megaup.net/1C8zW/2GBACVSS.part01.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1C8zW/2GBACVSS.part01.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1C8zW/2GBACVSS.part01.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Oct 2022 09:31:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1C8zW/2GBACVSS.part01.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3847
Expires: Sat, 01 Oct 2022 10:35:11 GMT
Date: Sat, 01 Oct 2022 09:31:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.164.68.21200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 09:02:27 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: kQgn_UeooZHGHTL-frwKljT5A3KGS7mlcR6OIMe0eqqN7MdjXRwsgg==
Age: 1717
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.51200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.51:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:39:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 7334e58f541a6f336bf4941e79456558.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: OQiTW516boEJk9CJLPNKVr0HPyMS25wPeaDdIOMdZ2KFU682PC8_zA==
age: 21468
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8814816aa6512189fb73a0fbf1af861a
94061fe3845fe46cc2491d27ba3218c8c5b40773
1bccebbc673a31a235ad4324f10d520b334f36332cfe02792dce40d548410a48
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:31:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 11:25:46 GMT
Expires: Fri, 07 Oct 2022 11:25:45 GMT
Etag: "94061fe3845fe46cc2491d27ba3218c8c5b40773"
Cache-Control: max-age=524680,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75342ee91b7e0b41-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 43 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (32341)
Hash 93772ced7e145cc651953043349547a1
731a2755b922e5bfd95b426b2fdd22c6ba7c652e
73c2a962830a94a258c7030b5e586b852b9c45020ae387df5119cea82fc662c5
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (971), with no line terminators
Hash 4bb70b13e7b4cc58d5df0c26687bad4e
420ddff2d838cabbeba654dc9c727be1a9a54b31
007cdb1a7a46d8a6aee22f2ae7e7ad975cfd55fad642a718f191bd1b4ab246a2
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 109 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (840)
Size 109 kB (108992 bytes)
Hash 3569887d8b8ddb1bf42080e5851686e4
c391bf763dc9851590161f7cdd6a2fe0fd4735e6
1db5ea5908ec8eb79d48fb900c75a33cb3d50cc0751fc7b5c6982c77c0cdb829
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.129200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.129:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 02-Oct-2022 09:31:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 02-Oct-2022 09:31:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.50200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.50:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 02-Oct-2022 09:31:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 02-Oct-2022 09:31:05 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.21200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 08:32:53 GMT
Expires: Sat, 01 Oct 2022 09:12:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 35f1076ba1ff613e428e9cf6a2f57580.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: kdTvV13gf1lDYRkBrkjZSYgkGuWO1IlxUfTpHJHrt-Is36GA7kVmGw==
Age: 3492
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 4.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
Hash c4922d3900853505a92edfea2e16bb6c
3a467af661e606657f3c109e11abeeb5cb64b709
5d4a632b38b01988b328226610033e194a87e30340209f727906794f522d1959
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1C8zW/2GBACVSS.part01.rar
91.209.70.182200 OK 85 kB URL HTTP/2 megaup.net/1C8zW/2GBACVSS.part01.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58554), with CRLF, LF line terminators
Hash 7001af6a1cbef3b4c268aed411476bc6
eae6641b05fbd3d5bdf4437d4f52778275a18415
e82bb88254698ca9a05dd3dbc4d68d2bb6916ae5de6d6ab66367e79bce6a5670
GET /1C8zW/2GBACVSS.part01.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6; expires=Sun, 02-Oct-2022 09:31:04 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 8999d012f5950c08b50010896d4fdd4b
c6b2ffeace2d8cc3e8564a4b7af5a32dea9daa2d
302efbf030dfd96b145d65be3cadbf31ad46d9dbc8814d6dde27ddb1a376fd26
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Oct 2022 09:31:05 GMT
expires: Sat, 01 Oct 2022 09:31:05 GMT
cache-control: private, max-age=900
last-modified: Sat, 01 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 35 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 912a0a90f2172ee47c6d58c9449c8f06
d672b13f1cc42cc509f02d843b373d4cb5862c02
f656ef1f2c544f3c1179635983866647b60ddbb391e9b081bccf1b03ae20d63c
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 33 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash b478b1e82e8b7e17aa55a6a37e8d3bf5
67f304473f44bbf09d323e6d4ad3b00b3eccfec2
02a2bb94d6daa9bbdaa47714253e9a1d136ab7b4aa200a5a80b2c539d47c48b1
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 24 kB URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
Hash 63488ee895ecf2240bafa246a38fed3b
06b0bec683241dbe21816859dab5a3f583a9a37f
1ed437888975087ac8846fc3af915608e900b8affa12c2efd649c774a3f6f35d
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
108.138.212.53200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 108.138.212.53:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188860 bytes)
Hash 966bd5422f3a60954c5e182174b2a9f9
c228e715376b8ea2340690db51329ed80c447088
7f501ce1f36f34a782d3621b5c233841d52ab46c7d5f42611b5bae5d383f3813
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188860
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: yQqPM1uNaNDA7dfpVnFJxfsibpWc2WQSzfbgMfocrMgVWpYGR9EU-g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.163.147.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.147.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5gQ7FajJEl8vrh7imkMwMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: byAlFYbHrtWKj5x5bfSBDu3DAAU=
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Sat, 01 Oct 2022 10:09:54 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Sat, 01 Oct 2022 10:09:54 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Sat, 01 Oct 2022 10:09:54 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Sat, 01 Oct 2022 10:09:54 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.50200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.50:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.129200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.129:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
medadelem.xyz/SDBZWHRnDzorSStbbG4XHFgdPR8GdxodEH5hMh0kGgNgGyYJX38sHSwNYWpBcQFofgQhVGRrRm5DLTkAPUNkakR4B38xGi5fZGpSPg1pdkxmAWl2RG5FZGlSPEA4P0l5FiksACQNaG5CfAZobkJ+AWBoQw
104.21.81.96204 No Content 0 B URL HTTP/2 medadelem.xyz/SDBZWHRnDzorSStbbG4XHFgdPR8GdxodEH5hMh0kGgNgGyYJX38sHSwNYWpBcQFofgQhVGRrRm5DLTkAPUNkakR4B38xGi5fZGpSPg1pdkxmAWl2RG5FZGlSPEA4P0l5FiksACQNaG5CfAZobkJ+AWBoQw
IP 104.21.81.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SDBZWHRnDzorSStbbG4XHFgdPR8GdxodEH5hMh0kGgNgGyYJX38sHSwNYWpBcQFofgQhVGRrRm5DLTkAPUNkakR4B38xGi5fZGpSPg1pdkxmAWl2RG5FZGlSPEA4P0l5FiksACQNaG5CfAZobkJ+AWBoQw HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGZTG%2BuX3JoLm5X%2Bzx01pbsL3IiH9DzpS0sVCwFavp04ITrEC1vQzFTdES1JeyKC6SbMczIh1PrRrdldL91nPlfDSEJjWsya1RObEGMtk5riL09Q7qfPE8XgB53Qjz0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eef6ef01c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
medadelem.xyz/TGs5YVZjVFoSaygvaxgCCxt/IBM4XG4KEw04VxkyHTpvKjMaDB8VPyhWAVNjdVoIRyYlDwRSZGoYTQAiORgEUHAlBV8Oa2odBFF4dEUIUXh8TUxcZ2ofSQAxcVofESI4BwRQYHpfD1Bgel0IWGZ5
