ocsp.sectigo.com/
172.64.149.23 472 B IP 172.64.149.23:0
Hash 0a2f43e93cf883b91df6dc04f5ba8546
13782aa4f7a1fb8f37b2a5af19cbb52d1e0d020e
e09015682080c52e1febcf4c7bd8c1cd64a8d7819c28d41d5d49c59a846bb73f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Oct 2023 14:18:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Oct 2023 08:58:27 GMT
Expires: Fri, 03 Nov 2023 08:58:26 GMT
Etag: "13782aa4f7a1fb8f37b2a5af19cbb52d1e0d020e"
Cache-Control: max-age=326557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81e449ab7a3756b7-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL GET HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL GET HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.225200 OK 191 kB URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.225:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 191 kB (190732 bytes)
Hash 530f3ffdc07db47cd2454dca099a1e94
f37640a4c6cde624b16e528c3aeda6959e2e1989
58839b5125b53345cb4ffa06964b779e19ee3a414b2bcc6e65682e9054c39ed1
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 190732
date: Mon, 30 Oct 2023 14:18:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sza7M2i74U8iVo5XSu9wRna1iuwQVMNGmKeqYnJa5ZiiOZTLMosVYQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8222116a5f4d06ceceea23e3a05970b3
31c5a955ca74e5e8b66ace273e2e3145db50d7a1
9060188f820e9d9a7007a754083bd2dc799fd6f62b9ccf427f6e62ef6463f288
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Oct 2023 14:18:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
altowriestwispy.com/tysaSHG1FMaM/18410
142.91.159.76200 OK 25 B URL GET HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 142.91.159.76:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectaltowriestwispy.com
Fingerprint43:FB:C5:7B:E2:D4:10:C2:17:45:A5:F5:B6:C8:C2:0B:E8:18:60:1B
ValidityWed, 18 Oct 2023 23:46:05 GMT - Tue, 16 Jan 2024 23:46:04 GMT
File type ASCII text, with no line terminators
Hash f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Oct 2023 14:18:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Tue, 31-Oct-2023 14:18:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Tue, 31-Oct-2023 14:18:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.40200 OK 69 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.40:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT
File type ASCII text, with very long lines (4179)
Hash 2bfabb203f83d66219562ed8c48c1dd2
234b7d4465b5459e335a05a5d23145bef2e06edb
f0a05ab851ee08c843d11d7fc53dce1c8e0053d7d65f4da60bbfcc3aa5190056
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Oct 2023 14:18:30 GMT
expires: Mon, 30 Oct 2023 14:18:30 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Oct 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.91200 OK 26 B URL GET HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.91:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectkeydawnawe.com
Fingerprint43:3B:CC:30:BE:12:DE:B2:32:60:E6:65:37:A6:78:4D:40:DB:14:C4
ValidityTue, 29 Aug 2023 23:04:55 GMT - Mon, 27 Nov 2023 23:04:54 GMT
File type ASCII text, with no line terminators
Hash 4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Oct 2023 14:18:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Tue, 31-Oct-2023 14:18:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Tue, 31-Oct-2023 14:18:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 20 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Hash 26bfa8a47d74b90e1fc4632710026e85
2993c7f968fb5e5be8d256d5c7271fe64c87326d
69c6352bd7a8de550563a81b40dab2234fa30ff0ae9e90a8b5c896dea033ca3b
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:30 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
asyetaprovinc.org/a01Ta0NEcjAYfj8KFR0QPAt2WQU+ISteFQV4CjxwXhg1PSsIK2IqZR8kN1Z0XXxiU3VNPToPflprIB8iHzggVnJNJD0NLFZrJVZyRX5nRXBfY2NNNlZ8dR8zCipuWmUbOScHflp7alN1XHhmWnJddGI
104.21.49.130204 No Content 0 B URL GET HTTP/2 asyetaprovinc.org/a01Ta0NEcjAYfj8KFR0QPAt2WQU+ISteFQV4CjxwXhg1PSsIK2IqZR8kN1Z0XXxiU3VNPToPflprIB8iHzggVnJNJD0NLFZrJVZyRX5nRXBfY2NNNlZ8dR8zCipuWmUbOScHflp7alN1XHhmWnJddGI
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a01Ta0NEcjAYfj8KFR0QPAt2WQU+ISteFQV4CjxwXhg1PSsIK2IqZR8kN1Z0XXxiU3VNPToPflprIB8iHzggVnJNJD0NLFZrJVZyRX5nRXBfY2NNNlZ8dR8zCipuWmUbOScHflp7alN1XHhmWnJddGI HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:30 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzTe1sNSeGH3jfG8jI%2FyTvAJgssd5AzJHzt2dvU2D7%2Fb0Qj25uifS9pWeyCRmq00zZ3KWNafg5Jl9JA5tAD4s1g4TcwjwsJNDPgtjuAbTW90AlfsvDQfYlv2p1JDTT%2FE2OfSdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b70ab7b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
asyetaprovinc.org/eEt0YkFXdBcRfC8PF1IgIDscIxBJGiVQBDcJIlMPGTwhIRZIPFIWKBx2TFB0QXpFRDERL0lRc144AAM1DThJUHFIfFILLx4kSVBnDnZETHhWeVpXZw12RUQ1CCoTX3BeOwAWLUV6Qlt5TnxBV3BJfEdS
104.21.49.130204 No Content 0 B URL GET HTTP/2 asyetaprovinc.org/eEt0YkFXdBcRfC8PF1IgIDscIxBJGiVQBDcJIlMPGTwhIRZIPFIWKBx2TFB0QXpFRDERL0lRc144AAM1DThJUHFIfFILLx4kSVBnDnZETHhWeVpXZw12RUQ1CCoTX3BeOwAWLUV6Qlt5TnxBV3BJfEdS
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eEt0YkFXdBcRfC8PF1IgIDscIxBJGiVQBDcJIlMPGTwhIRZIPFIWKBx2TFB0QXpFRDERL0lRc144AAM1DThJUHFIfFILLx4kSVBnDnZETHhWeVpXZw12RUQ1CCoTX3BeOwAWLUV6Qlt5TnxBV3BJfEdS HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKzy6xvoDzWGApWOFSzsxJdOKNAN6wCj9sXGBBtF%2BePfRSc9iSXkjbtSeBBf7iEPYqonuWiOLw4U%2B4G6I1y%2F4Rbw4JtemPz8y1t2VMcRYO9stSfNhMakjn96yFRSF00MKVSLpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b75af8b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
asyetaprovinc.org/ZTBCR1lKDyE0ZD91LgQLMAkmIWoRCCYraBJTcQFtMwM2dz1WW2QzMAENenVsXAFzYSkMVH90a0NDNiYtEEN/dn8MXiQoZENGf3d3XB5waWxDRX92fxFAIyBkVBYyMy0JDXNxYF0GdXJsVAF1dW4
104.21.49.130204 No Content 0 B URL GET HTTP/2 asyetaprovinc.org/ZTBCR1lKDyE0ZD91LgQLMAkmIWoRCCYraBJTcQFtMwM2dz1WW2QzMAENenVsXAFzYSkMVH90a0NDNiYtEEN/dn8MXiQoZENGf3d3XB5waWxDRX92fxFAIyBkVBYyMy0JDXNxYF0GdXJsVAF1dW4
