzaeU9p6hl9PyubCCuI635sAMSBEnjaQkHDzOpfUJHFF2-mxDQz1lDTAKbh382qfw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-CvSsNmvUkMRb5G5Sq-CMpA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:AmxSok7vMHPhGbJh-t_LWm5pEDYolg:s3Yncwmyz9P54W_P;Path=/;Expires=Sat, 19-Oct-2024 20:18:28 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j98&a=130363692&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&ul=en-us&de=UTF-8&dt=Lake.v1.0.10.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1207278870&gjid=969401821&cid=625845589.1666297120&tid=UA-108868042-1&_gid=1826664952.1666297120&_r=1>m=2ouaj0&z=504136729
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=130363692&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&ul=en-us&de=UTF-8&dt=Lake.v1.0.10.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1207278870&gjid=969401821&cid=625845589.1666297120&tid=UA-108868042-1&_gid=1826664952.1666297120&_r=1>m=2ouaj0&z=504136729
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=130363692&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&ul=en-us&de=UTF-8&dt=Lake.v1.0.10.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1207278870&gjid=969401821&cid=625845589.1666297120&tid=UA-108868042-1&_gid=1826664952.1666297120&_r=1>m=2ouaj0&z=504136729 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Thu, 20 Oct 2022 20:18:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 57d606a44031e471495abdd6dffc21db
c2997cc2bc452a22ce3896250a8bb2b10cb35804
8b9dccff6603d8ba8d863221cc00226a611b6a9a4199731e84748f7673604698
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 Oct 2022 20:18:28 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S302226912%3A1666297108495771&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpOHu9GhtTj1eQBVti10IMuBnXj3j4ZPP45o5KdYFmD9wavYNu-fddWSrquIF-bzuX5Pn-UrA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-AJt1nGawlzzYpuTkiHdJTg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:G66fB2hpmvORnc7GHrOolZ2Ml9QKpQ:Q6ELI9c9J8oEnXl8;Path=/;Expires=Sat, 19-Oct-2024 20:18:28 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
racareewituhi.xyz/utx?cb=z9XpdsnSyI7S&top=megaup.net&tid=761186
65.9.44.69204 No Content 0 B URL HTTP/2 racareewituhi.xyz/utx?cb=z9XpdsnSyI7S&top=megaup.net&tid=761186
IP 65.9.44.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=z9XpdsnSyI7S&top=megaup.net&tid=761186 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 20 Oct 2022 20:19:28 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: lcIpkeGviYBMpsrwKIAd9ZQyW2KJ4B1qof7pJVmjEghYzJa1MnQ4Jg==
X-Firefox-Spdy: h2
racareewituhi.xyz/utx?cb=w6bR6FuOkNuD&top=megaup.net&tid=825911
65.9.44.69204 No Content 0 B URL HTTP/2 racareewituhi.xyz/utx?cb=w6bR6FuOkNuD&top=megaup.net&tid=825911
IP 65.9.44.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=w6bR6FuOkNuD&top=megaup.net&tid=825911 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 20 Oct 2022 20:19:28 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: _TjYdlnORbgKRH7xUrRcqX04mt_4zqSgPq5y1iA0tuJ4UvGawK05BQ==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.248200 OK 787 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1046), with no line terminators
Hash 0bdcf5d234fd61a036c1ae834ed26b99
67902de943f47f01e94b76e1d162892119c5b8f1
6dc38bd4a05e3ab7c1dd02bfbc470708ac4a1a4095e6450a1f482b250e2bdddc
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 279
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 20:18:28 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226351ad1478ef58.31603643230681253%22%3B%7D; expires=Sat, 19-Oct-2024 20:18:28 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9913b2fe72036775e678417cac56a8df
27c2b0d99c3827f12c343763d8ba33c6e2d73188
32c6987be8e8c289fbb1f31350783dbc22003be71e80aa3d4acb293b434d805e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f290cedd01b4a81b6a04cc063ffae78