104.21.81.96204 No Content 0 B URL HTTP/2 medadelem.xyz/TGs5YVZjVFoSaygvaxgCCxt/IBM4XG4KEw04VxkyHTpvKjMaDB8VPyhWAVNjdVoIRyYlDwRSZGoYTQAiORgEUHAlBV8Oa2odBFF4dEUIUXh8TUxcZ2ofSQAxcVofESI4BwRQYHpfD1Bgel0IWGZ5
IP 104.21.81.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TGs5YVZjVFoSaygvaxgCCxt/IBM4XG4KEw04VxkyHTpvKjMaDB8VPyhWAVNjdVoIRyYlDwRSZGoYTQAiORgEUHAlBV8Oa2odBFF4dEUIUXh8TUxcZ2ofSQAxcVofESI4BwRQYHpfD1Bgel0IWGZ5 HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKP4WE37a5OUYmWoPrziNjjX%2FFj4VvPLzQatBQ6g%2B4alNfDRqLtFkV2Uc%2Flaol%2FkwS7jW059Ev4U%2BZGmNpFJqD2EixfEcObsLp8KzkozOgOHGAk3qXXHehRFVzUDs%2Fh5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eef7efb1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
medadelem.xyz/Y0ZaTzNMeTk8Djl1MgplKy4MG3shLw5+eSolHX5/NgNrf2o2IXw7Wgd7Y3sKW3BuaUMKImd+C0U1Li5HFjVnfhUKKDwgDkUwZ34dU2hoYQNFM2d+FRc2OygOUmAqO0cPe2t5BVdwa3kFVXdjfAE
104.21.81.96204 No Content 0 B URL HTTP/2 medadelem.xyz/Y0ZaTzNMeTk8Djl1MgplKy4MG3shLw5+eSolHX5/NgNrf2o2IXw7Wgd7Y3sKW3BuaUMKImd+C0U1Li5HFjVnfhUKKDwgDkUwZ34dU2hoYQNFM2d+FRc2OygOUmAqO0cPe2t5BVdwa3kFVXdjfAE
IP 104.21.81.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y0ZaTzNMeTk8Djl1MgplKy4MG3shLw5+eSolHX5/NgNrf2o2IXw7Wgd7Y3sKW3BuaUMKImd+C0U1Li5HFjVnfhUKKDwgDkUwZ34dU2hoYQNFM2d+FRc2OygOUmAqO0cPe2t5BVdwa3kFVXdjfAE HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcKk5ZAZJQV%2BQJcyjY7fDLtTDrw8y6rapKKTkxxg3Wfi%2BL5PkYfxlYQGL%2BBR9y71K7sFQlQw7%2F5A5W3Ucv1vAiWDWsFIXNkMo%2FshUizLHMukeU95sFKjqzG%2B9LmRxL5f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eef7f021c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 515 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1032), with no line terminators
Hash 157682f7cef69adc4d6b509f174697bb
e2f655858fb4db390eaa986e948d256864723ac0
96b1c4b8e04c1f56acad5fcda2155712c1b8abf3b46c68fe03a4d3f40b0afc2c
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
medadelem.xyz/SGdkVVFnWAcmbCtXLiIcACEvNjoFIDcQBz80JRcWGlQQFBAjBEIhOCxaU2NleVNVcyEhA1lkdzsTBSEkO1pVczgmAQtodz5aVXtifElWbH94QRFoYG4TFDQ2dVZCJSU8C1lkZ35TUmRnflFVbGR5
104.21.81.96204 No Content 0 B URL HTTP/2 medadelem.xyz/SGdkVVFnWAcmbCtXLiIcACEvNjoFIDcQBz80JRcWGlQQFBAjBEIhOCxaU2NleVNVcyEhA1lkdzsTBSEkO1pVczgmAQtodz5aVXtifElWbH94QRFoYG4TFDQ2dVZCJSU8C1lkZ35TUmRnflFVbGR5
IP 104.21.81.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SGdkVVFnWAcmbCtXLiIcACEvNjoFIDcQBz80JRcWGlQQFBAjBEIhOCxaU2NleVNVcyEhA1lkdzsTBSEkO1pVczgmAQtodz5aVXtifElWbH94QRFoYG4TFDQ2dVZCJSU8C1lkZ35TUmRnflFVbGR5 HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdwAHiVwBupteajFtap4Qboirvb0cCGAN9myOHkjh6T1FwW1qjACl2t%2BCC%2Fs1hFQWMMjbN44CjPRFZirJDHbqyyi2zns0G4ay4%2B%2Fkx24ff8ZiIYgQS6Ad31IL2WAD%2BDJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eef6ef41c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
medadelem.xyz/RVM1bUlqbFYedBEpfygrDTsQXw8EC384HXYgcgsPKRFTCg98BXACbzE6UVBxcmUGXHFjI1wJdHdqEx49JCdAHnR0dVwDLypuExt0dH0FQ391fQVLPHhiExk5JDQIXG81J0EBdHRlA1l/dGUDW3h8Yg0
104.21.81.96204 No Content 0 B URL HTTP/2 medadelem.xyz/RVM1bUlqbFYedBEpfygrDTsQXw8EC384HXYgcgsPKRFTCg98BXACbzE6UVBxcmUGXHFjI1wJdHdqEx49JCdAHnR0dVwDLypuExt0dH0FQ391fQVLPHhiExk5JDQIXG81J0EBdHRlA1l/dGUDW3h8Yg0
IP 104.21.81.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RVM1bUlqbFYedBEpfygrDTsQXw8EC384HXYgcgsPKRFTCg98BXACbzE6UVBxcmUGXHFjI1wJdHdqEx49JCdAHnR0dVwDLypuExt0dH0FQ391fQVLPHhiExk5JDQIXG81J0EBdHRlA1l/dGUDW3h8Yg0 HTTP/1.1
Host: medadelem.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL1TmYxhP%2BMXKYP%2BTwP9Whh2wGJhYmviuxLGC%2FL1PMObxB8Vo6v1Ha2YLbwnJKtCTNHPFg3OcZWlu7D56Vqp4u1eAJghMoKfcDJtfp769xJ9hkvaREQ7at5uDbt8z%2Bc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eef7f001c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a43061cad4b3d4c385f8f089e4121a8
7dce2deea21ef9ab3fd7d8ba0f7a3ce2ac56a5b7
1f14ea6e98b0d559f9cadacae95b94f808950ed0b0534700338e978ef4072e90
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1F14EA6E98B0D559F9CADACAE95B94F808950ED0B0534700338E978EF4072E90"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2329
Expires: Sat, 01 Oct 2022 10:09:54 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
megaup.net/imageads/010.gif
91.209.70.182200 OK 405 kB URL HTTP/2 megaup.net/imageads/010.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 405 kB (405401 bytes)
Hash 476aacd0bb92e7780930beafd9416b43
01d14cc1f8d036708198ad81e25e81a4b37f49d1
d7e128bdd677563b5d41a3590509662bbb2706166de7af5e53c1d04d9ceab187
GET /imageads/010.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: image/gif
content-length: 405401
last-modified: Thu, 01 Apr 2021 04:06:22 GMT
vary: Accept-Encoding
etag: "606546be-62f99"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
104.26.2.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.2.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 690352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d49%2Fa4yo69e7Bvr6QcPMNu9Ft9RolO4fwvuHVrvY9PKsPfi8EP169IOc50S4ysZFLkcXptTObRQ5BL5ouLlrp2uKJ9YINFEJ0ehOnPSlqWcxgoNLcBeqm%2B7E0Pp6qOg1tEU%2FuMDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75342ef0cab1b523-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 24 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 81ef2e5397caa335947731e7e737f5c3
6a05a4b2d22c13ad2692170510bc8685b16002bf
cec22380c4f1438b29077d202d0396a6ad32b41761ed51d968f1bfbdf2423378
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 159b79ad1ea6b5775e183f7cec043b4e
7defc3d25de90faf616497445c285e020627ba6c
805c0543d34ebb9710b2aa73d0cb38358831c630e7361fc38079b0c6ede4c3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "805C0543D34EBB9710B2AA73D0CB38358831C630E7361FC38079B0C6EDE4C3D1"
Last-Modified: Thu, 29 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12336
Expires: Sat, 01 Oct 2022 12:56:41 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664616662088
104.26.2.107200 OK 2.7 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664616662088
IP 104.26.2.107:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash f89f8667c4ca1400086af5a0195a1662
54dcf90e78600530eb6dc9545f56a603cd31c3f5
89bbc42a65e1459bdcb18420ba30f7ef1fbe1783017eab57e1c1dd6f77012fba
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664616662088 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xy6djUAmSeUvfjfAkv0xC9CZNk0N0j6OKkAM9YqPYtar%2B%2BNjOUJilVpt%2Fm0VZZ7fr85%2FGJ4cbCeuV2cE1bhs57OFkCGp7VcAEQV0XtOmEqBevuzvc3rKRSaTxD9CxpAg7aY7pHg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342eeff955b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=5461ee747ad34f2e99caf8567c8b255f&p=28&g=NO&token=4a44335432&tbg=1664616665
104.26.2.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=5461ee747ad34f2e99caf8567c8b255f&p=28&g=NO&token=4a44335432&tbg=1664616665
IP 104.26.2.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=5461ee747ad34f2e99caf8567c8b255f&p=28&g=NO&token=4a44335432&tbg=1664616665 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhYWCLmwvXt88JkSkFcU6jZNOE%2FocFHw19Dy%2BGR2iVY%2BoAkFfvcpE6LB%2BY%2Fga2MRkx%2F9j85wJXc%2BQ3SZOZLcHvM2tjvgtMQ7OvXSUSY2%2FN8lA3aEfoYIrA6OnPYEwu5yiQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342ef0cab4b523-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 17f6b8a1291315c2c038c38a055a2834
875d45eb081dea8964f745db9b189f1788aac472
329a5f1dbd5f4ebb6b21fb6e95e42eb2e120fc0373fa1e4f07c5ac4d21cc4530
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 01 Oct 2022 08:41:09 GMT
expires: Sat, 01 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 2996
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 749 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash ed1475173a0284fb8ca2cf8a4e0feb59
3b0b37e39ce054ed88470c3d95ce62e9a04299b1
d7f3820b26cddf5f512d56d338e47ae7f9fc1467800b5c6316843726550be1bd