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZTBCR1lKDyE0ZD91LgQLMAkmIWoRCCYraBJTcQFtMwM2dz1WW2QzMAENenVsXAFzYSkMVH90a0NDNiYtEEN/dn8MXiQoZENGf3d3XB5waWxDRX92fxFAIyBkVBYyMy0JDXNxYF0GdXJsVAF1dW4 HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNmsZ5E19T6ywtgKKutKYjI2x7DZpeFHXg2sxM8AAfT1DsJTnV9Axv1IPDrQ0EOP0FoBKStD1U6ZnMwW%2F%2BNtDZLPFE5AVh6eoZF6%2BLyJc%2BFIDGas5YmvxHiqQNP%2FJHYJgG5Qgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b75af7b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ageandinone.org/eTVibWcYVwEAWBgIAEsSC1lfSFU/EFArAxRYGAYBHQ1QGgYAW0wOCxZABgsVFlsWQwkcQUdfIQFvDDskKFs3KyAQQgk+DzBWKANeN2A3Ix8aBVMsLwNwFiofI3wjXgQAdxpdFzgFBjshPmRQKRAzfAEANiN3Gh4LHwQvKSAAc0dfIStwIzgtEHcrOAs0By8FCDdmISwVMWQjKy0tUjcsJUxeLBU1G3IhXVMxdA03LktRKiQiO0YBASUsZzUCUStzBjwEKHczOyIsQCkVFC1xNQkQK2dXIwM7BCY4CztNIyslLGc2LFcsczddBEp/Lz4iL0c4XQMucAtABBF9BQE2GnQwJTESZxsODCtiMCoDDmczLAQ0dgE5JCgEDA4jN20wJSkKZzcsJh8GL0sNCloMHVo4ACUMDxJ0UF4G
52.85.242.120200 OK 1.2 kB URL GET HTTP/2 ageandinone.org/eTVibWcYVwEAWBgIAEsSC1lfSFU/EFArAxRYGAYBHQ1QGgYAW0wOCxZABgsVFlsWQwkcQUdfIQFvDDskKFs3KyAQQgk+DzBWKANeN2A3Ix8aBVMsLwNwFiofI3wjXgQAdxpdFzgFBjshPmRQKRAzfAEANiN3Gh4LHwQvKSAAc0dfIStwIzgtEHcrOAs0By8FCDdmISwVMWQjKy0tUjcsJUxeLBU1G3IhXVMxdA03LktRKiQiO0YBASUsZzUCUStzBjwEKHczOyIsQCkVFC1xNQkQK2dXIwM7BCY4CztNIyslLGc2LFcsczddBEp/Lz4iL0c4XQMucAtABBF9BQE2GnQwJTESZxsODCtiMCoDDmczLAQ0dgE5JCgEDA4jN20wJSkKZzcsJh8GL0sNCloMHVo4ACUMDxJ0UF4G
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators
Hash e52d9902b1c69087336ad96be19e58b2
e134741a68f4683ae28dba4b7eea86745df72f79
c969d9715b18c75db569d3e8fe2867b4b5dc9f1534049a7d8c3a1b6f0466d3bd
GET /eTVibWcYVwEAWBgIAEsSC1lfSFU/EFArAxRYGAYBHQ1QGgYAW0wOCxZABgsVFlsWQwkcQUdfIQFvDDskKFs3KyAQQgk+DzBWKANeN2A3Ix8aBVMsLwNwFiofI3wjXgQAdxpdFzgFBjshPmRQKRAzfAEANiN3Gh4LHwQvKSAAc0dfIStwIzgtEHcrOAs0By8FCDdmISwVMWQjKy0tUjcsJUxeLBU1G3IhXVMxdA03LktRKiQiO0YBASUsZzUCUStzBjwEKHczOyIsQCkVFC1xNQkQK2dXIwM7BCY4CztNIyslLGc2LFcsczddBEp/Lz4iL0c4XQMucAtABBF9BQE2GnQwJTESZxsODCtiMCoDDmczLAQ0dgE5JCgEDA4jN20wJSkKZzcsJh8GL0sNCloMHVo4ACUMDxJ0UF4G HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1167
date: Mon, 30 Oct 2023 14:18:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: iTu5Jbi07iOylq9zilgepeI3J2pnpyeJgbOtzRo2VyQvXl-QlN3rmQ==
X-Firefox-Spdy: h2
ageandinone.org/bjBGS3kPUiUmRg8NJG0MHFx7bksoFXQNHQNdPCAfCgh0PBgXXmgoFQFFIi0LAV4yZRcLRGN5P1x9KicJI1wiGTcJVBMqPDdHAhpACXIBIyAtXQMeNBZAIgQsJFsJIBomYXR+GzhiLi86KEQoEiweFXQNMTtXPA9LAmAeISMNYCoaLCNcMX0vL34+HgNefAJ5NDt8FCcdPnF+fDgoXz4aE1pkEzE/NFY+My0PXH55PF9DcRMTBn0HCTwmVHcgITRhDDM8P34rDUsBQgB5LC1+FwkaJ1s2cy4ZeTAIFFYCBAw0NlEvOCE0YQ85MRZULShLBmoFeBItUwNmDi9qdx5BLVwtfz9cQzAKPg10Jx0SKmoxBUE5Rw8zLhdDCx09BnsgDQ1eaiEFFjxHDDMrXGIfbRMdXyg7RD1FFjpOXFcJJChcZXAz
52.85.242.120200 OK 1.2 kB URL GET HTTP/2 ageandinone.org/bjBGS3kPUiUmRg8NJG0MHFx7bksoFXQNHQNdPCAfCgh0PBgXXmgoFQFFIi0LAV4yZRcLRGN5P1x9KicJI1wiGTcJVBMqPDdHAhpACXIBIyAtXQMeNBZAIgQsJFsJIBomYXR+GzhiLi86KEQoEiweFXQNMTtXPA9LAmAeISMNYCoaLCNcMX0vL34+HgNefAJ5NDt8FCcdPnF+fDgoXz4aE1pkEzE/NFY+My0PXH55PF9DcRMTBn0HCTwmVHcgITRhDDM8P34rDUsBQgB5LC1+FwkaJ1s2cy4ZeTAIFFYCBAw0NlEvOCE0YQ85MRZULShLBmoFeBItUwNmDi9qdx5BLVwtfz9cQzAKPg10Jx0SKmoxBUE5Rw8zLhdDCx09BnsgDQ1eaiEFFjxHDDMrXGIfbRMdXyg7RD1FFjpOXFcJJChcZXAz
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 762640d7ea285d9f4c68b913dfb52821
1c8cd6839d7d1fae6ab2488482b4f4c23f21af11
ba87901c1c657329c5cdbdf60935d566c6a3bf13b29806fd02bd16b2fe1b561b
GET /bjBGS3kPUiUmRg8NJG0MHFx7bksoFXQNHQNdPCAfCgh0PBgXXmgoFQFFIi0LAV4yZRcLRGN5P1x9KicJI1wiGTcJVBMqPDdHAhpACXIBIyAtXQMeNBZAIgQsJFsJIBomYXR+GzhiLi86KEQoEiweFXQNMTtXPA9LAmAeISMNYCoaLCNcMX0vL34+HgNefAJ5NDt8FCcdPnF+fDgoXz4aE1pkEzE/NFY+My0PXH55PF9DcRMTBn0HCTwmVHcgITRhDDM8P34rDUsBQgB5LC1+FwkaJ1s2cy4ZeTAIFFYCBAw0NlEvOCE0YQ85MRZULShLBmoFeBItUwNmDi9qdx5BLVwtfz9cQzAKPg10Jx0SKmoxBUE5Rw8zLhdDCx09BnsgDQ1eaiEFFjxHDDMrXGIfbRMdXyg7RD1FFjpOXFcJJChcZXAz HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Mon, 30 Oct 2023 14:18:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: DliPTo1BvsQRE4VTTJsMA74OFbaJqlqmv8s5v6v9MAFk3IyeQBikeA==
X-Firefox-Spdy: h2
ageandinone.org/NDJ3WXpVUBQ0RVUPFX8PRl5KfEhyF0UfHllfDTIcUApFLhtNXFk6FltHEz8IW1wDdxRRRlJrPAJlGRtKYWdPbDJMXUQ6OQBoMh4CB1MyDzRtekJhPVNRUms4fWEHFz5cWUAQP3lkNQoNUHwyEDZ9cU9uL11nRgkRBXcTIDcDeh8XCVVmTzw8BkpSazhScDIINwd4Ag8ddVo+HTx6cyNhCGRKLj0qTV1SazhiVTIuGV5RER0QU1g5MTxmawA1DGxZJWkcY0IuHT12F0UbHAR/RT0yBUM/G0oRADEWE35kJTQ/B2scAAhuAQN8SHJjDQNKUmUYGjtaYE8eSnJ3Fh48RWUhdDxeVA1pLHJIGD4cBHsOAEkNQCYcKFNURS0sZl8yKTdDeyUXA3VbIQwjbFQaLThjXzEpNgQDMX8QR10ZKUdOegMjSVVmFB4+AmgYLDE
52.85.242.120200 OK 1.2 kB URL GET HTTP/2 ageandinone.org/NDJ3WXpVUBQ0RVUPFX8PRl5KfEhyF0UfHllfDTIcUApFLhtNXFk6FltHEz8IW1wDdxRRRlJrPAJlGRtKYWdPbDJMXUQ6OQBoMh4CB1MyDzRtekJhPVNRUms4fWEHFz5cWUAQP3lkNQoNUHwyEDZ9cU9uL11nRgkRBXcTIDcDeh8XCVVmTzw8BkpSazhScDIINwd4Ag8ddVo+HTx6cyNhCGRKLj0qTV1SazhiVTIuGV5RER0QU1g5MTxmawA1DGxZJWkcY0IuHT12F0UbHAR/RT0yBUM/G0oRADEWE35kJTQ/B2scAAhuAQN8SHJjDQNKUmUYGjtaYE8eSnJ3Fh48RWUhdDxeVA1pLHJIGD4cBHsOAEkNQCYcKFNURS0sZl8yKTdDeyUXA3VbIQwjbFQaLThjXzEpNgQDMX8QR10ZKUdOegMjSVVmFB4+AmgYLDE
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash b77fd42ef33777b0d6c4bd6a0247787a
ffdc55838b537533d1cc15627b8c314bb2e3e24d
fd1af47995f7871e4d86ad4e639abfc9ff9b96d7d90d19f996cf9164c52539a3
GET /NDJ3WXpVUBQ0RVUPFX8PRl5KfEhyF0UfHllfDTIcUApFLhtNXFk6FltHEz8IW1wDdxRRRlJrPAJlGRtKYWdPbDJMXUQ6OQBoMh4CB1MyDzRtekJhPVNRUms4fWEHFz5cWUAQP3lkNQoNUHwyEDZ9cU9uL11nRgkRBXcTIDcDeh8XCVVmTzw8BkpSazhScDIINwd4Ag8ddVo+HTx6cyNhCGRKLj0qTV1SazhiVTIuGV5RER0QU1g5MTxmawA1DGxZJWkcY0IuHT12F0UbHAR/RT0yBUM/G0oRADEWE35kJTQ/B2scAAhuAQN8SHJjDQNKUmUYGjtaYE8eSnJ3Fh48RWUhdDxeVA1pLHJIGD4cBHsOAEkNQCYcKFNURS0sZl8yKTdDeyUXA3VbIQwjbFQaLThjXzEpNgQDMX8QR10ZKUdOegMjSVVmFB4+AmgYLDE HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Mon, 30 Oct 2023 14:18:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: P6Pgu4Yrw_6z9APw_tRZFmkgDxKxajizUeCMrcsnfx9jzMcJHRoyaw==
X-Firefox-Spdy: h2
asyetaprovinc.org/MnVtRDkdSg43BFYfBTNjZi8uAAlaIS8RbHknKx1xYBIvDWxFTUswUFZIVXMPAURVYklbEVB2ABQGGSVNRwZQdR9bGwsrBBQDUHUXAltbdBcBUxh5CBQBHSVeD0RLNE1GGVB1DwtNW3MMB0Rccw0H
104.21.49.130204 No Content 0 B URL GET HTTP/2 asyetaprovinc.org/MnVtRDkdSg43BFYfBTNjZi8uAAlaIS8RbHknKx1xYBIvDWxFTUswUFZIVXMPAURVYklbEVB2ABQGGSVNRwZQdR9bGwsrBBQDUHUXAltbdBcBUxh5CBQBHSVeD0RLNE1GGVB1DwtNW3MMB0Rccw0H