bee7247a8fe4989960ee73053fd70ac45859b066
9a334b44fbaf8c430e23d564b2ccc751f1313d60bfe545b49ab4f56cf8d9323d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4593
Cache-Control: max-age=133879
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Etag: "6351031a-1d7"
Expires: Sat, 22 Oct 2022 09:29:47 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
racareewituhi.xyz/utx?cb=zXcjOe8X9JAm&top=megaup.net&tid=876318
65.9.44.69204 No Content 0 B URL HTTP/2 racareewituhi.xyz/utx?cb=zXcjOe8X9JAm&top=megaup.net&tid=876318
IP 65.9.44.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=zXcjOe8X9JAm&top=megaup.net&tid=876318 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 20 Oct 2022 20:19:28 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: iPxGg61SPfLkLQ3L9ITsl63JThy_IaYI0zju5AuQsmsoWj682yw5CQ==
X-Firefox-Spdy: h2
racareewituhi.xyz/utx?cb=CsUa4sLCGoAV&top=megaup.net&tid=764141
65.9.44.69204 No Content 0 B URL HTTP/2 racareewituhi.xyz/utx?cb=CsUa4sLCGoAV&top=megaup.net&tid=764141
IP 65.9.44.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=CsUa4sLCGoAV&top=megaup.net&tid=764141 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 20 Oct 2022 20:19:28 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: S-b9wOVhg_6fT1hCv5eMGdl1FkFm3pXVl3x9C8G4QKc66KPgLMSqHw==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02Q3UoEMQyFX8UX2JLfNtlrrxUUH2Bm2nrlIqiwQh7ezAjL9qMkhZxz2hIQnRBOBA9Yz2hnsnAsDkWooEo8Pb+EYHyM9+Xns1zGdzB6JYjqDpLDLEY1RKqg1VDEEPKqTULMGoJAoAYHJKQssncFALhyGMTb6+OxMaFggCtpSo7gQKCQPMA1A1lx6SjNxlQrjDUthImhGqZzkAtpN98WhbpNX7WzjL7yutrobew+9w+BfwpgivdwuHHCo+SCOLrl6/eyRdyN7OhNhPktzQdMhb5S27CNubh5t+l1bnmnP/C7aK9qAQAA
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02Q3UoEMQyFX8UX2JLfNtlrrxUUH2Bm2nrlIqiwQh7ezAjL9qMkhZxz2hIQnRBOBA9Yz2hnsnAsDkWooEo8Pb+EYHyM9+Xns1zGdzB6JYjqDpLDLEY1RKqg1VDEEPKqTULMGoJAoAYHJKQssncFALhyGMTb6+OxMaFggCtpSo7gQKCQPMA1A1lx6SjNxlQrjDUthImhGqZzkAtpN98WhbpNX7WzjL7yutrobew+9w+BfwpgivdwuHHCo+SCOLrl6/eyRdyN7OhNhPktzQdMhb5S27CNubh5t+l1bnmnP/C7aK9qAQAA
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02Q3UoEMQyFX8UX2JLfNtlrrxUUH2Bm2nrlIqiwQh7ezAjL9qMkhZxz2hIQnRBOBA9Yz2hnsnAsDkWooEo8Pb+EYHyM9+Xns1zGdzB6JYjqDpLDLEY1RKqg1VDEEPKqTULMGoJAoAYHJKQssncFALhyGMTb6+OxMaFggCtpSo7gQKCQPMA1A1lx6SjNxlQrjDUthImhGqZzkAtpN98WhbpNX7WzjL7yutrobew+9w+BfwpgivdwuHHCo+SCOLrl6/eyRdyN7OhNhPktzQdMhb5S27CNubh5t+l1bnmnP/C7aK9qAQAA HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226351ad1478ef58.31603643230681253%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 20:18:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226351ad1478ef58.31603643230681253%22%3B%7D; expires=Sat, 19 Oct 2024 20:18:28 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%226351ad1478ef58.31603643230681253%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sat, 19 Oct 2024 20:18:28 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6db2fbbe875c96e0885d811f09a37e2a
8a693e9fd49c8bbb63880ac6ffb9b1fa6a83962d
148b466bc1cff5826f10d3021931fd4a22075c062516511800d6cf9f1a749127
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "148B466BC1CFF5826F10D3021931FD4A22075C062516511800D6CF9F1A749127"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18737
Expires: Fri, 21 Oct 2022 01:30:45 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4fff296535ac604d2e8a207926537fa6
6b8efdca84b410f253dd3fc7c633488c68feb3f6
6ac4d8b3957509d89c3e99dccbe07e1af2f581e4c3070ba8632ffe542657ea2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=162640
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 20:18:28 GMT
Etag: "635170c5-139"
Expires: Sat, 22 Oct 2022 17:29:08 GMT
Last-Modified: Thu, 20 Oct 2022 16:01:09 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