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 17f6b8a1291315c2c038c38a055a2834
875d45eb081dea8964f745db9b189f1788aac472
329a5f1dbd5f4ebb6b21fb6e95e42eb2e120fc0373fa1e4f07c5ac4d21cc4530
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 5c2f73175264a69d8f9b4f451f8c0986
c162c9108125f95337b8f0f5aadbdc4f8af9ef24
7ef6601c5c131b5a7b3b4e75c7dd19a586c97973955324a24e5e30a36c2cb8fb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 01 Oct 2022 09:31:05 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1156699395%3A1664616665889364&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrU9NFrM27PbOhHwW-GGwT9Cv2_s2nhWB4TgKhy3-AqQrxDZu3e0Sz9BQhNg2T-Zd-rw59OKQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-K4tIaJGJGE6F7pydXABjLQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:RZ65_6e5wAYyeJvGKD7UV5ZYovIG-w:GX0bxYASiQC4VQPc;Path=/;Expires=Mon, 30-Sep-2024 09:31:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1699705669&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&ul=en-us&de=UTF-8&dt=2GBACVSS.part01.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1251044618&gjid=442300771&cid=509621150.1664616662&tid=UA-108868042-1&_gid=797468455.1664616662&_r=1>m=2ou9s0&z=705912092
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1699705669&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&ul=en-us&de=UTF-8&dt=2GBACVSS.part01.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1251044618&gjid=442300771&cid=509621150.1664616662&tid=UA-108868042-1&_gid=797468455.1664616662&_r=1>m=2ou9s0&z=705912092
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=1699705669&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&ul=en-us&de=UTF-8&dt=2GBACVSS.part01.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=1251044618&gjid=442300771&cid=509621150.1664616662&tid=UA-108868042-1&_gid=797468455.1664616662&_r=1>m=2ou9s0&z=705912092 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Sat, 01 Oct 2022 09:31:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13314
Expires: Sat, 01 Oct 2022 13:12:59 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13314
Expires: Sat, 01 Oct 2022 13:12:59 GMT
Date: Sat, 01 Oct 2022 09:31:05 GMT
Connection: keep-alive
fhisladyloveh.xyz/ZE1LdU0FLygYcgVwKVM4FiF2UH8iaHkzKQkgMR4rAHV5AiwdI2UWIQs4LxM/CyM/WyMBOW5HCyYsHicENSB/PgYdFCAgH1Q5Bz10MxUlP3oHfBElAQ4+PzQPCHgBNhgjCRgSAQALfwcAEyY7NBhcOgYcFzAaHDwmLToKOigzeSU0DBR4LiIcNAkYL3wAJiwRAycuOyA6ITkBNnknDggCdCsMJyUANyFuRwslOhJQfyYEGEEOJwoNQw8iOQMRClU6Ex4IXCgTOwEzKhEBLiJ5DTkePX4NHjVWKA8FGjw1P1B/JikgASwmIHoCFQw+MhcVITsePQcJLiARAAAjZhIhJzokAwdWKSg5fj55KER4PikTHTc3fD9FAQ0+KDEOLSMEHjkGDCUzfTULJxwdPHQtUycXIiUFcAgqIxEhJ3t7NzolJiQ
13.226.225.29200 OK 1.2 kB URL HTTP/2 fhisladyloveh.xyz/ZE1LdU0FLygYcgVwKVM4FiF2UH8iaHkzKQkgMR4rAHV5AiwdI2UWIQs4LxM/CyM/WyMBOW5HCyYsHicENSB/PgYdFCAgH1Q5Bz10MxUlP3oHfBElAQ4+PzQPCHgBNhgjCRgSAQALfwcAEyY7NBhcOgYcFzAaHDwmLToKOigzeSU0DBR4LiIcNAkYL3wAJiwRAycuOyA6ITkBNnknDggCdCsMJyUANyFuRwslOhJQfyYEGEEOJwoNQw8iOQMRClU6Ex4IXCgTOwEzKhEBLiJ5DTkePX4NHjVWKA8FGjw1P1B/JikgASwmIHoCFQw+MhcVITsePQcJLiARAAAjZhIhJzokAwdWKSg5fj55KER4PikTHTc3fD9FAQ0+KDEOLSMEHjkGDCUzfTULJxwdPHQtUycXIiUFcAgqIxEhJ3t7NzolJiQ
IP 13.226.225.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash 1df4b28141d890ccd07928fdce154ba6
6155ca99590a5af5eb0b150ebfc92b21fbd58ed7
7f40ccfe1d93d94d11ce3567615aa90058f8a0486feb5f057198d78a8c877c5f
GET /ZE1LdU0FLygYcgVwKVM4FiF2UH8iaHkzKQkgMR4rAHV5AiwdI2UWIQs4LxM/CyM/WyMBOW5HCyYsHicENSB/PgYdFCAgH1Q5Bz10MxUlP3oHfBElAQ4+PzQPCHgBNhgjCRgSAQALfwcAEyY7NBhcOgYcFzAaHDwmLToKOigzeSU0DBR4LiIcNAkYL3wAJiwRAycuOyA6ITkBNnknDggCdCsMJyUANyFuRwslOhJQfyYEGEEOJwoNQw8iOQMRClU6Ex4IXCgTOwEzKhEBLiJ5DTkePX4NHjVWKA8FGjw1P1B/JikgASwmIHoCFQw+MhcVITsePQcJLiARAAAjZhIhJzokAwdWKSg5fj55KER4PikTHTc3fD9FAQ0+KDEOLSMEHjkGDCUzfTULJxwdPHQtUycXIiUFcAgqIxEhJ3t7NzolJiQ HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: qnS_IgJzEOfDbJlxnThGHRdor3-wImd8LDP8PVzi32BP22joxVU-7Q==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/QjhOeW0jWi0UUiMFLF8YMFRzXF8EHXw/CS9VNBILJgB8Dgw7VmAaAS1NKh8fLVY6VwMnTGtLKy1hFjcbIAobOiUDfQQuBRdZDUgnEW5+MwgUCQAxKhBPDzoVBHcHAzgwbTZJXghfdiEiO08rOi8lAB4SBhB/Nh0+GggDNyglfQcuKCFvDygVG20ILCIBTyoaP3JTLD88dmEbHg4PfBxBKQZffiwuE1AEPCwAdw8eLCR7DEEpBlMMLSMUSAwvOBB6FkkOJm0LMyYaeyo8PBQACj0sen8ISR0abR8NNRVsPiE/ckgtM10QehYBXRZqCzgYFFQAKTxyFRQyO3N9GzoKNXcKFTcmcxgdPxNUdx87BH4NKgFzbgwBAiZ7KTQiAQg+HSRzUAgoO3t8CDxYJx4kCgIsSHM1NwwKICEkKE4GOhwvQQEo
13.226.225.29200 OK 1.2 kB URL HTTP/2 fhisladyloveh.xyz/QjhOeW0jWi0UUiMFLF8YMFRzXF8EHXw/CS9VNBILJgB8Dgw7VmAaAS1NKh8fLVY6VwMnTGtLKy1hFjcbIAobOiUDfQQuBRdZDUgnEW5+MwgUCQAxKhBPDzoVBHcHAzgwbTZJXghfdiEiO08rOi8lAB4SBhB/Nh0+GggDNyglfQcuKCFvDygVG20ILCIBTyoaP3JTLD88dmEbHg4PfBxBKQZffiwuE1AEPCwAdw8eLCR7DEEpBlMMLSMUSAwvOBB6FkkOJm0LMyYaeyo8PBQACj0sen8ISR0abR8NNRVsPiE/ckgtM10QehYBXRZqCzgYFFQAKTxyFRQyO3N9GzoKNXcKFTcmcxgdPxNUdx87BH4NKgFzbgwBAiZ7KTQiAQg+HSRzUAgoO3t8CDxYJx4kCgIsSHM1NwwKICEkKE4GOhwvQQEo
IP 13.226.225.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3026), with no line terminators
Hash 8447606457091a1067f91abbcec0d810
acee2e1e5f2055270cb91b8f14078cef9c89ca6e
783190bc237bb7f1d8a3381baef0aa9d519d048f04ab039fbd7d6c8ebd7b42ee
GET /QjhOeW0jWi0UUiMFLF8YMFRzXF8EHXw/CS9VNBILJgB8Dgw7VmAaAS1NKh8fLVY6VwMnTGtLKy1hFjcbIAobOiUDfQQuBRdZDUgnEW5+MwgUCQAxKhBPDzoVBHcHAzgwbTZJXghfdiEiO08rOi8lAB4SBhB/Nh0+GggDNyglfQcuKCFvDygVG20ILCIBTyoaP3JTLD88dmEbHg4PfBxBKQZffiwuE1AEPCwAdw8eLCR7DEEpBlMMLSMUSAwvOBB6FkkOJm0LMyYaeyo8PBQACj0sen8ISR0abR8NNRVsPiE/ckgtM10QehYBXRZqCzgYFFQAKTxyFRQyO3N9GzoKNXcKFTcmcxgdPxNUdx87BH4NKgFzbgwBAiZ7KTQiAQg+HSRzUAgoO3t8CDxYJx4kCgIsSHM1NwwKICEkKE4GOhwvQQEo HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: YPG32X5erYrxPel2xI6rD1F17Jzds5ElGOaB2WWCWNBWPUrMbg2UYQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 3677985de4b921b3700e68e3068dab54
76e817135c84e5355df34ee03f283ea1a9793e8a
53df46f8736d4d72443f85a6a4590b8d395951d1063ec3483ef426a2b04a1dfc
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 01 Oct 2022 09:31:05 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1124815101%3A1664616665934010&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqh7kiJ6nj6EM1G5yN9w1OCfNvqt1I1-hrsLusW1c_nNp0IpAHai6Knkkev0uY_jKurgY6sQg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-PP8hTF7KgHcZmlAVNyrybg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:qTj58xdyvCHbcZID_sktjeGcFWiaJA:mR2caFN5_aOjtsMK;Path=/;Expires=Mon, 30-Sep-2024 09:31:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash 8812897bca3236915e3d430052240422
699b40dce0d85bdfe92f407d2b962f0496b5070f
814e48413af6de66d4d014aa9f909b092564fc28253aa90cfda6de694563b73f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 21:53:49 GMT
Expires: Fri, 07 Oct 2022 21:53:48 GMT
Etag: "699b40dce0d85bdfe92f407d2b962f0496b5070f"
Cache-Control: max-age=562362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75342ef09ac80b41-OSL
syndication.exdynsrv.com/v1/api.php
95.211.229.248200 OK 2.4 kB URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5246), with no line terminators
Hash 05ce6e83ec77287d3019f348b9fab269
b9123cded013ff2021c28203d59a5e91824ab9df
59fd0cc9209dda7b06c0f754e8cdf59f4cd862ef38f854bdfcb12cb0c729fc80
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 282
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:05 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22633808d9ec0a26.57927671256785610%22%3B%7D; expires=Mon, 30-Sep-2024 09:31:05 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9258de3968ca063250558ee06c75757b
56415f416ce29130b0a0b6fc919e2cdc0fd4d693