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MnVtRDkdSg43BFYfBTNjZi8uAAlaIS8RbHknKx1xYBIvDWxFTUswUFZIVXMPAURVYklbEVB2ABQGGSVNRwZQdR9bGwsrBBQDUHUXAltbdBcBUxh5CBQBHSVeD0RLNE1GGVB1DwtNW3MMB0Rccw0H HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2L%2FEGhPhyCHa918jMc20M7sm1PxbJdxE95ZCVEiTbXIw1xKiecSln5UNkJiSv6z6XU7ZF0p4Bh36PSQfGn8yYBwBrq%2BBHPw7RnT7Ny8CMheKWgIx8qSvHXJ%2FSEx4%2Bq6%2Bpxn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b7bb4fb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ageandinone.org/ZGhaM24FCjleUQVVOBUbFgRnFlwiTWh1CgkFIFgIAFBoRA8dBnRQAgsdPlUcCwYuHQABHH8BKBQKDH07MD8XfD4gByhrLA9eF3ssBT8NQx0BWT5/ITcLM3c8VR0QXVpTODNQKCcREGUkCiFvdD8IHQB0HTQsHgMUBy0Pej4wDC1mBRcRF3BXAT8CZgYoLm5yPidcMXcZIRE5a1YIPxICBQUuHFcLHRBiZgUMDxxeBjYwDgtXLRADZQoJMmN0XzIEGQAaPDsdcjkFLhxXJzciNWYtHAEAezwqMAJDFgJZF3ggDgs3dysMAB9dVzAwHX0FAi4UUAoJRQAKLDU5Mn49FyUcazQJK2t5DT0GKgo8NgAvaT9CAilcABRVKAA2NxwLdS9cHQ
52.85.242.120200 OK 1.2 kB URL GET HTTP/2 ageandinone.org/ZGhaM24FCjleUQVVOBUbFgRnFlwiTWh1CgkFIFgIAFBoRA8dBnRQAgsdPlUcCwYuHQABHH8BKBQKDH07MD8XfD4gByhrLA9eF3ssBT8NQx0BWT5/ITcLM3c8VR0QXVpTODNQKCcREGUkCiFvdD8IHQB0HTQsHgMUBy0Pej4wDC1mBRcRF3BXAT8CZgYoLm5yPidcMXcZIRE5a1YIPxICBQUuHFcLHRBiZgUMDxxeBjYwDgtXLRADZQoJMmN0XzIEGQAaPDsdcjkFLhxXJzciNWYtHAEAezwqMAJDFgJZF3ggDgs3dysMAB9dVzAwHX0FAi4UUAoJRQAKLDU5Mn49FyUcazQJK2t5DT0GKgo8NgAvaT9CAilcABRVKAA2NxwLdS9cHQ
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2994), with no line terminators
Hash 827491e354deb6bcc6d56ce0b80f4d8b
d6e418303ce9e892852d80edb194e651f461d815
edce29ea79eab49e290b553d033066b26e316a49fc0af3c1bea11c7d7da3f4cc
GET /ZGhaM24FCjleUQVVOBUbFgRnFlwiTWh1CgkFIFgIAFBoRA8dBnRQAgsdPlUcCwYuHQABHH8BKBQKDH07MD8XfD4gByhrLA9eF3ssBT8NQx0BWT5/ITcLM3c8VR0QXVpTODNQKCcREGUkCiFvdD8IHQB0HTQsHgMUBy0Pej4wDC1mBRcRF3BXAT8CZgYoLm5yPidcMXcZIRE5a1YIPxICBQUuHFcLHRBiZgUMDxxeBjYwDgtXLRADZQoJMmN0XzIEGQAaPDsdcjkFLhxXJzciNWYtHAEAezwqMAJDFgJZF3ggDgs3dysMAB9dVzAwHX0FAi4UUAoJRQAKLDU5Mn49FyUcazQJK2t5DT0GKgo8NgAvaT9CAilcABRVKAA2NxwLdS9cHQ HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1154
date: Mon, 30 Oct 2023 14:18:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: xbu3jdutmN1CaBFdZN57lYnCSXogsGI87y2sqedFaIa2POVKj45zww==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
91.209.70.182200 OK 36 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 8568ee885222fb5ef651a99221bfd347
0dc1b30d1a58c3cdafab8b38da04f3fc2462ee46
3b35d09fae892be2b76a67f47bbbcbe289b05a2850e02295f70f9c2e537d927a
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:30 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:31 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 36 kB URL GET HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
Hash f67e1bd2e1584a2e50cf139375d2d03f
7d2d24515bcffda8f953ca2be94a1b6a61de31d8
58820cb68dfc11a83c4b797fcef209dcd1352239db0c29e001ce72f29d669211
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
asyetaprovinc.org/T2N5R0hgXBo0dRskEXUfCgdcdQoYNisyK3wbHRZ6ehsdETwOASECbjsKHXpxe1pBcXxpExAjdX5bXzQ8LhcMNHV+RRApLiBeXzF1fk1JaXphV18ydX5FDTcpKF5IYTg7FxV6eXlaQXF/elZIdn95VA
104.21.49.130204 No Content 0 B URL GET HTTP/2 asyetaprovinc.org/T2N5R0hgXBo0dRskEXUfCgdcdQoYNisyK3wbHRZ6ehsdETwOASECbjsKHXpxe1pBcXxpExAjdX5bXzQ8LhcMNHV+RRApLiBeXzF1fk1JaXphV18ydX5FDTcpKF5IYTg7FxV6eXlaQXF/elZIdn95VA
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /T2N5R0hgXBo0dRskEXUfCgdcdQoYNisyK3wbHRZ6ehsdETwOASECbjsKHXpxe1pBcXxpExAjdX5bXzQ8LhcMNHV+RRApLiBeXzF1fk1JaXphV18ydX5FDTcpKF5IYTg7FxV6eXlaQXF/elZIdn95VA HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1CJH2YeKme24DlB3S%2BjB13O8Z8kjCDFGXtrjs%2BOFym3NzMr5QGfzdCfcE%2BG7Ag1Znyh1g7%2B5YdXOcNKToc4f8xWEcWJ5ZJEwhuc9seD69%2F0N3ioUzyygJl1QaTtO2u6aTwpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b7fb78b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
91.209.70.182200 OK 21 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:31 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ageandinone.org/RTFxeEUkUxIVeiQME14wN11MXXcDFEM+IShcCxMjIQlDDyQ8X18bKSpEFR43Kl8FVisgRVRKAyd+NE10J3kZGgwXQjoqdTJfNC4DFXUfCAASdBodDwRoNT4uLUs2KTYiZxgpCApLQTQNPGQhMx11XCQAIgZpOTYDFlkjIgwHeyMgKXVWNxQDD3kYQBcBWiQ1JAR0Ej50C0s3DxAUaRtMFgNZHR0PE3wrPxQQWzYQHBdnMjEQFmQBXXcHVEAMJh1gAV13B2kjKg8GZgU/CSkBOh4tLnc3E3V3ZDdNDBR5KzwIdQU8GXUcRCkpNWADMzo9NVUyD3wAaTQ9EiNdXAAPFlYWCAAECSUudzF5OhMqDFdBLiYWYBlddwNkN00MHVgSMAYXBCk2KQdUIR8pYAM3KgAPeDkSMQxpIF4vNl4fCHgpVikWLzxmNEsUFVIgPS0
52.85.242.120200 OK 1.2 kB URL GET HTTP/2 ageandinone.org/RTFxeEUkUxIVeiQME14wN11MXXcDFEM+IShcCxMjIQlDDyQ8X18bKSpEFR43Kl8FVisgRVRKAyd+NE10J3kZGgwXQjoqdTJfNC4DFXUfCAASdBodDwRoNT4uLUs2KTYiZxgpCApLQTQNPGQhMx11XCQAIgZpOTYDFlkjIgwHeyMgKXVWNxQDD3kYQBcBWiQ1JAR0Ej50C0s3DxAUaRtMFgNZHR0PE3wrPxQQWzYQHBdnMjEQFmQBXXcHVEAMJh1gAV13B2kjKg8GZgU/CSkBOh4tLnc3E3V3ZDdNDBR5KzwIdQU8GXUcRCkpNWADMzo9NVUyD3wAaTQ9EiNdXAAPFlYWCAAECSUudzF5OhMqDFdBLiYWYBlddwNkN00MHVgSMAYXBCk2KQdUIR8pYAM3KgAPeDkSMQxpIF4vNl4fCHgpVikWLzxmNEsUFVIgPS0
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash 2e84d7875624c943f63d7a756a007966
db1ef895bb29e92407939264d1e00b9c6303f834
918f61f9db546d812ba6649ff985ca64a215a04de71da6dc670181e3efda9c64
GET /RTFxeEUkUxIVeiQME14wN11MXXcDFEM+IShcCxMjIQlDDyQ8X18bKSpEFR43Kl8FVisgRVRKAyd+NE10J3kZGgwXQjoqdTJfNC4DFXUfCAASdBodDwRoNT4uLUs2KTYiZxgpCApLQTQNPGQhMx11XCQAIgZpOTYDFlkjIgwHeyMgKXVWNxQDD3kYQBcBWiQ1JAR0Ej50C0s3DxAUaRtMFgNZHR0PE3wrPxQQWzYQHBdnMjEQFmQBXXcHVEAMJh1gAV13B2kjKg8GZgU/CSkBOh4tLnc3E3V3ZDdNDBR5KzwIdQU8GXUcRCkpNWADMzo9NVUyD3wAaTQ9EiNdXAAPFlYWCAAECSUudzF5OhMqDFdBLiYWYBlddwNkN00MHVgSMAYXBCk2KQdUIR8pYAM3KgAPeDkSMQxpIF4vNl4fCHgpVikWLzxmNEsUFVIgPS0 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Mon, 30 Oct 2023 14:18:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 9Z6MfL_uB6K6OB8ptuOIKknn160w18nEdozGzSBlwGi1Dq6SH4Lh1Q==
X-Firefox-Spdy: h2
asyetaprovinc.org/dTV6WFBaChkrbTt9HmgxRUI7ChUzVBwJBjRhPG1gNF4gEAcbZFwsOREITW5kRAFLfiAcUUdpdgZBGywlBghLfjkbUxVldgMIS3ZjQRtJbH5FEw9lYVNBCjk3SARcKCQBWUdpZkwNTG9lQARLb2hG