racareewituhi.xyz/multi?cs=cGxjcEVHWVBCcENbWkJ1RllVSHE&abt=0&red=1&sm=76&k=download%20file%20lake&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_d1G2=1666297119902&crc=1
65.9.44.69200 OK 1.5 kB URL HTTP/2 racareewituhi.xyz/multi?cs=cGxjcEVHWVBCcENbWkJ1RllVSHE&abt=0&red=1&sm=76&k=download%20file%20lake&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_d1G2=1666297119902&crc=1
IP 65.9.44.69:0
File type ASCII text, with very long lines (3223), with no line terminators
Hash 27705766c7218accf5360ee600b91ccf
4c7416918535de51f52f74a7928e9e8b26d046b9
38c0b0e7bb5bab0ae57e3bf469d051a04a71647debefa7b80109c70ec5a10965
GET /multi?cs=cGxjcEVHWVBCcENbWkJ1RllVSHE&abt=0&red=1&sm=76&k=download%20file%20lake&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_d1G2=1666297119902&crc=1 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1512
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=596a6a95-56ce-4f14-bf5d-e1ff71c6d4b8
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 4g7xO-LEIJIFYVQS3tGUdzwXvE3__HLqHu7W-hgTt2HG3T8IXyuTDA==
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10619698
X-HW: 1666297108.dop209.sk1.t,1666297108.cds258.sk1.shn,1666297108.cds258.sk1.c
Access-Control-Allow-Origin: *
a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdK6V0rpnSuldK6V0zpXSumdXRVNntNTZbvxVbHRNXLRXTRPRLXbNPVQ6e6mera27XOqWvXi7SrainfbSjTS3fazd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
66.254.114.171200 OK 14 kB URL HTTP/2 a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdK6V0rpnSuldK6V0zpXSumdXRVNntNTZbvxVbHRNXLRXTRPRLXbNPVQ6e6mera27XOqWvXi7SrainfbSjTS3fazd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
IP 66.254.114.171:0
Hash eceec75867f31e78a0fbc81647b9a43b
9e4a8b8ee3ddd97a598ea8989051bf5fce43ff2c
95ecf7836e8c2c434ea5ef8c008a807a4ed403b10a57a4fe4b38308e92d95f3e
GET /get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdK6V0rpnSuldK6V0zpXSumdXRVNntNTZbvxVbHRNXLRXTRPRLXbNPVQ6e6mera27XOqWvXi7SrainfbSjTS3fazd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KHmNRrRShTSwljGkNAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7078; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6351AD14-42FE72AB01BBAA66-43CD6B4
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/a7/creatives/39/1187/805702/1030390/1030390_logo.png
205.185.208.20200 OK 16 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/1187/805702/1030390/1030390_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2aaacb14c0816c811151f7e5ad369e9f
2b51b630dcbbdcd9cb0e9c298a5d4323de0f19f5
c6f084bf2cbf871312c3c508455dfeff2bb11dc8909d98ab1a43897b16bedf4e
GET /a7/creatives/39/1187/805702/1030390/1030390_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: Keep-Alive
ETag: "1651515015"
Content-Length: 15603
Content-Type: image/png
Last-Modified: Mon, 02 May 2022 18:10:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10766888
X-HW: 1666297108.dop232.sk1.t,1666297108.cds208.sk1.shn,1666297108.dop232.sk1.t,1666297108.cds247.sk1.c
Access-Control-Allow-Origin: *
racareewituhi.xyz/utx?tid=832633&top=megaup.net&cb=dmvOFfexXY8Q
65.9.44.69204 No Content 0 B URL HTTP/2 racareewituhi.xyz/utx?tid=832633&top=megaup.net&cb=dmvOFfexXY8Q
IP 65.9.44.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=dmvOFfexXY8Q HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 20:18:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 20 Oct 2022 20:19:28 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: c3AN1_yGNeQnPotKtKlKA0_Tkkp3mAEEqMPPEURDvh2iyWs8SPHUMg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e55279f546a1cff34615dc7974de0c95
f1dd31de29c5d1444378da90fe70508d523d6487
f08eba506dc7a29f7f5f4df0e244d3bd51c9459872b4b1994842ca9c72738516
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F08EBA506DC7A29F7F5F4DF0E244D3BD51C9459872B4B1994842CA9C72738516"
Last-Modified: Tue, 18 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18698