2474d99b3d10370e1efad3804a6f32452287e6b8e24d8254c69e8619a62624d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 09:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fhisladyloveh.xyz/Y1R4WDACNhs1DwJpGn5FEThFfQIlcUoeVA45AjNWB2xKL1EaOlY7XAwhHD5CDDoMdl4GIF1qdgsBEyhmOj41IHo3Jz0cczo+NQ4ILw0wYUM2IzJoeSANNgBjKWcoMFQCGTs7QygjNTl5OxkvC2Q5ZyINYgUZAQlJOywta3onDh4ZXjImNQlxLA4VL1gmOA9tVBoVNQ5KACcoGUg0GhUvVyIjTH0CJR4rYHw7LkwqUyUWSQICMTgqL3YKDRFpZCI6HG12Uzc6AVk6bDwdaRI2SjxjMGYIYHMPBTA8AwgMKi92Chs7FngiFjYiaVMjPD0CWjotNGFQHyx1BC0SFRl9OWUxG2kNJBMNVylnHR9lJgMRGUYuI0kUVFAzLA9HNWwdNn07EBUVFgknFzZAXj8NMVIOLTFoeAg
13.226.225.29200 OK 1.2 kB URL HTTP/2 fhisladyloveh.xyz/Y1R4WDACNhs1DwJpGn5FEThFfQIlcUoeVA45AjNWB2xKL1EaOlY7XAwhHD5CDDoMdl4GIF1qdgsBEyhmOj41IHo3Jz0cczo+NQ4ILw0wYUM2IzJoeSANNgBjKWcoMFQCGTs7QygjNTl5OxkvC2Q5ZyINYgUZAQlJOywta3onDh4ZXjImNQlxLA4VL1gmOA9tVBoVNQ5KACcoGUg0GhUvVyIjTH0CJR4rYHw7LkwqUyUWSQICMTgqL3YKDRFpZCI6HG12Uzc6AVk6bDwdaRI2SjxjMGYIYHMPBTA8AwgMKi92Chs7FngiFjYiaVMjPD0CWjotNGFQHyx1BC0SFRl9OWUxG2kNJBMNVylnHR9lJgMRGUYuI0kUVFAzLA9HNWwdNn07EBUVFgknFzZAXj8NMVIOLTFoeAg
IP 13.226.225.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Hash fd9d07e0ffc6519bc935e92ce18785b1
e710b56a56ae8b2a22c939ec747e0fb7e1bd8672
52200a3099ec43c8a4e19d599c4a40d1c04811e2018e96fa462cac6d03f0abf9
GET /Y1R4WDACNhs1DwJpGn5FEThFfQIlcUoeVA45AjNWB2xKL1EaOlY7XAwhHD5CDDoMdl4GIF1qdgsBEyhmOj41IHo3Jz0cczo+NQ4ILw0wYUM2IzJoeSANNgBjKWcoMFQCGTs7QygjNTl5OxkvC2Q5ZyINYgUZAQlJOywta3onDh4ZXjImNQlxLA4VL1gmOA9tVBoVNQ5KACcoGUg0GhUvVyIjTH0CJR4rYHw7LkwqUyUWSQICMTgqL3YKDRFpZCI6HG12Uzc6AVk6bDwdaRI2SjxjMGYIYHMPBTA8AwgMKi92Chs7FngiFjYiaVMjPD0CWjotNGFQHyx1BC0SFRl9OWUxG2kNJBMNVylnHR9lJgMRGUYuI0kUVFAzLA9HNWwdNn07EBUVFgknFzZAXj8NMVIOLTFoeAg HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1167
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: j95PXl-DlYMxi4t4X3AoBLMGLOtSgja5sGt14WpXMTyPu-Zay1uDEA==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/dGtGWmUVCSU3WhVWJHwQBgd7f1cyTnQcARkGPDEDEFN0LQQNBWg5CRseIjwXGwUydAsRH2NoIz44PBAfLgB2NT0mWwc5D00JAGsRQg0XACYhBT4uMjUqDBMfBzsNDjQdDR4xUDEFE20jNQglET0tKBALCgchEAwqJSghNjAhXh47HAQ8AwwRQQkTAyE3OBxoMhwEDRM2ED8BIihHJwQLIjZYBzc9JQAWEzYQPxA2NDgNLiIhJVh/bSITHx48IkApCw8rUVkAP1RACgUeAg4tdhwyOjMLHykyKXM4AjETF2lcQzoHDCESDCkWNyEDfwMNECkQMwoBPhR3Aj4KDjZVJT0cYgADIQUMCwweBx8oNSECNj0yOi1rBxMqdwJWAAcHNjAgCA41Qx4YKTQVSTEUNVM/ITJiFQ
13.226.225.29200 OK 1.2 kB URL HTTP/2 fhisladyloveh.xyz/dGtGWmUVCSU3WhVWJHwQBgd7f1cyTnQcARkGPDEDEFN0LQQNBWg5CRseIjwXGwUydAsRH2NoIz44PBAfLgB2NT0mWwc5D00JAGsRQg0XACYhBT4uMjUqDBMfBzsNDjQdDR4xUDEFE20jNQglET0tKBALCgchEAwqJSghNjAhXh47HAQ8AwwRQQkTAyE3OBxoMhwEDRM2ED8BIihHJwQLIjZYBzc9JQAWEzYQPxA2NDgNLiIhJVh/bSITHx48IkApCw8rUVkAP1RACgUeAg4tdhwyOjMLHykyKXM4AjETF2lcQzoHDCESDCkWNyEDfwMNECkQMwoBPhR3Aj4KDjZVJT0cYgADIQUMCwweBx8oNSECNj0yOi1rBxMqdwJWAAcHNjAgCA41Qx4YKTQVSTEUNVM/ITJiFQ
IP 13.226.225.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3010), with no line terminators
Hash 2de17b178efe69b66402f74aa069badc
5fa440471154116f94ca0e3b4b8af88a19acc68b
be82510ff411fb10ff25ef9e882aed0fe2b5ad481a74021539247eeb2f795985
GET /dGtGWmUVCSU3WhVWJHwQBgd7f1cyTnQcARkGPDEDEFN0LQQNBWg5CRseIjwXGwUydAsRH2NoIz44PBAfLgB2NT0mWwc5D00JAGsRQg0XACYhBT4uMjUqDBMfBzsNDjQdDR4xUDEFE20jNQglET0tKBALCgchEAwqJSghNjAhXh47HAQ8AwwRQQkTAyE3OBxoMhwEDRM2ED8BIihHJwQLIjZYBzc9JQAWEzYQPxA2NDgNLiIhJVh/bSITHx48IkApCw8rUVkAP1RACgUeAg4tdhwyOjMLHykyKXM4AjETF2lcQzoHDCESDCkWNyEDfwMNECkQMwoBPhR3Aj4KDjZVJT0cYgADIQUMCwweBx8oNSECNj0yOi1rBxMqdwJWAAcHNjAgCA41Qx4YKTQVSTEUNVM/ITJiFQ HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1165
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: NfC9NLaiWMiunhrtBe8B0uxdmb8b97vUnZ7ErEXbTI9L_hZQ-97HJw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
108.138.212.53200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 108.138.212.53:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73
date: Sat, 01 Oct 2022 09:31:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 567e6ef7ff61be187364f3ed7fec5abe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: KMURN3pUz37C8oyRtVE2fCobsIGjmTS6VaFEWPMwNYkiDQWr43LxXw==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/QnMwc2cjEVMeWCNOUlUSMB8NVlUEVgI1Ay8eShgBJksCBAY7HR4QCy0GVBUVLR1EXQknBxVBIRASZB8lERh1ODErS0MVD3MieisDdithMVIkO2YjMjg6XD8fKTZ2G1M1MmVHHxIrUzc+GhtDPTUMF1Y7FywxZhQRDitIIz8BS0AVISUVeTBTKCVxQgkSCnImMQFHRzgmFCV5NF44P0cLESceYhEkFRhJECElEFMUDykkRxgTCwoIEDYVIQQQNQcxVAsxcStiCx4BNGIRJBY+CCkhMkdVOx80JGIxDCc7dTw/ATpYPww1P3JADzokcR8fJ0B2Ki8KXn5FLTUxfDkkNQZ1IR84N3gbAQRAdgApBCJ5VQ0xHF4DWhUnQRsQMgQGGT97
13.226.225.29200 OK 1.2 kB URL HTTP/2 fhisladyloveh.xyz/QnMwc2cjEVMeWCNOUlUSMB8NVlUEVgI1Ay8eShgBJksCBAY7HR4QCy0GVBUVLR1EXQknBxVBIRASZB8lERh1ODErS0MVD3MieisDdithMVIkO2YjMjg6XD8fKTZ2G1M1MmVHHxIrUzc+GhtDPTUMF1Y7FywxZhQRDitIIz8BS0AVISUVeTBTKCVxQgkSCnImMQFHRzgmFCV5NF44P0cLESceYhEkFRhJECElEFMUDykkRxgTCwoIEDYVIQQQNQcxVAsxcStiCx4BNGIRJBY+CCkhMkdVOx80JGIxDCc7dTw/ATpYPww1P3JADzokcR8fJ0B2Ki8KXn5FLTUxfDkkNQZ1IR84N3gbAQRAdgApBCJ5VQ0xHF4DWhUnQRsQMgQGGT97
IP 13.226.225.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2993), with no line terminators
Hash a5850acbca570e0e8503931fd62be55f
4cc2af4137a6a88e0633d632ad4ccd8812377c86
0e18abc344e3acf008a21ad31fa85a21662203f1bed852613ac44d97eefe02dc
GET /QnMwc2cjEVMeWCNOUlUSMB8NVlUEVgI1Ay8eShgBJksCBAY7HR4QCy0GVBUVLR1EXQknBxVBIRASZB8lERh1ODErS0MVD3MieisDdithMVIkO2YjMjg6XD8fKTZ2G1M1MmVHHxIrUzc+GhtDPTUMF1Y7FywxZhQRDitIIz8BS0AVISUVeTBTKCVxQgkSCnImMQFHRzgmFCV5NF44P0cLESceYhEkFRhJECElEFMUDykkRxgTCwoIEDYVIQQQNQcxVAsxcStiCx4BNGIRJBY+CCkhMkdVOx80JGIxDCc7dTw/ATpYPww1P3JADzokcR8fJ0B2Ki8KXn5FLTUxfDkkNQZ1IR84N3gbAQRAdgApBCJ5VQ0xHF4DWhUnQRsQMgQGGT97 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: iB9yeyWZSLrIwahZMIsTuJyvBEW-5dyyCmOvhxic9T1vmDI6xLoQvA==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1156699395%3A1664616665889364&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrU9NFrM27PbOhHwW-GGwT9Cv2_s2nhWB4TgKhy3-AqQrxDZu3e0Sz9BQhNg2T-Zd-rw59OKQ
216.58.207.237403 Forbidden 2.1 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1156699395%3A1664616665889364&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrU9NFrM27PbOhHwW-GGwT9Cv2_s2nhWB4TgKhy3-AqQrxDZu3e0Sz9BQhNg2T-Zd-rw59OKQ
IP 216.58.207.237:0
Hash 734e40b7031fcf41a6b123263d79c420
7a6f5b0b685ce13e8fef0fb1b12e5f3eac33f6b0
c2fa19ee03fa8c7bf0de4a2a6c016705dd2d80f25c6d6e16e3121f809a10f3b7
GET /v3/signin/identifier?dsh=S-1156699395%3A1664616665889364&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrU9NFrM27PbOhHwW-GGwT9Cv2_s2nhWB4TgKhy3-AqQrxDZu3e0Sz9BQhNg2T-Zd-rw59OKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 01 Oct 2022 09:31:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-dCm90LM33DxkR0HSmeciFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=cc4dR3kpCrESw9ADU7Tfl7KFI1UdNnpamlboAFUyYTk-VqBU_6wyTfnCFiu9c3DPMgOg5WvQp8IBdKP3R_NFE5xeBePXbrL-1PGpuwWgg2odZ4QYi0m3q60sH35E2L5H56VpXhhOvfUiK9_vprBLRNxSZ7wn0Qab5VEeogctons; expires=Sun, 02-Apr-2023 09:31:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84ada21ac1d7ada27090048bed7709d6
5a7af8364389fceb02130e30cfc9d1d1f430ca43
4ded0aae9e6b75b5c584663fcffa541371a632cd5a8088b29234f35b2776ad8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4DED0AAE9E6B75B5C584663FCFFA541371A632CD5A8088B29234F35B2776AD8C"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13313
Expires: Sat, 01 Oct 2022 13:12:59 GMT
Date: Sat, 01 Oct 2022 09:31:06 GMT
Connection: keep-alive
fhisladyloveh.xyz/utx?cb=HaDLXvRFBUCM&top=megaup.net&tid=761186
13.226.225.29204 No Content 0 B URL HTTP/2 fhisladyloveh.xyz/utx?cb=HaDLXvRFBUCM&top=megaup.net&tid=761186
IP 13.226.225.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=HaDLXvRFBUCM&top=megaup.net&tid=761186 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 01 Oct 2022 09:32:05 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: EGXn_rgLz_alxHmww_2SROVC5Y-iFvP8AR2KUrT0iR_sI_vhOgOdSw==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/utx?cb=pNrDIgwBemH6&top=megaup.net&tid=825911