104.21.49.130204 No Content 0 B URL GET HTTP/3 asyetaprovinc.org/dTV6WFBaChkrbTt9HmgxRUI7ChUzVBwJBjRhPG1gNF4gEAcbZFwsOREITW5kRAFLfiAcUUdpdgZBGywlBghLfjkbUxVldgMIS3ZjQRtJbH5FEw9lYVNBCjk3SARcKCQBWUdpZkwNTG9lQARLb2hG
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dTV6WFBaChkrbTt9HmgxRUI7ChUzVBwJBjRhPG1gNF4gEAcbZFwsOREITW5kRAFLfiAcUUdpdgZBGywlBghLfjkbUxVldgMIS3ZjQRtJbH5FEw9lYVNBCjk3SARcKCQBWUdpZkwNTG9lQARLb2hG HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3bfKUbLPsHlIvPOOHAPKujsj2G1AoYcE8oP0F%2FVXU6rmijTmaxQTlPC8Cu9O2b8xMDrDcGZI9XdO3xBahO9LJFi%2BEdmLwYmLjkNFTJlrQMmrqguMm89tcES7p8QYTA5v7zKAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449b8796f5688-OSL
alt-svc: h3=":443"; ma=86400
megaup.net/imageads/013.png
91.209.70.182200 OK 176 kB URL GET HTTP/2 megaup.net/imageads/013.png
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 176 kB (175672 bytes)
Hash 35f4f32d6004e4ff3bb22242b7471283
f1dc5d9d30cbdc5df9ce624f18db41fc9eb9a92e
c276d9de607c6105a4135f772b1a71f00699b4406a5b2ceca33c374ab9840395
GET /imageads/013.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:31 GMT
content-type: image/png
content-length: 175672
last-modified: Sat, 15 Apr 2023 07:22:56 GMT
vary: Accept-Encoding
etag: "643a50d0-2ae38"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=9c7f8129e9f74796a3cecc90264ca71f&p=28&g=NO&token=4a44335432&tbg=1698675509
104.26.2.107200 OK 599 B URL GET HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=9c7f8129e9f74796a3cecc90264ca71f&p=28&g=NO&token=4a44335432&tbg=1698675509
IP 104.26.2.107:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=9c7f8129e9f74796a3cecc90264ca71f&p=28&g=NO&token=4a44335432&tbg=1698675509 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:31 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWIkMvIZDAHV%2Bvgd5wXJNi2aku6RSvU9%2BrzuobKtXE9Tgqnv5%2FASWaRKiU5FDZl3rCPL5UcFepLr%2FoIaN2HKR3POMAUFGLkW2wTJcrEcyH4xtRTp7yYe9eP5xru1xpD1%2F20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449ba3a661c12-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.149.23 280 B IP 172.64.149.23:0
Hash ce31717c0f30dddd25f07bcc416313f3
62c19e6154ec7fcfd6f7caabc9dc6a6fdc3b00ee
970c7a0bb43b59572576e80d7253e28eaf71511f995fd4394269c17f98ed1fc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Oct 2023 14:18:31 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sun, 29 Oct 2023 16:43:15 GMT
Expires: Sun, 05 Nov 2023 16:43:14 GMT
Etag: "62c19e6154ec7fcfd6f7caabc9dc6a6fdc3b00ee"
Cache-Control: max-age=527430,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81e449bae8a256b7-OSL
www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c
142.250.74.40200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c
IP 142.250.74.40:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT
File type ASCII text, with very long lines (5788)
Hash 9962ee8a2d856b3f13dedde65371833a
0dba08098444f1712f42e24112bd249bd05a4ced
a4ad44612c6b958e1b3fe34e9b51cb17d92675a4a16be901c1de627eab5e40ef
GET /gtag/js?id=G-Z9TE2LW16Q&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Oct 2023 14:18:31 GMT
expires: Mon, 30 Oct 2023 14:18:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s.magsrv.com/v1/api.php
95.211.229.246200 OK 739 B IP 95.211.229.246:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- exported SGML document, ASCII text, with very long lines (1012), with no line terminators
Hash 817300bbd73daf3d54ad4923b147d941
3b49beac2d65a5060b9dd7667b07848f883ed640
a8298b207d34fe54e417c3e738b37cfcabc1e72ec711daeb67f11f237d18014e
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 299
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Oct 2023 14:18:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22653fbb37bc7d89.424459173788601565%22%3B%7D; expires=Wed, 29-Oct-2025 14:18:31 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
dmmzkfd82wayn.cloudfront.net/xZnVCQnUFGiwkShIcJn9NUUNxc01AHzEtGxZIA3cyBx0pA0dVFGQ2DwJIcmQZBxslf1MDGyF/REAUJiBIUlM2MhoNSCArHQAFJTgUAB5kNxRbGC04HAoZI2dHIEBsclBURWo6RFdQcQBQVEUuKxsTDWdwRR5NdB1DUlBxAFBURTA0UFU0c3JMSEVrZ0dWEi-chHglQcARHVkRyckRWRGdwRQAcMCcTCQ1ncDNXRHNsRUAAf3M
143.204.42.225 450 B URL dmmzkfd82wayn.cloudfront.net/xZnVCQnUFGiwkShIcJn9NUUNxc01AHzEtGxZIA3cyBx0pA0dVFGQ2DwJIcmQZBxslf1MDGyF/REAUJiBIUlM2MhoNSCArHQAFJTgUAB5kNxRbGC04HAoZI2dHIEBsclBURWo6RFdQcQBQVEUuKxsTDWdwRR5NdB1DUlBxAFBURTA0UFU0c3JMSEVrZ0dWEi-chHglQcARHVkRyckRWRGdwRQAcMCcTCQ1ncDNXRHNsRUAAf3M
IP 143.204.42.225:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (586), with no line terminators
Hash 0145a66c161a994413628c08b5fad007
b5397c4c6dd8ae6d1d82095bb38f5f416b921a22
023980fa6e254dc1950a349b6ff7c7d36a1771c82caec500c35028c8142ffa84
GET /xZnVCQnUFGiwkShIcJn9NUUNxc01AHzEtGxZIA3cyBx0pA0dVFGQ2DwJIcmQZBxslf1MDGyF/REAUJiBIUlM2MhoNSCArHQAFJTgUAB5kNxRbGC04HAoZI2dHIEBsclBURWo6RFdQcQBQVEUuKxsTDWdwRR5NdB1DUlBxAFBURTA0UFU0c3JMSEVrZ0dWEi-chHglQcARHVkRyckRWRGdwRQAcMCcTCQ1ncDNXRHNsRUAAf3M HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ageandinone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 450
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bAxKbAtN0FK6BMMiDcuZHMwU4nmrLRA30-kLcJM7uZxaXXnbS2oOpw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/pbVNUTWMOPDorXBk6MHBaWWpse1dLOSciDR1uJn47PicFCyJVJnI5GQluZGsPDD0zcEUIPTdwUksyMC9eWXUhLF4APC4kDwEycX8lWH1kaFFdeyx8UkhgFmhRXT89IxYVdmZ9G1VlC3tXSGAWaFFdISJoUCxiZHRNXXpxf1MKNjcmDEhhEn9TXGNkfFNcdm-Z9BQQhMSsMFXZmC1JcYnp9RRhuZQ
143.204.42.225 185 B URL dmmzkfd82wayn.cloudfront.net/pbVNUTWMOPDorXBk6MHBaWWpse1dLOSciDR1uJn47PicFCyJVJnI5GQluZGsPDD0zcEUIPTdwUksyMC9eWXUhLF4APC4kDwEycX8lWH1kaFFdeyx8UkhgFmhRXT89IxYVdmZ9G1VlC3tXSGAWaFFdISJoUCxiZHRNXXpxf1MKNjcmDEhhEn9TXGNkfFNcdm-Z9BQQhMSsMFXZmC1JcYnp9RRhuZQ
IP 143.204.42.225:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 859c02175e27285c810ba753ab58fe17
0b2c57cb1c0747a321e652872a108589e0d795d0
a2fac3bc9237d6b3cdd15516b436246cc75fa5c72d92dec15e8f7447d7f66531
GET /pbVNUTWMOPDorXBk6MHBaWWpse1dLOSciDR1uJn47PicFCyJVJnI5GQluZGsPDD0zcEUIPTdwUksyMC9eWXUhLF4APC4kDwEycX8lWH1kaFFdeyx8UkhgFmhRXT89IxYVdmZ9G1VlC3tXSGAWaFFdISJoUCxiZHRNXXpxf1MKNjcmDEhhEn9TXGNkfFNcdm-Z9BQQhMSsMFXZmC1JcYnp9RRhuZQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ageandinone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 185