Expires: Fri, 21 Oct 2022 01:30:06 GMT
Date: Thu, 20 Oct 2022 20:18:28 GMT
Connection: keep-alive
hw-cdn2.ang-content.com/a7/creatives/39/1187/805702/1030390/1030390_video.mp4
205.185.208.20206 Partial Content 241 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/1187/805702/1030390/1030390_video.mp4
IP 205.185.208.20:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 241 kB (241322 bytes)
Hash 52c9ace410c8a18974ce86f153b0ef35
6d56cd1072cdf6cea723e26e7027c5c24b035886
01a7d757be5a8e5f1cc060a74cc6f8e2ac5ff4a79e1062c9b9676333b16aceec
GET /a7/creatives/39/1187/805702/1030390/1030390_video.mp4 HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Thu, 20 Oct 2022 20:18:29 GMT
Connection: Keep-Alive
ETag: "1651516075"
Content-Length: 241322
Content-Range: bytes 0-241321/241322
Content-Type: video/mp4
Last-Modified: Mon, 02 May 2022 18:27:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10384812
X-HW: 1666297108.dop232.sk1.t,1666297108.cds208.sk1.shn,1666297109.dop232.sk1.t,1666297109.cds014.sk1.c
Access-Control-Allow-Origin: *
racareewituhi.xyz/floater?cs=Y014U3pXfUxqS1J6SGBLWn9OZUo&abt=0&red=1&sm=83&k=download%20file%20lake&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_h6GP=1666297119905&crc=1
65.9.44.69200 OK 1.9 kB URL HTTP/2 racareewituhi.xyz/floater?cs=Y014U3pXfUxqS1J6SGBLWn9OZUo&abt=0&red=1&sm=83&k=download%20file%20lake&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_h6GP=1666297119905&crc=1
IP 65.9.44.69:0
File type ASCII text, with very long lines (3039), with no line terminators
Hash b468124080ae2e69030971bd08a7d26b
45ccf71720a9bd3f8067ca3897563f3bf96d24ab
e036f00b6ba9be6a0aae0f7118ae2e5a7cc63611ab35bbed2db9876b617481fa
GET /floater?cs=Y014U3pXfUxqS1J6SGBLWn9OZUo&abt=0&red=1&sm=83&k=download%20file%20lake&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F17Dm4%2FLake.v1.0.10.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_h6GP=1666297119905&crc=1 HTTP/1.1
Host: racareewituhi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1900
date: Thu, 20 Oct 2022 20:18:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=13cf85a0-b844-4422-8c57-45c32c4b1372
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5a96272b81254403ef5ef083d36ce62a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: q1S3nEiLtFzOfjoCpiDyEra3PFF5_kBctyENzDKTD7HsskAwfwfLcg==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 102 kB IP 172.64.198.35:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5928
last-modified: Thu, 20 Oct 2022 18:39:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbaQlBh7LVAWK1Bz56SeyKHB50ni1%2FjlIJh5nxSzSkaEDFD1rWzTlvlmrh9t%2BCnCb8UnJIgEwuerjYwwD7GM0CNz4KkFMqX0oAkqnaoJpZEvHtiRLd6eL72Q3gCvAoov"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d47160b9a888b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0; _ga=GA1.2.625845589.1666297120; _gid=GA1.2.1826664952.1666297120; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:29 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash 47206ef409ccf294242526e58fcb21a3
2b43f9e2b16ccf7b08e6401ce13d2ce34cd74fd5
bb6764ef7027ca2016a2205ee1b6ce0e0e10a25745c53da0701aa99aff629aff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 20:18:29 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 09:53:48 GMT
Expires: Tue, 25 Oct 2022 09:53:47 GMT
Etag: "2b43f9e2b16ccf7b08e6401ce13d2ce34cd74fd5"
Cache-Control: max-age=393917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d47163dfdbfac8-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18701
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 20:18:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18701
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 20:18:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18701
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 20:18:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18701