13.226.225.29204 No Content 0 B URL HTTP/2 fhisladyloveh.xyz/utx?cb=pNrDIgwBemH6&top=megaup.net&tid=825911
IP 13.226.225.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=pNrDIgwBemH6&top=megaup.net&tid=825911 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:05 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 01 Oct 2022 09:32:05 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: xFoQTORSCH4EUU1WWnKK-ruEsAJDTKDukoq6ZbNK2ZV-kEgspLzegA==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/utx?cb=Mi3oTrU4uGEx&top=megaup.net&tid=876318
13.226.225.29204 No Content 0 B URL HTTP/2 fhisladyloveh.xyz/utx?cb=Mi3oTrU4uGEx&top=megaup.net&tid=876318
IP 13.226.225.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Mi3oTrU4uGEx&top=megaup.net&tid=876318 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 01 Oct 2022 09:32:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: ygYqieHpunVlMBsINGxBq4HU5gbWWFoAUY8UU75teyzsDwEHIT4KDw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/BaURIQm4KKyYkUR0tLH9WXnJ7c1ZPLjstABl5JCUGDSgLdF4rMwkpAU8wMiZTWWIkIwAOeW4nAAp5eWQPDSZ1dkgdNCcpUwEtJC4CCCw9OAlPMSl/AwY+IS4CCGF6BFtHdG1wXkE8eXNLWgZtcF4FLSY3Fkx2eDpWXxt+dktaBm1wXhsybXEvUHJmckdMdn-glCwovJ2dcL3Z4c15ZdXhzS1t0LiscDCInOktbAnF0QFliPX9f
108.138.212.53200 OK 457 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/BaURIQm4KKyYkUR0tLH9WXnJ7c1ZPLjstABl5JCUGDSgLdF4rMwkpAU8wMiZTWWIkIwAOeW4nAAp5eWQPDSZ1dkgdNCcpUwEtJC4CCCw9OAlPMSl/AwY+IS4CCGF6BFtHdG1wXkE8eXNLWgZtcF4FLSY3Fkx2eDpWXxt+dktaBm1wXhsybXEvUHJmckdMdn-glCwovJ2dcL3Z4c15ZdXhzS1t0LiscDCInOktbAnF0QFliPX9f
IP 108.138.212.53:0
File type ASCII text, with very long lines (597), with no line terminators
Hash 35345e8b1b8145611c69c17764019678
bc69f68ea2489c74bfa14fae57e4ed6a8d89b0b3
c4dd3bff00f220c1fc552ba00020a2b6803b58875e3a28f64325e0f05f966d20
GET /BaURIQm4KKyYkUR0tLH9WXnJ7c1ZPLjstABl5JCUGDSgLdF4rMwkpAU8wMiZTWWIkIwAOeW4nAAp5eWQPDSZ1dkgdNCcpUwEtJC4CCCw9OAlPMSl/AwY+IS4CCGF6BFtHdG1wXkE8eXNLWgZtcF4FLSY3Fkx2eDpWXxt+dktaBm1wXhsybXEvUHJmckdMdn-glCwovJ2dcL3Z4c15ZdXhzS1t0LiscDCInOktbAnF0QFliPX9f HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 457
date: Sat, 01 Oct 2022 09:31:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: S60aJqDawAJwotqq25o308R60JmMSE6rzZId7MIlGhXik0X-zRZchA==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW07EMAy8ChdoNHbsPPabb1YCcYC0TflihQRIrDSHJ+2KFR7Zcuzx2FGoToIJ8gA/RTnBWSVUBNMgbnw6P9OE7/2tfX+ES/+iuxgSU62wwhqtaKJZMimJLkLXqnUwskdHykZxRmJAPZrtWQAgklnA15fHw2VAwRH3ldTCMUj87HNzW5cNJW+1Llud3de6tiamDd7TsuzE/yfihoBB2WX/CoxiUUdtkvvDOAw82u3zelnIO/12LP1QiBQzDLlSumKWtY9PxnVLvfU5eyqWHZtp/AUs+CrvVAEAAA==
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PW07EMAy8ChdoNHbsPPabb1YCcYC0TflihQRIrDSHJ+2KFR7Zcuzx2FGoToIJ8gA/RTnBWSVUBNMgbnw6P9OE7/2tfX+ES/+iuxgSU62wwhqtaKJZMimJLkLXqnUwskdHykZxRmJAPZrtWQAgklnA15fHw2VAwRH3ldTCMUj87HNzW5cNJW+1Llud3de6tiamDd7TsuzE/yfihoBB2WX/CoxiUUdtkvvDOAw82u3zelnIO/12LP1QiBQzDLlSumKWtY9PxnVLvfU5eyqWHZtp/AUs+CrvVAEAAA==
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PW07EMAy8ChdoNHbsPPabb1YCcYC0TflihQRIrDSHJ+2KFR7Zcuzx2FGoToIJ8gA/RTnBWSVUBNMgbnw6P9OE7/2tfX+ES/+iuxgSU62wwhqtaKJZMimJLkLXqnUwskdHykZxRmJAPZrtWQAgklnA15fHw2VAwRH3ldTCMUj87HNzW5cNJW+1Llud3de6tiamDd7TsuzE/yfihoBB2WX/CoxiUUdtkvvDOAw82u3zelnIO/12LP1QiBQzDLlSumKWtY9PxnVLvfU5eyqWHZtp/AUs+CrvVAEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22633808d9ec0a26.57927671256785610%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Oct 2022 09:31:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22633808d9ec0a26.57927671256785610%22%3B%7D; expires=Mon, 30 Sep 2024 09:31:06 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22633808d9ec0a26.57927671256785610%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Mon, 30 Sep 2024 09:31:06 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
dmmzkfd82wayn.cloudfront.net/oYXNvb2UCHAEJWhUaC1JSV0JeV1NHGRwACxFOIzUrUx03Jg8XOyweCBg8PkkRGxdSX0MNEgEIWEcWAQxYUFUOCwdcR0kbFQ4YUgcMDR8DDg0UCQhJEABOAgAfCB8DDkBTNVpBVURBX0cdUEJKXCdEQV8DDA8GF0pXUQtXWTpXR0pcJ0RBXx0TREAuVlNPQ0-ZKV1EUCgwODlZdKVdRQl9fVFFCSl1VBxodCgMOC0pdI1hFQV9DFE5e
108.138.212.53200 OK 594 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/oYXNvb2UCHAEJWhUaC1JSV0JeV1NHGRwACxFOIzUrUx03Jg8XOyweCBg8PkkRGxdSX0MNEgEIWEcWAQxYUFUOCwdcR0kbFQ4YUgcMDR8DDg0UCQhJEABOAgAfCB8DDkBTNVpBVURBX0cdUEJKXCdEQV8DDA8GF0pXUQtXWTpXR0pcJ0RBXx0TREAuVlNPQ0-ZKV1EUCgwODlZdKVdRQl9fVFFCSl1VBxodCgMOC0pdI1hFQV9DFE5e
IP 108.138.212.53:0
File type ASCII text, with very long lines (836), with no line terminators
Hash 78622b3d41c4e9270645ec5b18d25c53
e471494a1524803777e346ec289ea73ee84f1939
e1ae9053e78261024a264f5b0f81b81e945db319934ec59fc570bda9b69af702
GET /oYXNvb2UCHAEJWhUaC1JSV0JeV1NHGRwACxFOIzUrUx03Jg8XOyweCBg8PkkRGxdSX0MNEgEIWEcWAQxYUFUOCwdcR0kbFQ4YUgcMDR8DDg0UCQhJEABOAgAfCB8DDkBTNVpBVURBX0cdUEJKXCdEQV8DDA8GF0pXUQtXWTpXR0pcJ0RBXx0TREAuVlNPQ0-ZKV1EUCgwODlZdKVdRQl9fVFFCSl1VBxodCgMOC0pdI1hFQV9DFE5e HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Sat, 01 Oct 2022 09:31:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: AhdjBprLoOoMWurNO9Wg0BUdz_SgQ2sK1n2Q_kQHcWkcse3jjn5-aA==
X-Firefox-Spdy: h2
fhisladyloveh.xyz/utx?cb=WVStsREopNYJ&top=megaup.net&tid=764141
13.226.225.29204 No Content 0 B URL HTTP/2 fhisladyloveh.xyz/utx?cb=WVStsREopNYJ&top=megaup.net&tid=764141
IP 13.226.225.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=WVStsREopNYJ&top=megaup.net&tid=764141 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 01 Oct 2022 09:32:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: bGlhJ0BUDwq7Z3GlDW9xMkJp8tiuNLAxpwrgFNnDXWyIjAmWoZDBWA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/hUkpVYjMxJTsEDCYjMV8LYH9sUwJ0ICYNXSJ3PhdaMCcsKwMaIXMWSTZ3ZURfMyQyXxU3JDZfAnQrMQAOZmwhElw5dyAMVzcsPAxWNmwgAw4/JS8LXz4rcFB1Z2RlRwFiYi1TAnd5F0cBYiY8DEYqb2dSS2p8ClQHd3kXRwFiOCNHABNzY0wDe29nUlQ3KT-4NFmAMZ1ICYnpkUgJ3eGUEWiAvMw1Ld3gTWwV8enMXDmM
108.138.212.53200 OK 356 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/hUkpVYjMxJTsEDCYjMV8LYH9sUwJ0ICYNXSJ3PhdaMCcsKwMaIXMWSTZ3ZURfMyQyXxU3JDZfAnQrMQAOZmwhElw5dyAMVzcsPAxWNmwgAw4/JS8LXz4rcFB1Z2RlRwFiYi1TAnd5F0cBYiY8DEYqb2dSS2p8ClQHd3kXRwFiOCNHABNzY0wDe29nUlQ3KT-4NFmAMZ1ICYnpkUgJ3eGUEWiAvMw1Ld3gTWwV8enMXDmM
IP 108.138.212.53:0
File type ASCII text, with very long lines (450), with no line terminators
Hash 630a556d21fd392ac919bbfadec04664
9f8547292051e0cf366f95d9786b82dd611fb6fb
96ccef9484b0cca4712f225ebce16fca2a65f89b5ce4854a9748cab2328e8fee
GET /hUkpVYjMxJTsEDCYjMV8LYH9sUwJ0ICYNXSJ3PhdaMCcsKwMaIXMWSTZ3ZURfMyQyXxU3JDZfAnQrMQAOZmwhElw5dyAMVzcsPAxWNmwgAw4/JS8LXz4rcFB1Z2RlRwFiYi1TAnd5F0cBYiY8DEYqb2dSS2p8ClQHd3kXRwFiOCNHABNzY0wDe29nUlQ3KT-4NFmAMZ1ICYnpkUgJ3eGUEWiAvMw1Ld3gTWwV8enMXDmM HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 356
date: Sat, 01 Oct 2022 09:31:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: wiTOGLnSEC04aIotz_K7Q2qvluLJne-5Xf2JQKaNgdCbvOc5xhPi4w==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/JSzJzZk0oXR0Acj9bF1t6fQZCUnxtWAAJIzsPKTQifXk5EnU7FAccKXYCVQosJVVOQCglUU5XaypWEVt5bUYDCSZ2WhoKISdTGxM3LBQGB3AmXQkPISdTVlQLfhxDQ397GgtXfG4BMUN/e14aCDgzF0FWNXMELFB5bgExQ397QAVDfgoLRUh9YhdBViouUR-gJaHl0QVZ8ewJCVnxuAEMAJDlXFQk1bgA1X3tlAlUTcHo
108.138.212.53200 OK 596 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/JSzJzZk0oXR0Acj9bF1t6fQZCUnxtWAAJIzsPKTQifXk5EnU7FAccKXYCVQosJVVOQCglUU5XaypWEVt5bUYDCSZ2WhoKISdTGxM3LBQGB3AmXQkPISdTVlQLfhxDQ397GgtXfG4BMUN/e14aCDgzF0FWNXMELFB5bgExQ397QAVDfgoLRUh9YhdBViouUR-gJaHl0QVZ8ewJCVnxuAEMAJDlXFQk1bgA1X3tlAlUTcHo
IP 108.138.212.53:0
File type ASCII text, with very long lines (825), with no line terminators
Hash b0e0401cd663b4c3fb3ae99fbdf0a722