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Tv6gwkHTslxqrI8G_b40WVT6p7Y8BgzXgbxPDuIuA3_vJhaUK45IVQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/2MllpMldRNgdUaEYwDQ9gBGhYCmEUMxpdOUJkOkcHQ25bVRhdCFtnYUp/HUgzD2lPXjZcPlQUMlw6VANxUz0LD2MULRldPA87AFoxQj4TUzFZfxxTal82E1s7XjhMABEHd1kXZQJxEQNmF2orF2UCNQBcIkp8WwIvCm82BGMXaisXZQIrHxdkc2hZC3kCcE-wAZ1U8Clk4F2svAGcDaVkDZwN8WwIxWysMVDhKfFt0ZgNoRwJxR2RY
143.204.42.225 599 B URL dmmzkfd82wayn.cloudfront.net/2MllpMldRNgdUaEYwDQ9gBGhYCmEUMxpdOUJkOkcHQ25bVRhdCFtnYUp/HUgzD2lPXjZcPlQUMlw6VANxUz0LD2MULRldPA87AFoxQj4TUzFZfxxTal82E1s7XjhMABEHd1kXZQJxEQNmF2orF2UCNQBcIkp8WwIvCm82BGMXaisXZQIrHxdkc2hZC3kCcE-wAZ1U8Clk4F2svAGcDaVkDZwN8WwIxWysMVDhKfFt0ZgNoRwJxR2RY
IP 143.204.42.225:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (830), with no line terminators
Hash cd7ce828a436e3294ad91da79c4ac9f2
f95bfd2628495a75673e52c24278a8529b01921b
93d3d7a41e033f2d84ac95b20339b6ddf74ec4aa41c8912e3f597fa84825ad36
GET /2MllpMldRNgdUaEYwDQ9gBGhYCmEUMxpdOUJkOkcHQ25bVRhdCFtnYUp/HUgzD2lPXjZcPlQUMlw6VANxUz0LD2MULRldPA87AFoxQj4TUzFZfxxTal82E1s7XjhMABEHd1kXZQJxEQNmF2orF2UCNQBcIkp8WwIvCm82BGMXaisXZQIrHxdkc2hZC3kCcE-wAZ1U8Clk4F2svAGcDaVkDZwN8WwIxWysMVDhKfFt0ZgNoRwJxR2RY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ageandinone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 599
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HRMfjBfeqEqxs3ARzpMv1frqT0T8lrs68CCsIMguJtTwJdHui3ZKgw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/bOE51bHhbIRsKR0wnEVFPDnpEWEkeJAYDFkhzGQsgViQMOz0LHyUPKX0mUxgCXHNFShRZIBJRXl0gFlFJHi8RDkUMaAEcF1NzFwUQXj4SFhleJVMZGQUjGhYRVCIUSUp+e1tcXQp+XRRJCWtGLl0KfhkFFk02UF5IQHZDM04Ma0YuXQp+BxpdCw9EXEEWfl-xJSggpEA8TV2tHKkoIf0VcSQh/UF5IXicHCR5XNlBePgl/REJIHjtIXQ
143.204.42.225 601 B URL dmmzkfd82wayn.cloudfront.net/bOE51bHhbIRsKR0wnEVFPDnpEWEkeJAYDFkhzGQsgViQMOz0LHyUPKX0mUxgCXHNFShRZIBJRXl0gFlFJHi8RDkUMaAEcF1NzFwUQXj4SFhleJVMZGQUjGhYRVCIUSUp+e1tcXQp+XRRJCWtGLl0KfhkFFk02UF5IQHZDM04Ma0YuXQp+BxpdCw9EXEEWfl-xJSggpEA8TV2tHKkoIf0VcSQh/UF5IXicHCR5XNlBePgl/REJIHjtIXQ
IP 143.204.42.225:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (827), with no line terminators
Hash fa161496ccebc17a59bdcb4f626ad7c3
3c733a0a11b6843d450ade0306018ea8b52f59c7
02fb7ac6248c905504a2395f6953078f3376c3d99953020f6f52efae9043d5ab
GET /bOE51bHhbIRsKR0wnEVFPDnpEWEkeJAYDFkhzGQsgViQMOz0LHyUPKX0mUxgCXHNFShRZIBJRXl0gFlFJHi8RDkUMaAEcF1NzFwUQXj4SFhleJVMZGQUjGhYRVCIUSUp+e1tcXQp+XRRJCWtGLl0KfhkFFk02UF5IQHZDM04Ma0YuXQp+BxpdCw9EXEEWfl-xJSggpEA8TV2tHKkoIf0VcSQh/UF5IXicHCR5XNlBePgl/REJIHjtIXQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ageandinone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 601
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y3udWSEC0W07RvaQPrI5C-gjD5AUkkFd2_sfykmdobQU-LLUz0GCzA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/6WnB0UU85Hxo3cC4ZEGx3aEVNYH58Ggc+ISpNDhk7IEMVBSwdNEILIC87UiU1Pk1EdyM7HhNsaT8eF2x+fBEQM3JuVgAhIDFNAT8rPxYdPyo+VgEwcjcfDjgjNhFRYwlvXkR0fWpYDGB+f0M2dH1qHB0/OiJVRmE3YkYrZ3t/QzZ0fWoCAnR8G0FEaGFqWV-Fjfz0VFzogf0IyY39rQERgf2tVRmEpMwIRNyAiVUYXfmtBWmFpL01F
143.204.42.225200 OK 365 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/6WnB0UU85Hxo3cC4ZEGx3aEVNYH58Ggc+ISpNDhk7IEMVBSwdNEILIC87UiU1Pk1EdyM7HhNsaT8eF2x+fBEQM3JuVgAhIDFNAT8rPxYdPyo+VgEwcjcfDjgjNhFRYwlvXkR0fWpYDGB+f0M2dH1qHB0/OiJVRmE3YkYrZ3t/QzZ0fWoCAnR8G0FEaGFqWV-Fjfz0VFzogf0IyY39rQERgf2tVRmEpMwIRNyAiVUYXfmtBWmFpL01F
IP 143.204.42.225:443
Requested by https://ageandinone.org/NDJ3WXpVUBQ0RVUPFX8PRl5KfEhyF0UfHllfDTIcUApFLhtNXFk6FltHEz8IW1wDdxRRRlJrPAJlGRtKYWdPbDJMXUQ6OQBoMh4CB1MyDzRtekJhPVNRUms4fWEHFz5cWUAQP3lkNQoNUHwyEDZ9cU9uL11nRgkRBXcTIDcDeh8XCVVmTzw8BkpSazhScDIINwd4Ag8ddVo+HTx6cyNhCGRKLj0qTV1SazhiVTIuGV5RER0QU1g5MTxmawA1DGxZJWkcY0IuHT12F0UbHAR/RT0yBUM/G0oRADEWE35kJTQ/B2scAAhuAQN8SHJjDQNKUmUYGjtaYE8eSnJ3Fh48RWUhdDxeVA1pLHJIGD4cBHsOAEkNQCYcKFNURS0sZl8yKTdDeyUXA3VbIQwjbFQaLThjXzEpNgQDMX8QR10ZKUdOegMjSVVmFB4+AmgYLDE
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (471), with no line terminators
Hash 5d08d7fa948712a2b898f61b867405c5
f6b063c2e7655c03b9a73299a21524469b4856ad
29a745daf2c15f125e1887051786d6987922e374a0b0618cc5cc4f2056f27168
GET /6WnB0UU85Hxo3cC4ZEGx3aEVNYH58Ggc+ISpNDhk7IEMVBSwdNEILIC87UiU1Pk1EdyM7HhNsaT8eF2x+fBEQM3JuVgAhIDFNAT8rPxYdPyo+VgEwcjcfDjgjNhFRYwlvXkR0fWpYDGB+f0M2dH1qHB0/OiJVRmE3YkYrZ3t/QzZ0fWoCAnR8G0FEaGFqWV-Fjfz0VFzogf0IyY39rQERgf2tVRmEpMwIRNyAiVUYXfmtBWmFpL01F HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ageandinone.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 365
date: Mon, 30 Oct 2023 14:18:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n8-WARlY3abK1KfGnnlP51HSOrHtJmMnEw9wGwsVElU0tsctkw5H1A==
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
143.204.53.97 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.53.97:0
Hash dff91f281683d6b54d84140bb51ea01b
db40f672054df1ce6f9ade035119217132d4b66d
3b0c9718f935a64fccfed31e11688deccd02487ea10b6815cd49aa4eceb968c4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 30 Oct 2023 14:18:32 GMT
Last-Modified: Mon, 30 Oct 2023 13:43:50 GMT
Server: ECAcc (amb/6B12)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OTHw9d79cymSVphvqLK1Bbk92sPJmJu0C94Rndq3_P-yb3tODDF4Pg==
Age: 2082
asyetaprovinc.org/d09VVHRYcDYnSSUiHCMQMQVwZjIhDjkaFUR2NxUhNSMxAjUwHTgFUgMmMWlMRXpsZUVRPzwwSUR9cycAFjsgJ0lFf2VjUh4hMztJRWkjaURZdntmWkJpIGlFUTslNRNKfnMkAAMjaGVCTndjY0FCfmdtTUA
104.21.49.130204 No Content 0 B URL POST HTTP/3 asyetaprovinc.org/d09VVHRYcDYnSSUiHCMQMQVwZjIhDjkaFUR2NxUhNSMxAjUwHTgFUgMmMWlMRXpsZUVRPzwwSUR9cycAFjsgJ0lFf2VjUh4hMztJRWkjaURZdntmWkJpIGlFUTslNRNKfnMkAAMjaGVCTndjY0FCfmdtTUA
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /d09VVHRYcDYnSSUiHCMQMQVwZjIhDjkaFUR2NxUhNSMxAjUwHTgFUgMmMWlMRXpsZUVRPzwwSUR9cycAFjsgJ0lFf2VjUh4hMztJRWkjaURZdntmWkJpIGlFUTslNRNKfnMkAAMjaGVCTndjY0FCfmdtTUA HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBgYdSIub3q6z%2B3NxLGxLqi1Tp4vK0oL%2FKIhW7j6NIx%2F6U8ya%2Fk5%2BodPIaiTWrlUNF4gEDE4rfyXZ7ljDCM86F4%2Bi6FW%2BInirl0zjaZmtayVgXW2lVK9SA2l8Bzm0FkBoajB8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449beef535688-OSL