Expires: Fri, 21 Oct 2022 01:30:10 GMT
Date: Thu, 20 Oct 2022 20:18:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc696c41b037c43afe2039706b5bf4d4
82eddbb839a78c0584a67ed57523af489e57a290
4dbeff5715c19055cd43e3b9f70f5a8f12e24f134fe286cb494c873c339f7c5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7143
x-amzn-requestid: a6b294ee-febd-4346-8b94-943105d558a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9LHTvoAMFYrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d20-4107c22b75adea7139bde747;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VOU0lwkU5dgkiI_ubndzd_ZY1EUmKeW8nLkZI4nHDdjq6TjYQ8TuDA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:28 GMT
age: 81121
etag: "82eddbb839a78c0584a67ed57523af489e57a290"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ee7bd4412c0b0eb678b9d53b07bdd9a
a8ba1a075a9c5501d043b9b14c45ed6bcd684e68
2499b2c4414108ed742986b90ca2a1b60c3fd65a82a78322031263650e935c7e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 343fc462-3654-48cb-bb4f-0d0d54c07b58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9REoMoAMF21g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d21-152a7b145b9fcb0e0a97db57;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4b3RT-THlt6W7NHL9Tu35gWrOeJ1aNALztrgXSkSwdT-14ccmz7gtg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:49:35 GMT
age: 80934
etag: "a8ba1a075a9c5501d043b9b14c45ed6bcd684e68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fd91971508ef6f5985a0017dfcdd73e
e94567c4fe3adade32f19c8c3053a486fe8c3ac9
34966351275d61a81528a5b5eedef55878d9f7b9c0af311ead9471dda8a02e41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7098
x-amzn-requestid: 2f4f7eac-181e-4fe2-b3de-5b22e9e9b9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYSPGRMIAMFZAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506da7-42ed935836382b62301fc3e5;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:35:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JJm8noqjbY7Y8effNKjyVb5D_zbRTxuCTLFif9a5lZLcTPard05YZA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:53:58 GMT
age: 80671
etag: "e94567c4fe3adade32f19c8c3053a486fe8c3ac9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:27 GMT
age: 81122
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcc42276-58e0-44a1-ba94-5b3453272db2.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcc42276-58e0-44a1-ba94-5b3453272db2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8c114a60cf05283c8a18226fe8efc00
98137fbe034dc76a3556b05d7df5b3bd0db80ade
ae4f2aae178e05a2e73ff51e5c10d40611878c38e627f24be77e333f4cd480c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcc42276-58e0-44a1-ba94-5b3453272db2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5367
x-amzn-requestid: cbee5bf1-e9eb-48c9-baf1-47fa6f4ed09a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYR-HcdIAMFfQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506da6-5e817a2a3104875f4eba1e92;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:35:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Cz_87qSZ0JZiIeijV9ifW9LOE4tEGB01rFNkSybsTdkzjtmPK1tqsw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:03 GMT
etag: "98137fbe034dc76a3556b05d7df5b3bd0db80ade"
content-type: image/jpeg
age: 81146
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa40305eef05745db4726fd428bd8b84
b957772b40c2485d9a50038d9ffa490f85fe1db9
19735ce0eebf21dd8029a7d0766061ad446232b20b2ac3c9d8b138b263f8fde2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9746
x-amzn-requestid: 483d8ab7-5f45-489a-b610-ae9fe9d635d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1AKaEtcIAMFxnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634513dc-027bf86916a9f9dd239ce02f;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 06:57:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YJFRu-zAnxhzjiQ_cfOEkULZSnPEPH_F4wQV0PLL075O7BhCX_q4kg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 07:50:14 GMT