6ce97a0a21741e8f73b5a7372ba3c4224537c439
5596e48db5a7df3968d37e58548cd9d0a732bb1efd436a49a1cd87ca14e8ed0d
GET /JSzJzZk0oXR0Acj9bF1t6fQZCUnxtWAAJIzsPKTQifXk5EnU7FAccKXYCVQosJVVOQCglUU5XaypWEVt5bUYDCSZ2WhoKISdTGxM3LBQGB3AmXQkPISdTVlQLfhxDQ397GgtXfG4BMUN/e14aCDgzF0FWNXMELFB5bgExQ397QAVDfgoLRUh9YhdBViouUR-gJaHl0QVZ8ewJCVnxuAEMAJDlXFQk1bgA1X3tlAlUTcHo HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 596
date: Sat, 01 Oct 2022 09:31:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: B9jZp81Ti4CJKZL8wSA8S8O_ileXez3BtGj1NHelhNAe0tXSVWWBOQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/RaTlBSkEKVi8sfh1QJXd4XQB5fHVPUzIlLxkEFh4wAU4xPXcDYXhsNRNdfHpnBVgvLXxPXC8pfFgfIC4jVA1nPyBUVC4wKAVVIG9zLwxvemRbCWkycFgccghkWwktIy8cQWR4cREBdxV3XRxyCGRbCTM8ZFp4eHxvWRBkeHEOXCIhLkwLB3hxWAlxe3FYHH-N6JwBLJCwuERxzDHhfF3FsNFQI
108.138.212.53200 OK 184 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/RaTlBSkEKVi8sfh1QJXd4XQB5fHVPUzIlLxkEFh4wAU4xPXcDYXhsNRNdfHpnBVgvLXxPXC8pfFgfIC4jVA1nPyBUVC4wKAVVIG9zLwxvemRbCWkycFgccghkWwktIy8cQWR4cREBdxV3XRxyCGRbCTM8ZFp4eHxvWRBkeHEOXCIhLkwLB3hxWAlxe3FYHH-N6JwBLJCwuERxzDHhfF3FsNFQI
IP 108.138.212.53:0
File type ASCII text, with no line terminators
Hash 51994123cbd0f64e0e9e6856cad97d3c
9ff68584ce20c91ec4d838bc3a462b17b061e506
201b29f2727de74457b76b02bfcfb77408c19f16b31aab632edd519424ee32c6
GET /RaTlBSkEKVi8sfh1QJXd4XQB5fHVPUzIlLxkEFh4wAU4xPXcDYXhsNRNdfHpnBVgvLXxPXC8pfFgfIC4jVA1nPyBUVC4wKAVVIG9zLwxvemRbCWkycFgccghkWwktIy8cQWR4cREBdxV3XRxyCGRbCTM8ZFp4eHxvWRBkeHEOXCIhLkwLB3hxWAlxe3FYHH-N6JwBLJCwuERxzDHhfF3FsNFQI HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 184
date: Sat, 01 Oct 2022 09:31:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c26a4c21d05db121c09038b0610c812a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P3
x-amz-cf-id: GDWxp7MhSpnRVItRBksTAa88hEdq0nk4knVAOUwY4udGpG1QfpdjRA==
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/551406/bf45fdb4f306fadbd08d76fb08ee9617adecc6c5.jpg
185.76.9.19200 OK 19 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/551406/bf45fdb4f306fadbd08d76fb08ee9617adecc6c5.jpg
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash 80cdcaa5f4141c84e9d1a6e7599c03fa
87aed2c4e203dbfb0b99cbff44fb33988c2122ae
8d37699dc3e9436c6616f8290157c36f68c9602f004dd2c0303e2fb113166ede
GET /library/551406/bf45fdb4f306fadbd08d76fb08ee9617adecc6c5.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: image/jpeg
content-length: 18723
last-modified: Wed, 08 Jun 2022 05:29:20 GMT
etag: "62a033b0-4923"
expires: Fri, 30 Jun 2023 11:15:26 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688198998
server: CDN77-Turbo
x-77-nzt: AblMCQ16ymz/BF15AA
x-77-nzt-ray: Ev1eiJS3WkU
x-cache: HIT
x-age: 7953668
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
148.251.152.47200 OK 621 kB URL HTTP/2 static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 621 kB (621339 bytes)
Hash c8694e7d5d3b9a928d4d57026ac2b68b
169b9f311167e19bd5061b53fc7e4f528e3ba7a9
0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a
GET /a-ads-banners/406740/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: G/I1TQmX7iL/Usln3AvFTKEmtDWPlVs+700t+eu3ycVndmqkEXsz5AElc2JbuHgukO+1wCH1LQI=
x-amz-request-id: FKSSVK755DA0F9QS
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:17:39 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: CpzkFSVTHlSKMdhV9N03JaP1PcAFvRyH
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
fhisladyloveh.xyz/multi?cs=RGYyZHl0VQRcTnBSClFAdVULXEs&abt=0&red=1&sm=76&k=download%20file%202gbacvss%20part01&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ucp7=1664616662641&crc=1
13.226.225.29200 OK 1.5 kB URL HTTP/2 fhisladyloveh.xyz/multi?cs=RGYyZHl0VQRcTnBSClFAdVULXEs&abt=0&red=1&sm=76&k=download%20file%202gbacvss%20part01&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ucp7=1664616662641&crc=1
IP 13.226.225.29:0
File type ASCII text, with very long lines (3258), with no line terminators
Hash 9e8682bc33c1c9e31952dc4f502dc4dd
fda27822c6a272cb38322195827c6182bc4e540c
dae996cc8a544965c34f106d3202245c6e944656563edce54417dbe4034f681f
GET /multi?cs=RGYyZHl0VQRcTnBSClFAdVULXEs&abt=0&red=1&sm=76&k=download%20file%202gbacvss%20part01&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ucp7=1664616662641&crc=1 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1503
date: Sat, 01 Oct 2022 09:31:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=532fc01c-84f8-4c0a-bbc9-37bbb7e1d118
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: Adl0Q1WIm-9rsJouc4f_YP4UWj9dwFiMlxDgSeLm_N0q0Lu2YFrZ4A==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49c9481e383702626ca5f785cef0b5c4
b9edb478f361f6ed4402227a196f319b4dce4395
3204f6d27c12a24bf2b1774245be8047a49bb2b8be0a417090626cc39b195c63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3204F6D27C12A24BF2B1774245BE8047A49BB2B8BE0A417090626CC39B195C63"
Last-Modified: Thu, 29 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8934
Expires: Sat, 01 Oct 2022 12:00:00 GMT
Date: Sat, 01 Oct 2022 09:31:06 GMT
Connection: keep-alive
fhisladyloveh.xyz/utx?tid=832633&top=megaup.net&cb=R8v5bGsRZNLh
13.226.225.29204 No Content 0 B URL HTTP/2 fhisladyloveh.xyz/utx?tid=832633&top=megaup.net&cb=R8v5bGsRZNLh
IP 13.226.225.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=R8v5bGsRZNLh HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 01 Oct 2022 09:31:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 01 Oct 2022 09:32:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: ikmA2WGxBIgRFL7ZFUNwnwlYHYNEEkfy7n1WkDdDFDAhNvUV60WJ9A==
X-Firefox-Spdy: h2
tsapphires.buzz/
44.195.137.121200 OK 28 B IP 44.195.137.121:0
Hash 3eed9a2c37dea04932f128e26ad9893d
8737a95e5395b78fd1cf6ff11d8cc7962781cf83
e196c6677dcc255540a7e6a572cf068cf469158db319109eea4eb8e6bfa3956f
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6; _ga=GA1.2.509621150.1664616662; _gid=GA1.2.797468455.1664616662; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
fhisladyloveh.xyz/floater?cs=blRBRm1fYHhxXVtgeXZaW2V5c18&abt=0&red=1&sm=83&k=download%20file%202gbacvss%20part01&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Tagd=1664616662643&crc=1
13.226.225.29200 OK 6.6 kB URL HTTP/2 fhisladyloveh.xyz/floater?cs=blRBRm1fYHhxXVtgeXZaW2V5c18&abt=0&red=1&sm=83&k=download%20file%202gbacvss%20part01&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Tagd=1664616662643&crc=1
IP 13.226.225.29:0
File type ASCII text, with very long lines (10011), with no line terminators
Hash b02fbaf2019570b4c971afdbcfabd3d6
3064ffe88807ccba532cd88428f7036615596254
9a4da7f3c236ffb72eeec66e8bf563edced64b7a3ef1b5d8c599951b051e1266
GET /floater?cs=blRBRm1fYHhxXVtgeXZaW2V5c18&abt=0&red=1&sm=83&k=download%20file%202gbacvss%20part01&v=0.8.10.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=138.50415512465375&ref=https%3A%2F%2Fmegaup.net%2F1C8zW%2F2GBACVSS.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_Tagd=1664616662643&crc=1 HTTP/1.1
Host: fhisladyloveh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 6611
date: Sat, 01 Oct 2022 09:31:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=e6b0f4b6-af99-4a85-a840-fffc1845cc5f
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc54b4b1501bd18543cf9685cb010c30.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX50-C2
x-amz-cf-id: ud1vOTcKEfAJEMVhJORhH1bMmEPV2pD9nH_L5MqG7DtE4xAK8OKObA==
X-Firefox-Spdy: h2
tsapphires.buzz/UEFHNXULY38GR2ZydBdZcmNrFxNkJX4ARDUlagZFYHhqAU1nJ2oNE2Z0ag1EMngmAkI1cHJWE3JtZQJMNnkmBkYxbHcAQzJscwZNYmwlVBZnbH8GTGIkdQ1DMiImAVd8YzRCV3xjM0YUIDEvXAc1MmlXACo7ZRlXYXFpAFd8JyZZBjVtIVQZIyRrUxQ8MiJo
44.195.137.121200 OK 14 kB URL HTTP/2 tsapphires.buzz/UEFHNXULY38GR2ZydBdZcmNrFxNkJX4ARDUlagZFYHhqAU1nJ2oNE2Z0ag1EMngmAkI1cHJWE3JtZQJMNnkmBkYxbHcAQzJscwZNYmwlVBZnbH8GTGIkdQ1DMiImAVd8YzRCV3xjM0YUIDEvXAc1MmlXACo7ZRlXYXFpAFd8JyZZBjVtIVQZIyRrUxQ8MiJo