alt-svc: h3=":443"; ma=86400
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=Posy42Tn32yb
65.9.55.123204 No Content 0 B URL GET HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=Posy42Tn32yb
IP 65.9.55.123:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectparrecleftne.xyz
Fingerprint36:D5:D9:43:13:F4:FE:83:A7:9F:01:89:96:60:5B:AD:CB:A5:27:B7
ValiditySun, 18 Dec 2022 00:00:00 GMT - Tue, 16 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=Posy42Tn32yb HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Oct 2023 14:19:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f6020f10d519a41b0c116dad7dcb2798.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: X3BGNuo88GB6hRkQxlsIjp0Ad5QCojvY-cZByueYQ_rGUcLt3jP7qQ==
X-Firefox-Spdy: h2
theharityhild.buzz/cjlJWUoJGzouFQdLJXtwUFE9LToBA2Z2JxdeKCw6XFcsLWUBTmczOVAVayonFBtzaGZQSiQvaEgbfXd5UBVrLSsVZiA9aEgbcWp4RAp6e2ZQSjw7FRtde3twUF9xankRCX07Z0RceTtnRl0raWdLDXFuZxQPLDwvEVwqOikRXGsk
34.195.224.242502 Bad Gateway 32 kB URL GET HTTP/2 theharityhild.buzz/cjlJWUoJGzouFQdLJXtwUFE9LToBA2Z2JxdeKCw6XFcsLWUBTmczOVAVayonFBtzaGZQSiQvaEgbfXd5UBVrLSsVZiA9aEgbcWp4RAp6e2ZQSjw7FRtde3twUF9xankRCX07Z0RceTtnRl0raWdLDXFuZxQPLDwvEVwqOikRXGsk
IP 34.195.224.242:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjecttheharityhild.buzz
Fingerprint3A:26:20:76:34:1A:46:71:BC:0E:9E:5F:F6:BD:DB:B6:3F:6D:E6:DC
ValiditySun, 29 Oct 2023 12:20:50 GMT - Sat, 27 Jan 2024 12:20:49 GMT
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /cjlJWUoJGzouFQdLJXtwUFE9LToBA2Z2JxdeKCw6XFcsLWUBTmczOVAVayonFBtzaGZQSiQvaEgbfXd5UBVrLSsVZiA9aEgbcWp4RAp6e2ZQSjw7FRtde3twUF9xankRCX07Z0RceTtnRl0raWdLDXFuZxQPLDwvEVwqOikRXGsk HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 502 Bad Gateway
set-cookie: 3211f181a7582d9941f8441c346c8b04=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ff04adc3a5288e22757671e4a9ad2dd8
2ecd5642c175f83d63a49864f4df2c1b2b4212fc
47ee3290a621ba1f28f2bfe07a19358371e6d4fa1cbf4386c27c8d5e2ced0a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Oct 2023 14:18:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ff04adc3a5288e22757671e4a9ad2dd8
2ecd5642c175f83d63a49864f4df2c1b2b4212fc
47ee3290a621ba1f28f2bfe07a19358371e6d4fa1cbf4386c27c8d5e2ced0a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Oct 2023 14:18:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
asyetaprovinc.org/popunder.gif
104.21.49.130200 OK 55 B URL GET HTTP/3 asyetaprovinc.org/popunder.gif
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 5e09cb2584bd69bb8364bf83274cc391
9dacfd28e32da874f341b3020b28d11337e84e9a
5b201a7c31ce43e203695f6ad7cea0ca6cdca457a4ad336c748de391edc7b381
GET /popunder.gif HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 36608
last-modified: Mon, 30 Oct 2023 04:08:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4Gj6tkAoJ%2FShc4fcukhAEJtKvQsoGXozfj%2Fhc79kCY78vIh2fb%2BjmGskkLa0Nbk%2BvI7baA5tLguioLwo9kUOr%2FlZBi%2Fh%2FhnIDjoMIXqwtiVWB0SuvIWERhoehVedhah%2BYns5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81e449be9f105688-OSL
alt-svc: h3=":443"; ma=86400
dmmzkfd82wayn.cloudfront.net/
143.204.42.225200 OK 73 B URL GET HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.225:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 57143c38ff308b700bda81d33fffdc1c
7a4357101b77e5e514797ea16df9f31d0c1711df
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 30 Oct 2023 14:18:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R-EkQLB0UiwdN96omOxzbnEqtW1Ues_0aqi5enrpb5Dm2Rwjz_Qu3w==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/482500/300x250?region=eu-central-1
78.46.32.91200 OK 419 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/482500/300x250?region=eu-central-1
IP 78.46.32.91:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1811811?size=300x250
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 300 x 250\012- data
Size 419 kB (419447 bytes)
Hash 415d72cd769d66307391298d960a6e6b
347005d60c95df0e6fbc6c04f19439b0202dcdad
b11edb7f06e794d1e71008ed040f2021012500d4242d6b2b0a07e327b7f36f1a
GET /a-ads-banners/482500/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: image/gif
content-length: 419447
x-amz-id-2: NC6K5DNuTq90ZUxHsZYuhK6+U160W+4CDojyDWF8dpVTEhIEQJGZnHpui+d66/NfHKmIVMWLKKQ=
x-amz-request-id: JD1ECEH2M6QP4MFX
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Oct 2023 18:00:18 GMT
etag: "415d72cd769d66307391298d960a6e6b"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: qeI7MH906X8xd8DsvzER_IjbXAdFVWkr
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint86:7B:0F:9A:A8:81:46:14:E8:56:C2:45:8B:8E:FF:52:DA:1C:F4:18
ValidityMon, 09 Oct 2023 08:11:28 GMT - Mon, 01 Jan 2024 08:11:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:HnqRVGOKdrOZZkPdXhHRgvSYcD3rBw:Zhp3Ld39kqxjx5yo; Expires=Wed, 29-Oct-2025 14:18:32 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Oct 2023 14:18:32 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxL2Fl4x-2ot-Dm0x5M1XzdotnSCmWYE3VNDNAq4B7q_3hVXfjAtTYH4jdTGhfrO1Ddord0zQ
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ZMFbr8t_leD0sETuYd6JBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint86:7B:0F:9A:A8:81:46:14:E8:56:C2:45:8B:8E:FF:52:DA:1C:F4:18
ValidityMon, 09 Oct 2023 08:11:28 GMT - Mon, 01 Jan 2024 08:11:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:lRv-FTaKIer608atmtdgGb4mVaroXA:7DCpmNKT5qdNBVZW; Expires=Wed, 29-Oct-2025 14:18:32 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Oct 2023 14:18:32 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyxpU3wCdtuCa2Cie3racubWuraGrceCOryqJTtxaljVNvQHzDFbMNzheM0QAAFtrnei7PXSug
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-xeMwC6VcGS6sYUrUFTmVOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ageandinone.org/utx?cb=TWgZiVILfo5I&top=megaup.net&tid=761186
52.85.242.120204 No Content 0 B URL GET HTTP/2 ageandinone.org/utx?cb=TWgZiVILfo5I&top=megaup.net&tid=761186