age: 44895
etag: "b957772b40c2485d9a50038d9ffa490f85fe1db9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ictastesnly.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ictastesnly.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 358
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406726/300x250?region=eu-central-1
148.251.194.214200 OK 621 kB URL HTTP/2 static.a-ads.com/a-ads-banners/406726/300x250?region=eu-central-1
IP 148.251.194.214:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 621 kB (621339 bytes)
Hash c8694e7d5d3b9a928d4d57026ac2b68b
169b9f311167e19bd5061b53fc7e4f528e3ba7a9
0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a
GET /a-ads-banners/406726/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:29 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: tOPtciixCFsI1X1cWHQ2EQcKGUyjZmRbbY8xlYgkgYuwOueDF0quO2SRefudKbapQzyiISgV4aM=
x-amz-request-id: AYCCVV9WX0BC5RW4
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:17:07 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: l7g2z8n8o3P0JZBeDlDbjyxYm7y10CcR
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ictastesnly.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ictastesnly.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83362ff27176af6a94b2a456c40af1d6
f58c3a81d3f34ebad9051aea3b02daab5f1b0544
ed21bbbdb9372234cdd20a36b24192f99d1403ff0fe22ba115940a4de52c483d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED21BBBDB9372234CDD20A36B24192F99D1403FF0FE22BA115940A4DE52C483D"
Last-Modified: Wed, 19 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18785
Expires: Fri, 21 Oct 2022 01:31:36 GMT
Date: Thu, 20 Oct 2022 20:18:31 GMT
Connection: keep-alive
xml.serve-servee.com/thumbnail?i=KBuT9TwuRmM_0&imgt=icon
172.64.110.7302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=KBuT9TwuRmM_0&imgt=icon
IP 172.64.110.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=KBuT9TwuRmM_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 20 Oct 2022 20:18:31 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/300x300_58WI16nCDUlFaScngmKD.jpeg
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gi%2FXCK2fG%2BcbMhgpY0D2IksEk4d6esxmIULkPLgA0wqF6VZYQuE6oXY5HdLlcxmumayYC1NUs9xFqIcDIpHQWKjGR%2Fbf64JbO%2FHlVtWcnT1gH4aVtGoW8M3XmOpI88ZHTnLZDKZ2Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d471722d1d8895-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 116 kB IP 172.64.198.35:0
Size 116 kB (115839 bytes)
Hash 3f3885f4ecd7a05eb24736af4963d7c5
c614931d673dffe6ffcdbe293a643bdbfdfc2bcf
f5e006fc7a13bae4872fda84c16932f3a860eb18698e720827a9fd4b8cb7dd41
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5928
last-modified: Thu, 20 Oct 2022 18:39:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiNigiAHZX8MjYZaNvfnpd5HdrAA8EM5W19AzDZ9CKqu9EvZQAAR7Xq4k1fvnF9dYpvni4f68dx8zoEib65YocWf1zG53AP3AVY1wJXRKgV4Ax653t2RiIUKMiEwSIER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d47160b9ab88b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 103 kB IP 172.64.198.35:0
Size 103 kB (102745 bytes)
Hash 007f256e351e020a66fcfa25756bd355
8e2efb7812d233b501916033e34267549b1a16e0
1314bb78e864520585488811a1e5f9c01a25318d397dd5237bc246210b596c11
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5928
last-modified: Thu, 20 Oct 2022 18:39:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cd6MBGHQ639nZpFhPnmta9HOBJ3BQBiFCr939qxlmBVRlY8F7THxE4puAs2u9VEB3nb%2F7DmwMkalw5GJlr2A%2B68VKwqJy4WLc8na78crqVHyRS4uYOnx00LyNigbDoK0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d47160b9a488b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0; _ga=GA1.2.625845589.1666297120; _gid=GA1.2.1826664952.1666297120; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:34 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: SdlQqHB8qMAEB9SnlF0PMXFh2mQipuTReKZ3UjWXoD53K3wKLJGBW9DIKH9VK2FDABmGgsJYZU8WWOrdtFOPSg==