IP 44.195.137.121:0
Hash c1de9f9a98fa883272d3253402e1174f
55a9730a2e0765ac6e79be171522a9e9fb550d9d
e5032fca647ded233be8018b4173a0e16518399b14f9eb3772e25bef488f980f
GET /UEFHNXULY38GR2ZydBdZcmNrFxNkJX4ARDUlagZFYHhqAU1nJ2oNE2Z0ag1EMngmAkI1cHJWE3JtZQJMNnkmBkYxbHcAQzJscwZNYmwlVBZnbH8GTGIkdQ1DMiImAVd8YzRCV3xjM0YUIDEvXAc1MmlXACo7ZRlXYXFpAFd8JyZZBjVtIVQZIyRrUxQ8MiJo HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 32b651e6de40627b0eb20677abf5f690=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-BCLVL5hilI925UIgTy/gHaiiHM8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Sat, 01 Oct 2022 10:08:48 GMT
Date: Sat, 01 Oct 2022 09:31:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Sat, 01 Oct 2022 10:08:48 GMT
Date: Sat, 01 Oct 2022 09:31:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Sat, 01 Oct 2022 10:08:48 GMT
Date: Sat, 01 Oct 2022 09:31:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4be456dbe857580c7b4c7fca3936e04e
49798c4a15545a49f3870b2a16af78dbf8e168cc
23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wh9cCXRRlyQy8kXzSCNzMQSmac9iwgkRBrgyTtaMr6m2vXPRxVogg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:55:26 GMT
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
content-type: image/jpeg
age: 41740
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13768189ef98789892981b6a2d5947e4
556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689
09ca5624173c589b5e5db05b48a8822ec257f08395cb18ed635a771edcfc8af3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5677
x-amzn-requestid: f37f77cd-dd19-4dec-809e-66a1fb604d88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASGLHDsIAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd5a-185f9b185ed35f7317b5c2d5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:03:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iB6v8A5GEnhmZTth__pkgsa2TNPDzUOOAA-c7RcujjWmfnEUbnHaAw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 02:26:53 GMT
age: 25453
etag: "556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pt23XcORl063B99HGVhjQwBrS36T7GBIAQO7StLrEH8PKIc4edxQwQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:55 GMT
age: 41891
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 110 kB IP 172.64.173.27:0
Size 110 kB (110491 bytes)
Hash c44e75abca7b5643e03cf6a1aefd3be5
a546f6aeb474b7ec22efebfa1e2225cdf94a3e6b
fe46205eecdf001e1e3295b5603743607349f38be4dced2602eebedc1defa5f1
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2161
last-modified: Sat, 01 Oct 2022 08:55:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQUkIDd%2FSD%2BjLEJUa%2BggeJg%2BnuQH9c4kvIl%2BRRvvnqanJc5WWi0SJObmmpcsrC7KZIFOLdnby%2Fz0UrpBZErsmd%2FyheuBEjpYxNHaLMgYUbWF2fLZ9nyZ8Uj%2FXE%2BsQLVE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75342ef248630716-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 109 kB IP 172.64.173.27:0
Size 109 kB (108715 bytes)
Hash 9f04ddd660bd3aebbea547f11b5369a7
a6db81c4ebff0c20902b274bf528013cc4691214
880529a4ef8a8a57773e949e86e50691f1ece54374d0429541f1951bd9be4473
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2161
last-modified: Sat, 01 Oct 2022 08:55:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4kxIMjf1g42ps9UvI94N1xAnfTqhZFNP5P%2BUsa9ONvKjGz84%2BT6LQ1fPPRS2M4VSHPL5A%2FWBENg4DJyOG3mDcWSFCFmJKzW1ZFt8FAMZYyYBOjRlD3HoSkJgk5HnCXS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75342ef248610716-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa789a3f6f7737f79d81cf0272d0e029
1de4a8e80053d98677350d7f01c9231d2d50e073
f5205ab8f8306a7822ed3d336649fb09738628fea1a92626e4e557f2d8c6d8e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9716
x-amzn-requestid: 0b0313c3-739d-473e-a103-876770cb34d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo02ElyoAMF4wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb52-48ec21e8776bd6cb1d2b0f2f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PxYLSY-_PG8AgeAv1-LNj5d_7fIOEBSLA6HledS_RLR-j4IRkJC8Ew==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 05:13:25 GMT
age: 15461
etag: "1de4a8e80053d98677350d7f01c9231d2d50e073"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tsapphires.buzz/
44.195.137.121200 OK 0 B IP 44.195.137.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 361
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tsapphires.buzz/
44.195.137.121200 OK 0 B IP 44.195.137.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tsapphires.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2f7b4ee2e38889b89193a93851cb79c7
73bf86be268a4dde44f91b499e89d94939daa6ba
e5bd035cf5a76f7116b4b01301658e4bb4c807d585fa8262ea8a53d918e4dcf9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5BD035CF5A76F7116B4B01301658E4BB4C807D585FA8262EA8A53D918E4DCF9"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Sat, 01 Oct 2022 13:23:47 GMT
Date: Sat, 01 Oct 2022 09:31:09 GMT
Connection: keep-alive
stunningruin.com/winnotice?sid=H4sIAAAAAAAC%2F1RTzWskxRuu%2Bf1yWbyorAdhhfGmIJPuyaSnx0WCMRsJZjfLrouelOqq7slreqqaqq7pSU5BQfYkIx78OHWefKGusv4BrtJZ8BAQMreI5u5JUdizzBgz%2BkLzfjzv4en3eer9HXfGPDh%2BunRdb1Ga8tn5hld%2F7k3fv1pfJeUG9UEYvB20rtZN%2F8VO0PCer78aiw092%2FR8z%2FM9v75MJk70YHYMgrJ7Hb%2FR8RqtZsOfb2FgSlhXg%2BU1yP4ZexIkRzMPa5dBooLq3V%2BK7Uausxeu9VzKc23Ql4d31IbShUJvWiamhkQdnm9D25PlB9Bqf0IRun%2BxGNGI1X54gEgdnhND1N%2BbcItSxAqRfAxFv0KcViBeQej3QPKEAULixhpU7%2BCGNgXf%2FBvlY3TEZh79CSpGbOaXy1C9rxdTGtRv69TlpJXFIClBgwrUrZC5I%2BRbDFQcQeTvguSPbPbRKlRvb82mGiTLyb8TVaCkQhoPwS2DG3%2FE4JIaXFZDT57Whe%2F7bU8K7oUdIeZkO44C6fm8nfjc94IQTozpDZFnQ4h0CGG2kZltbNAQxn0AshUcL0FZicwehM35ju8jFscLv346js%2FA6bTO2625IG5587IdyKA1H0TtMExaImkKP%2FEFR0THCwvu8et3nllHSgwxP%2F7udzYJWFVCuXJXGSph4mN2HrtG5scLF1vrJaxksDlDX5YoYobCMhScoSCGImco%2BuW%2BTG3TlgcytS7yz3PzPM%2BVuzrvlvs678aK7WRn7ImJNn%2BIt7ARn9YTTzTDpNOaa4atTicKZas9F4SBFL4M41YoYemfC5D9H7itYYtG7Kmff0M2do38CBE%2Fgk2PIOhZcHcFvCjB10tsqRJS37e5U4pU1zhSDaF7yPJLyDdrO%2BkZe3rCJfjk7n%2FOK0yJzJR4hx4ydNO7u7d0wfZu6cKyb9aynHq0xcceup3zPP7%2FF6%2FFm4U2cmXJDj9%2FWYyBcXnv9djmq1xJUl3LvlwkKWOzrI2I2bcr9o04uuns%2BqIzymWrN19ZXullJraWtKrA6eTaxxA0Ypc%2B%2FGnyOK589RLIVDCuRM9dyAXSFUS2DZtNZ1YzmHTaRxlD4cpd04ymw7Eh0qnu4FEJ%2B68%2BmtY79ntYKpFb9hcAAAD%2F%2FwEAAP%2F%2FOMJ9KnkEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664616666&pid=91283&sub2=icon&auid=a7436e405d76d6456b788f4cf2c1f1ca&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
213.174.151.98307 Temporary Redirect 0 B URL HTTP/1.1 stunningruin.com/winnotice?sid=H4sIAAAAAAAC%2F1RTzWskxRuu%2Bf1yWbyorAdhhfGmIJPuyaSnx0WCMRsJZjfLrouelOqq7slreqqaqq7pSU5BQfYkIx78OHWefKGusv4BrtJZ8BAQMreI5u5JUdizzBgz%2BkLzfjzv4en3eer9HXfGPDh%2BunRdb1Ga8tn5hld%2F7k3fv1pfJeUG9UEYvB20rtZN%2F8VO0PCer78aiw092%2FR8z%2FM9v75MJk70YHYMgrJ7Hb%2FR8RqtZsOfb2FgSlhXg%2BU1yP4ZexIkRzMPa5dBooLq3V%2BK7Uausxeu9VzKc23Ql4d31IbShUJvWiamhkQdnm9D25PlB9Bqf0IRun%2BxGNGI1X54gEgdnhND1N%2BbcItSxAqRfAxFv0KcViBeQej3QPKEAULixhpU7%2BCGNgXf%2FBvlY3TEZh79CSpGbOaXy1C9rxdTGtRv69TlpJXFIClBgwrUrZC5I%2BRbDFQcQeTvguSPbPbRKlRvb82mGiTLyb8TVaCkQhoPwS2DG3%2FE4JIaXFZDT57Whe%2F7bU8K7oUdIeZkO44C6fm8nfjc94IQTozpDZFnQ4h0CGG2kZltbNAQxn0AshUcL0FZicwehM35ju8jFscLv346js%2FA6bTO2625IG5587IdyKA1H0TtMExaImkKP%2FEFR0THCwvu8et3nllHSgwxP%2F7udzYJWFVCuXJXGSph4mN2HrtG5scLF1vrJaxksDlDX5YoYobCMhScoSCGImco%2BuW%2BTG3TlgcytS7yz3PzPM%2BVuzrvlvs678aK7WRn7ImJNn%2BIt7ARn9YTTzTDpNOaa4atTicKZas9F4SBFL4M41YoYemfC5D9H7itYYtG7Kmff0M2do38CBE%2Fgk2PIOhZcHcFvCjB10tsqRJS37e5U4pU1zhSDaF7yPJLyDdrO%2BkZe3rCJfjk7n%2FOK0yJzJR4hx4ydNO7u7d0wfZu6cKyb9aynHq0xcceup3zPP7%2FF6%2FFm4U2cmXJDj9%2FWYyBcXnv9djmq1xJUl3LvlwkKWOzrI2I2bcr9o04uuns%2BqIzymWrN19ZXullJraWtKrA6eTaxxA0Ypc%2B%2FGnyOK589RLIVDCuRM9dyAXSFUS2DZtNZ1YzmHTaRxlD4cpd04ymw7Eh0qnu4FEJ%2B68%2BmtY79ntYKpFb9hcAAAD%2F%2FwEAAP%2F%2FOMJ9KnkEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664616666&pid=91283&sub2=icon&auid=a7436e405d76d6456b788f4cf2c1f1ca&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 