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=TWgZiVILfo5I&top=megaup.net&tid=761186 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Oct 2023 14:19:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: tzEzyrnn1UkCUvJ5cEtcurUSb0uRYpLgzUi_u31vlG5gmg6MHQwTrg==
X-Firefox-Spdy: h2
ageandinone.org/utx?cb=hTLzqWLaiFot&top=megaup.net&tid=825911
52.85.242.120204 No Content 0 B URL GET HTTP/2 ageandinone.org/utx?cb=hTLzqWLaiFot&top=megaup.net&tid=825911
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=hTLzqWLaiFot&top=megaup.net&tid=825911 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Oct 2023 14:19:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: sKHc4C39s_oG1J29UtLU78TTsK3daUUmnU7jToZUtS4wcKQNIUlc4A==
X-Firefox-Spdy: h2
ageandinone.org/utx?cb=IQFwhIDtX64p&top=megaup.net&tid=876318
52.85.242.120204 No Content 0 B URL GET HTTP/2 ageandinone.org/utx?cb=IQFwhIDtX64p&top=megaup.net&tid=876318
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=IQFwhIDtX64p&top=megaup.net&tid=876318 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Oct 2023 14:19:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: t9caJKyOJAKXtyw17Oisj2knsNeDZgz_iw9B0s2NJoCVRTmX1e2r7g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 25c06ac156361c4fc787856ef550bf22
e8e3e7b89a94280b1279abdda07047c89c2daf0d
7bc2ffea96bab60c723e5f97945e00177884d7bd8713fafddc98984b2fc0633a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Oct 2023 14:18:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxL2Fl4x-2ot-Dm0x5M1XzdotnSCmWYE3VNDNAq4B7q_3hVXfjAtTYH4jdTGhfrO1Ddord0zQ
142.250.74.109302 Found 404 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxL2Fl4x-2ot-Dm0x5M1XzdotnSCmWYE3VNDNAq4B7q_3hVXfjAtTYH4jdTGhfrO1Ddord0zQ
IP 142.250.74.109:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint86:7B:0F:9A:A8:81:46:14:E8:56:C2:45:8B:8E:FF:52:DA:1C:F4:18
ValidityMon, 09 Oct 2023 08:11:28 GMT - Mon, 01 Jan 2024 08:11:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Hash 8226ae171b29ee39c8e7536d52f61553
4c4a9824446a295514e375a493bb723aaa4882da
196f99ede23c9311365b7bd2aab5cf5d556e3df9f69b6a1f2012587fd181906b
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxL2Fl4x-2ot-Dm0x5M1XzdotnSCmWYE3VNDNAq4B7q_3hVXfjAtTYH4jdTGhfrO1Ddord0zQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2Heoi0lSsXYv1EjJITYPyC9BEIWsng:zN0IOcOct1Sg6fEk;Path=/;Expires=Wed, 29-Oct-2025 14:18:32 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Oct 2023 14:18:32 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyynBlm8vDqARcTwffNPt9-rwLO7G-oxHadVIUzRkJ6L4XEfuBfQXTMHW5FbYR224hS5O9ZVlQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2012594995%3A1698675512550473&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QQkPkI7e4CGa04OlQiV6UA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyxpU3wCdtuCa2Cie3racubWuraGrceCOryqJTtxaljVNvQHzDFbMNzheM0QAAFtrnei7PXSug
142.250.74.109302 Found 405 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyxpU3wCdtuCa2Cie3racubWuraGrceCOryqJTtxaljVNvQHzDFbMNzheM0QAAFtrnei7PXSug
IP 142.250.74.109:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint86:7B:0F:9A:A8:81:46:14:E8:56:C2:45:8B:8E:FF:52:DA:1C:F4:18
ValidityMon, 09 Oct 2023 08:11:28 GMT - Mon, 01 Jan 2024 08:11:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (400)
Hash 6056a1071a4462c8e9b506fc471d1cd9
2610794b3f1d947b3bbbc8921cf0b6f6ae56fa92
3dd6927387f4a9730caffef2623fec1e158a31cb0c4f1624382419e3cbef417d
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyxpU3wCdtuCa2Cie3racubWuraGrceCOryqJTtxaljVNvQHzDFbMNzheM0QAAFtrnei7PXSug HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:VgFb-vnA4UUBm_cxdpACNVdRmVYn8w:_ZWbiEMniq5fz5NG;Path=/;Expires=Wed, 29-Oct-2025 14:18:32 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Oct 2023 14:18:32 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyz6Q1iIQ8fxh6PrGv9i94YPj13nCIFPqN-k8xOxfJPmLLappGfPa3mxIN7g5zoNCDBb4GR6jQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1375212650%3A1698675512603578&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-344OZGVUxeHgwkryMpNYYA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 405
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ageandinone.org/utx?cb=Dij5BQ14ev27&top=megaup.net&tid=764141
52.85.242.120204 No Content 0 B URL GET HTTP/2 ageandinone.org/utx?cb=Dij5BQ14ev27&top=megaup.net&tid=764141
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Dij5BQ14ev27&top=megaup.net&tid=764141 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Oct 2023 14:19:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ng89LMLmV-tK27bOaDWMONEuzRj67TMQDH7pLw-gAkcPgTtU2u8cjg==
X-Firefox-Spdy: h2
ageandinone.org/multi?cs=aHA5a1NcRwFdYFtCDVhiWEgBXWo&abt=0&red=1&sm=76&k=download%20file%20cities%20skylines%20rune%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_AgTu=1698675513040&crc=1
52.85.242.120200 OK 1.6 kB URL GET HTTP/2 ageandinone.org/multi?cs=aHA5a1NcRwFdYFtCDVhiWEgBXWo&abt=0&red=1&sm=76&k=download%20file%20cities%20skylines%20rune%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_AgTu=1698675513040&crc=1
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (3359), with no line terminators
Hash 70724524a4db4c83c8e00ad32af155f5
d362841e20561292a36db96da3cd671cf5a5f759
f8d8d3d94773073a8f30a214024ccfd2fa4c52b4b610003aec9347d8bc3db29f
GET /multi?cs=aHA5a1NcRwFdYFtCDVhiWEgBXWo&abt=0&red=1&sm=76&k=download%20file%20cities%20skylines%20rune%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&_AgTu=1698675513040&crc=1 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1571
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=ec696388-0cdb-4840-9c0b-16efd5087fd2
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: uBGyGNumDQnmqXmg9DwDdeo85xBTiidLRGMVGfYiFjfU3Ft50fUK8Q==
X-Firefox-Spdy: h2
smartpicrotation.com/bnr/4/69a/0a7ff0/69a0a7ff0fe06d42942d29ca511570ef.jpg
104.21.54.29200 OK 48 kB URL GET HTTP/2 smartpicrotation.com/bnr/4/69a/0a7ff0/69a0a7ff0fe06d42942d29ca511570ef.jpg
IP 104.21.54.29:443
Requested by https://neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=megaup.net
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint14:E4:19:7A:F4:96:18:FC:EB:1C:EC:65:23:F8:07:EE:78:E2:CE:A6