date: Thu, 20 Oct 2022 20:18:28 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S302226912%3A1666297108495771&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpOHu9GhtTj1eQBVti10IMuBnXj3j4ZPP45o5KdYFmD9wavYNu-fddWSrquIF-bzuX5Pn-UrA
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S302226912%3A1666297108495771&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpOHu9GhtTj1eQBVti10IMuBnXj3j4ZPP45o5KdYFmD9wavYNu-fddWSrquIF-bzuX5Pn-UrA
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S302226912%3A1666297108495771&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpOHu9GhtTj1eQBVti10IMuBnXj3j4ZPP45o5KdYFmD9wavYNu-fddWSrquIF-bzuX5Pn-UrA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 Oct 2022 20:18:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-uUTIsMfQDImOBCt0gdLuWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/17Dm4/Lake.v1.0.10.rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/17Dm4/Lake.v1.0.10.rar
IP 91.209.70.182:0
GET /17Dm4/Lake.v1.0.10.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0; expires=Fri, 21-Oct-2022 20:18:27 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5928
last-modified: Thu, 20 Oct 2022 18:39:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQwMNGQGwlsWrPvDmFTgZdSrxmQlZqEVvjTIuSXb7QTTHRvjzO6%2BHniM4UMRILnRKSb%2BwtiYQuGYom6ljsj0W7atkRCv2cD%2BNmyRmuA65gQv7ENaRUYQ%2FbYewB54Qvka"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d47160b9a588b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/imageads/005.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/imageads/005.gif
IP 91.209.70.182:0
GET /imageads/005.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: image/gif
content-length: 216289
last-modified: Thu, 02 Aug 2018 19:05:08 GMT
vary: Accept-Encoding
etag: "5b6355e4-34ce1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?SGdseFMTRVRLYX5UX1p%2EakVAWjV8A1VNYi0DQUtjeF5BTGt%2EAUFANX5SQUBiKl4NT2QtVlkbNWpLThthewYNSGFwSl1NZ3pKWE4yLkpVT2V4SlRLNX9XD0xmeAMJSXFkRR8PcWRFBRsnKRQYHSAmCxVWMT0dFlp%2EalZcVmZqSwoZPzsCQB4yJBQJVDUpCx8dDg
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?SGdseFMTRVRLYX5UX1p%2EakVAWjV8A1VNYi0DQUtjeF5BTGt%2EAUFANX5SQUBiKl4NT2QtVlkbNWpLThthewYNSGFwSl1NZ3pKWE4yLkpVT2V4SlRLNX9XD0xmeAMJSXFkRR8PcWRFBRsnKRQYHSAmCxVWMT0dFlp%2EalZcVmZqSwoZPzsCQB4yJBQJVDUpCx8dDg
IP 91.209.70.182:0
GET /sw.js?SGdseFMTRVRLYX5UX1p%2EakVAWjV8A1VNYi0DQUtjeF5BTGt%2EAUFANX5SQUBiKl4NT2QtVlkbNWpLThthewYNSGFwSl1NZ3pKWE4yLkpVT2V4SlRLNX9XD0xmeAMJSXFkRR8PcWRFBRsnKRQYHSAmCxVWMT0dFlp%2EalZcVmZqSwoZPzsCQB4yJBQJVDUpCx8dDg HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0; _ga=GA1.2.625845589.1666297120; _gid=GA1.2.1826664952.1666297120; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ictastesnly.buzz/UVdEZDYKdXxXBGdkd0Yac3VoRlBlM31RBzQzaVcGYW5pUA5mMWlcUGdiaVwHM24lUwE0ZnEHUHN7ZgcEYjYlVARpenVRAmN6cFJXN3p9UwBhenxXUGZnJ1ADYTMhVRR9dTcTFH11LQdCMCQwAUU%2EOz1KVCQtPkYac2Z0SgNzeyIFWiIyaAJXPSQhSFAwOzcBaw
107.22.28.167200 OK 0 B URL HTTP/2 ictastesnly.buzz/UVdEZDYKdXxXBGdkd0Yac3VoRlBlM31RBzQzaVcGYW5pUA5mMWlcUGdiaVwHM24lUwE0ZnEHUHN7ZgcEYjYlVARpenVRAmN6cFJXN3p9UwBhenxXUGZnJ1ADYTMhVRR9dTcTFH11LQdCMCQwAUU%2EOz1KVCQtPkYac2Z0SgNzeyIFWiIyaAJXPSQhSFAwOzcBaw
IP 107.22.28.167:0
GET /UVdEZDYKdXxXBGdkd0Yac3VoRlBlM31RBzQzaVcGYW5pUA5mMWlcUGdiaVwHM24lUwE0ZnEHUHN7ZgcEYjYlVARpenVRAmN6cFJXN3p9UwBhenxXUGZnJ1ADYTMhVRR9dTcTFH11LQdCMCQwAUU%2EOz1KVCQtPkYac2Z0SgNzeyIFWiIyaAJXPSQhSFAwOzcBaw HTTP/1.1
Host: ictastesnly.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: db36bf380f8744f6525e2a9893a5e7e7=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8446-o8yiw9UStvWqaRnTjhSvPTN5UXs"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17Dm4/Lake.v1.0.10.rar