213.174.151.98:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTzWskxRuu%2Bf1yWbyorAdhhfGmIJPuyaSnx0WCMRsJZjfLrouelOqq7slreqqaqq7pSU5BQfYkIx78OHWefKGusv4BrtJZ8BAQMreI5u5JUdizzBgz%2BkLzfjzv4en3eer9HXfGPDh%2BunRdb1Ga8tn5hld%2F7k3fv1pfJeUG9UEYvB20rtZN%2F8VO0PCer78aiw092%2FR8z%2FM9v75MJk70YHYMgrJ7Hb%2FR8RqtZsOfb2FgSlhXg%2BU1yP4ZexIkRzMPa5dBooLq3V%2BK7Uausxeu9VzKc23Ql4d31IbShUJvWiamhkQdnm9D25PlB9Bqf0IRun%2BxGNGI1X54gEgdnhND1N%2BbcItSxAqRfAxFv0KcViBeQej3QPKEAULixhpU7%2BCGNgXf%2FBvlY3TEZh79CSpGbOaXy1C9rxdTGtRv69TlpJXFIClBgwrUrZC5I%2BRbDFQcQeTvguSPbPbRKlRvb82mGiTLyb8TVaCkQhoPwS2DG3%2FE4JIaXFZDT57Whe%2F7bU8K7oUdIeZkO44C6fm8nfjc94IQTozpDZFnQ4h0CGG2kZltbNAQxn0AshUcL0FZicwehM35ju8jFscLv346js%2FA6bTO2625IG5587IdyKA1H0TtMExaImkKP%2FEFR0THCwvu8et3nllHSgwxP%2F7udzYJWFVCuXJXGSph4mN2HrtG5scLF1vrJaxksDlDX5YoYobCMhScoSCGImco%2BuW%2BTG3TlgcytS7yz3PzPM%2BVuzrvlvs678aK7WRn7ImJNn%2BIt7ARn9YTTzTDpNOaa4atTicKZas9F4SBFL4M41YoYemfC5D9H7itYYtG7Kmff0M2do38CBE%2Fgk2PIOhZcHcFvCjB10tsqRJS37e5U4pU1zhSDaF7yPJLyDdrO%2BkZe3rCJfjk7n%2FOK0yJzJR4hx4ydNO7u7d0wfZu6cKyb9aynHq0xcceup3zPP7%2FF6%2FFm4U2cmXJDj9%2FWYyBcXnv9djmq1xJUl3LvlwkKWOzrI2I2bcr9o04uuns%2BqIzymWrN19ZXullJraWtKrA6eTaxxA0Ypc%2B%2FGnyOK589RLIVDCuRM9dyAXSFUS2DZtNZ1YzmHTaRxlD4cpd04ymw7Eh0qnu4FEJ%2B68%2BmtY79ntYKpFb9hcAAAD%2F%2FwEAAP%2F%2FOMJ9KnkEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1664616666&pid=91283&sub2=icon&auid=a7436e405d76d6456b788f4cf2c1f1ca&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: stunningruin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sat, 01 Oct 2022 09:31:09 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d721e775677230a449b73f28f7a4a4ab
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab57c388b9a191ad382f6cc4772f3d4c
37c632b7fbe7c4019afdacc3af1d14ebc81d2edb
580db6b0d7fdf10a9b718ee65dc5b59749d358719fec8530820425c0fc4833cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "580DB6B0D7FDF10A9B718EE65DC5B59749D358719FEC8530820425C0FC4833CF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4348
Expires: Sat, 01 Oct 2022 10:43:37 GMT
Date: Sat, 01 Oct 2022 09:31:09 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:09 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Mon, 03 Oct 2022 09:31:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6; _ga=GA1.2.509621150.1664616662; _gid=GA1.2.797468455.1664616662; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:11 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 585c6840fbfed78f8656ea2c53d2f454
cacc34bbdc6125bb38fc99ac2c13aecf84d62e1c
c1eb11676be96864e255fc4d2b78757621f1ef94cb12e59a7c7f67c4c586b500
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1EB11676BE96864E255FC4D2B78757621F1EF94CB12E59A7C7F67C4C586B500"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10204
Expires: Sat, 01 Oct 2022 12:21:16 GMT
Date: Sat, 01 Oct 2022 09:31:12 GMT
Connection: keep-alive
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 2.4 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
Hash 6f0d111d0f9e75f9f9f773bc3bf1f0f3
a2761351789844f858fdf669dedc31d34748548d
ae3c85aa769271be277999c186d580d2f578facfb7f7b478483aa687a79c1182
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a50c925461879f9bbf83ef007760726b
a2815054da2e7605894af6750186bc51fb29a260
c75d734fcca7aa5c95bc7e241eab6b338f75e5c9040611cba66b95b0350f7a93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75D734FCCA7AA5C95BC7E241EAB6B338F75E5C9040611CBA66B95B0350F7A93"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15795
Expires: Sat, 01 Oct 2022 13:54:27 GMT
Date: Sat, 01 Oct 2022 09:31:12 GMT
Connection: keep-alive
img.vmmcdn.com/get/93448084/158562_icon.png
138.201.51.142200 OK 62 kB URL HTTP/1.1 img.vmmcdn.com/get/93448084/158562_icon.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash fa329d162f1e5309b7539b385dcf0dec
96df011e708591c346dfc3c9412d84312a0ee080
65d24b49c18c0ac609e510698b314dd477eceeae57edc362a5eb119a5e64da44
GET /get/93448084/158562_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 01 Oct 2022 09:31:12 GMT
Content-Type: image/png
Content-Length: 61612
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 14:32:00 GMT
Cache-Control: public, max-age=604800
ETag: "6331b7e0-f0ac"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/QTU1eFU6F0YPCjRHWVpvY11BDCUyDxpXOCRSVA0lb1tQDHoyQhsSJmMZFws4JxcPSXljQVQfCihRF0J3eQYHTmZyFxlaJjRXahExcxcPWjN1UQxNZCRRGEtlcQwYTG12UxhAM3cAGEBkIwxUT2IkBAAbM2NI
44.195.137.121200 OK 0 B URL HTTP/2 societingna.info/QTU1eFU6F0YPCjRHWVpvY11BDCUyDxpXOCRSVA0lb1tQDHoyQhsSJmMZFws4JxcPSXljQVQfCihRF0J3eQYHTmZyFxlaJjRXahExcxcPWjN1UQxNZCRRGEtlcQwYTG12UxhAM3cAGEBkIwxUT2IkBAAbM2NI
IP 44.195.137.121:0
Analyzer Verdict Alert fortinet Malware
GET /QTU1eFU6F0YPCjRHWVpvY11BDCUyDxpXOCRSVA0lb1tQDHoyQhsSJmMZFws4JxcPSXljQVQfCihRF0J3eQYHTmZyFxlaJjRXahExcxcPWjN1UQxNZCRRGEtlcQwYTG12UxhAM3cAGEBkIwxUT2IkBAAbM2NI HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 395d4848cfae8babc8991730e8bb32f9=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fa-ywadVpEqDP8SIntll0OCrpJFH+s"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2161
last-modified: Sat, 01 Oct 2022 08:55:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5T0raLNVZGKzaKRp0stf288JdaR%2B5w%2BHSIqNCykG1kKEbZrzrmRXZS9QoNqIrHkDK4cjSU03oUraT4PtvSC9hzEVjgUkg6rxYeEw4XH5vo9j%2FJNNadAJiG5ovz1fFRU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75342ef228460716-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?d09ENUosbXwGeEF8dxdmVW1oFyxDK30AexIraQZ6R3ZpAXJAKWkNLEF6aQ17FXYlAn0SfnFWLFVjZgJzEXclBnkWYnQAfBVicAZyRWImVClAYnwGc0Uqdg18FSwlAWhbbTdCaFttMEYrBz8sXDgSPGpXPw01ZhloRn9qAGhbKSVZORJjIlQmBCpoUysbPCFo
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?d09ENUosbXwGeEF8dxdmVW1oFyxDK30AexIraQZ6R3ZpAXJAKWkNLEF6aQ17FXYlAn0SfnFWLFVjZgJzEXclBnkWYnQAfBVicAZyRWImVClAYnwGc0Uqdg18FSwlAWhbbTdCaFttMEYrBz8sXDgSPGpXPw01ZhloRn9qAGhbKSVZORJjIlQmBCpoUysbPCFo
IP 91.209.70.182:0
GET /sw.js?d09ENUosbXwGeEF8dxdmVW1oFyxDK30AexIraQZ6R3ZpAXJAKWkNLEF6aQ17FXYlAn0SfnFWLFVjZgJzEXclBnkWYnQAfBVicAZyRWImVClAYnwGc0Uqdg18FSwlAWhbbTdCaFttMEYrBz8sXDgSPGpXPw01ZhloRn9qAGhbKSVZORJjIlQmBCpoUysbPCFo HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6; _ga=GA1.2.509621150.1664616662; _gid=GA1.2.797468455.1664616662; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
148.251.152.47200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2161
last-modified: Sat, 01 Oct 2022 08:55:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrfRHRtIERkhRoBwri0tOeCE9CBFy5cTlTdzwpL%2BnegrKl7IA4yAViqX72EuSm7a4wUyzlMYniX3vlfPRwIky72JMpbRD8xMpxCtlZ%2FvMfLq%2FoZl%2F9zUwfR5CYX6EhyF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75342ef2385d0716-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:31:06 GMT
content-type: text/plain
set-cookie: csu=564436281042221@1@1664616666; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVcIA8HB87nqPQZy7wWvj4qbM5fwXHMHExhvskJP%2BirvcD1rmORuCU%2FeJLf5S06HjQriFdIEmmLpObA1YBNwzQGJzLhUf2oHabBdbCiWHwPu8ntmP1FLcCCcbZUF0puk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75342ef248670716-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: kORWp/rdkXAuK1a5jkCDB67pawXbuvyQEVURY3kHORtSECBEEUGsQN3i6e0hsaK3TlPrmQal4XRt3FMbXPfWAQ==
date: Sat, 01 Oct 2022 09:31:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1C8zW/2GBACVSS.part01.rar
Connection: keep-alive
Cookie: filehosting=c9l8kp4pplbvk6nc5hl57pekc6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:31:04 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2