Connection: keep-alive
Cookie: filehosting=r5fplaq11o44c0dgip79ovf8o0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTE4NyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDMwMzkwIiwic3YiOiI1NjQ5IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTcuOTkiLCJ0aWQiOiIxIiwiaXQiOiIyMFwvT2N0XC8yMDIyOjIwOjE4OjI4ICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjM1Ljc5Iiwic25jY2lkIjoiMTg5MDk2MCIsImlpZCI6ImMwNTVhZmRiN2UyZWJjYzYzNjVkZTA2OTBhMzEwNDgwIiwiZXh0X2lpZCI6IiJ9?unique_view=1
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTE4NyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDMwMzkwIiwic3YiOiI1NjQ5IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTcuOTkiLCJ0aWQiOiIxIiwiaXQiOiIyMFwvT2N0XC8yMDIyOjIwOjE4OjI4ICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjM1Ljc5Iiwic25jY2lkIjoiMTg5MDk2MCIsImlpZCI6ImMwNTVhZmRiN2UyZWJjYzYzNjVkZTA2OTBhMzEwNDgwIiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP 66.254.114.171:0
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTE4NyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDMwMzkwIiwic3YiOiI1NjQ5IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1BDX05US19UR1BUUzVfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTcuOTkiLCJ0aWQiOiIxIiwiaXQiOiIyMFwvT2N0XC8yMDIyOjIwOjE4OjI4ICswMDAwIiwiY2MiOiIzIiwic25jaWQiOiIxMDI3NjgiLCJjaWQiOiIzODA3MSIsImV4dF91aWQiOiIiLCJjcCI6IjM1Ljc5Iiwic25jY2lkIjoiMTg5MDk2MCIsImlpZCI6ImMwNTVhZmRiN2UyZWJjYzYzNjVkZTA2OTBhMzEwNDgwIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdK6V0rpnSuldK6V0zpXSumdXRVNntNTZbvxVbHRNXLRXTRPRLXbNPVQ6e6mera27XOqWvXi7SrainfbSjTS3fazd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
Cookie: adtool_guid=Ch5KHmNRrRShTSwljGkNAg==; RNLBSERVERID=ded7078
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 20 Oct 2022 20:18:29 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 6351AD14-42FE72AB01BBAA66-43CD725
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
148.251.194.214200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 148.251.194.214:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 20:18:29 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-620138976%3A1666297108477914&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpLuPYI3yzaeU9p6hl9PyubCCuI635sAMSBEnjaQkHDzOpfUJHFF2-mxDQz1lDTAKbh382qfw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-620138976%3A1666297108477914&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpLuPYI3yzaeU9p6hl9PyubCCuI635sAMSBEnjaQkHDzOpfUJHFF2-mxDQz1lDTAKbh382qfw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-620138976%3A1666297108477914&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpLuPYI3yzaeU9p6hl9PyubCCuI635sAMSBEnjaQkHDzOpfUJHFF2-mxDQz1lDTAKbh382qfw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 Oct 2022 20:18:28 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-0M0JIWRlgDB4QwXbjVFG8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
societingna.info/YlJwSVMZcAM%2BDBcgHGtpQDoEPSMRaF9mPgc1ETwjTDwVPXwRJV4jIEB%2BUjo%2BBHBKeH9AJhEuDAs2UnNxWmFCf2BRcFxrIBcwLyA3UHBKazVWNkl8Ygc2XXpjUmtdfWtVNF1xNVRnXXFiAGsRfmQHY0UqNUAv
44.195.137.121200 OK 0 B URL HTTP/2 societingna.info/YlJwSVMZcAM%2BDBcgHGtpQDoEPSMRaF9mPgc1ETwjTDwVPXwRJV4jIEB%2BUjo%2BBHBKeH9AJhEuDAs2UnNxWmFCf2BRcFxrIBcwLyA3UHBKazVWNkl8Ygc2XXpjUmtdfWtVNF1xNVRnXXFiAGsRfmQHY0UqNUAv
IP 44.195.137.121:0
Analyzer Verdict Alert fortinet Malware
GET /YlJwSVMZcAM%2BDBcgHGtpQDoEPSMRaF9mPgc1ETwjTDwVPXwRJV4jIEB%2BUjo%2BBHBKeH9AJhEuDAs2UnNxWmFCf2BRcFxrIBcwLyA3UHBKazVWNkl8Ygc2XXpjUmtdfWtVNF1xNVRnXXFiAGsRfmQHY0UqNUAv HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: f9d0b68479f19002380177f7e17b40ac=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f6-8evr8zjzh2K7YBE69gSRQox1uMo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2