ValidityThu, 09 Mar 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash b0af944376cf7c7a0eee8661b538b942
4780749c67739ce6c0e7346c1cfc77da2270210c
6c15529dc90cb8a9a569b5d4ff733afe7820fd1d73e3ba09315820ed4dbf75cf
GET /bnr/4/69a/0a7ff0/69a0a7ff0fe06d42942d29ca511570ef.jpg HTTP/1.1
Host: smartpicrotation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://neverstoprotation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: image/jpeg
content-length: 47523
last-modified: Mon, 28 Aug 2023 17:22:01 GMT
etag: "64ecd7b9-b9a3"
expires: Fri, 13 Oct 2023 23:08:39 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 454215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hyfEZHQeEiL0SdaAMEbuekktBcBciwGU2zfASWAttgDE7uL35v3Jtf8UCTKijRzoOt9K4Kwl7U%2BDAgA0YtSO4yAvYTS2FNVWplv4yqLzxX74itcK9gE8VsZY12%2F5kfS18EatLQh3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81e449c25817b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ageandinone.org/floater?cs=azJFMXRSBHwITVILdAVDWABzA0I&abt=0&red=1&sm=83&k=download%20file%20cities%20skylines%20rune%20part01&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_bmsE=1698675512998&crc=1
52.85.242.120200 OK 2.7 kB URL GET HTTP/2 ageandinone.org/floater?cs=azJFMXRSBHwITVILdAVDWABzA0I&abt=0&red=1&sm=83&k=download%20file%20cities%20skylines%20rune%20part01&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_bmsE=1698675512998&crc=1
IP 52.85.242.120:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerAmazon
Subjectageandinone.org
Fingerprint53:B7:F5:1F:96:E4:CE:96:17:C4:D4:27:27:BA:86:12:20:7A:B3:02
ValiditySun, 22 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (4462), with no line terminators
Hash 4a430cfe2d06ea1b6701b1be50bc1b97
a7e9c3efb28f989c74483e034f3f23673265b52a
eaf0bde6d31f0aeee8f1a9b96245c929c8f7ac0ef5d34b3d36ee243424322663
GET /floater?cs=azJFMXRSBHwITVILdAVDWABzA0I&abt=0&red=1&sm=83&k=download%20file%20cities%20skylines%20rune%20part01&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F3kAby%2FCities.Skylines.II-RUNE.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A109.0)%20gecko%2F20100101%20firefox%2F111.0&tzd=0&uloc=&if=0&aa=oi1_&_bmsE=1698675512998&crc=1 HTTP/1.1
Host: ageandinone.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2672
date: Mon, 30 Oct 2023 14:18:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b01c684c-85a7-402c-bd7f-9f81d09b2989
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4890.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XcBnirks-IMoEm2nyRZt1auOr9heObzyHRjG_Rfrc3Jm-dzgGeTahA==
X-Firefox-Spdy: h2
neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=megaup.net
188.114.96.1200 OK 591 B URL GET HTTP/2 neverstoprotation.com/iframe/5dd3cd2543577?iframe&ag_custom_domain=megaup.net
IP 188.114.96.1:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintAC:02:90:11:60:93:37:BC:E9:ED:1E:52:9D:CF:6C:E5:5D:D6:3D:AD
ValidityThu, 09 Mar 2023 00:00:00 GMT - Thu, 07 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (954)
Hash 84929a634af6bac9b409bb31ced356b3
f35417c6aaf48e2d747ab7583b4330384f43d1bc
3fa33af4d9bfec797d98da9370e17c92a7b605a1322a4d4a2af8a2a626d4c242
GET /iframe/5dd3cd2543577?iframe&ag_custom_domain=megaup.net HTTP/1.1
Host: neverstoprotation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: text/html
set-cookie: showed_15437_95810=[2502266]; Expires=Tue, 31-Oct-23 14:18:32 GMT; Domain=neverstoprotation.com; Path=/; Secure; SameSite=None
c_16f508276a09c5dfc2a207f7f28939ab=1; Expires=Tue, 31-Oct-23 14:18:32 GMT; Domain=neverstoprotation.com; Path=/; Secure; SameSite=None
z_9bc29c4af4fd82d57b7a5bb7e1f7d7c0=1; Expires=Tue, 31-Oct-23 14:18:32 GMT; Domain=neverstoprotation.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjNQ%2BXlgAjcSsnoPCPDVrTAl%2Fqarseka4h3VmkTQAtenbIAPaq33UPUxth1gRXbbcD4zayKG5Z%2F9KTWh2DqvVpC%2B4ZFmd0guapFNmfqqanW9TFrWrg2C35PCguZOTpdJfRjJMcYGfMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449c0da3756b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
asyetaprovinc.org/Qk1nMDVtcgRDCCAbC0pnChcyUgUydDMBZyUcCXJ3GiATdlEpDEFEXCZwXwIAe3xWFkUrKVoDB2Q+E1FBNz5aAgVyeEFZWyQiWgIFcntXAAdxeUIHdio5E0BGZ34mFQcEaFV2Vi4kBFsbMi4LWxssLApVEHALE1hALy8JUVwuaFR2XGd+I2RxDXovfn8BdTNhanJoVQZcLyoTFQYGJARfW2d6JFVAbCACQ0YnIwBVR2d6JAIEd3xRAA11flQIBXt8VQMCcXlBRghyY14eB2x4QUUId3teAgB2fl4EAnt1UAIEZDkXUVJ/fEFAQTYhWgEDe3VRBwB3fFIJAXY
104.21.49.130204 No Content 0 B URL POST HTTP/3 asyetaprovinc.org/Qk1nMDVtcgRDCCAbC0pnChcyUgUydDMBZyUcCXJ3GiATdlEpDEFEXCZwXwIAe3xWFkUrKVoDB2Q+E1FBNz5aAgVyeEFZWyQiWgIFcntXAAdxeUIHdio5E0BGZ34mFQcEaFV2Vi4kBFsbMi4LWxssLApVEHALE1hALy8JUVwuaFR2XGd+I2RxDXovfn8BdTNhanJoVQZcLyoTFQYGJARfW2d6JFVAbCACQ0YnIwBVR2d6JAIEd3xRAA11flQIBXt8VQMCcXlBRghyY14eB2x4QUUId3teAgB2fl4EAnt1UAIEZDkXUVJ/fEFAQTYhWgEDe3VRBwB3fFIJAXY
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Qk1nMDVtcgRDCCAbC0pnChcyUgUydDMBZyUcCXJ3GiATdlEpDEFEXCZwXwIAe3xWFkUrKVoDB2Q+E1FBNz5aAgVyeEFZWyQiWgIFcntXAAdxeUIHdio5E0BGZ34mFQcEaFV2Vi4kBFsbMi4LWxssLApVEHALE1hALy8JUVwuaFR2XGd+I2RxDXovfn8BdTNhanJoVQZcLyoTFQYGJARfW2d6JFVAbCACQ0YnIwBVR2d6JAIEd3xRAA11flQIBXt8VQMCcXlBRghyY14eB2x4QUUId3teAgB2fl4EAnt1UAIEZDkXUVJ/fEFAQTYhWgEDe3VRBwB3fFIJAXY HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 30 Oct 2023 14:18:35 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6BW4nY0Dm6%2BB%2Fj%2FSqS5WAeJzJLrx1dANdy8KDOvu3oggpcYEkOOrLv5yjxl3tkqhsFNLQ%2Fe5wXwqPITavLr0rKhdlk4IW%2FZU2K%2Be14rbIsJuWWLsiIyofwJ1geFr%2FDUW3yevw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449d129e65688-OSL
alt-svc: h3=":443"; ma=86400
ocsp.sectigo.com/
172.64.149.23 472 B IP 172.64.149.23:0
Hash a282cceeb74f1424475490f9ff229d5a
7cd0ad79019fb5032008959f1ad90c7467a6b54f
3746256859a74f078ab5aceaf3db6b862b34dd61e6e13ff3286838aff0dce8b2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Oct 2023 14:18:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Oct 2023 04:24:03 GMT
Expires: Mon, 06 Nov 2023 04:24:02 GMT
Etag: "7cd0ad79019fb5032008959f1ad90c7467a6b54f"
Cache-Control: max-age=569734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81e449d3396d56b7-OSL
click.pclk.name/thumbnail?i=TDO7HNJC8TQ_0&imgt=icon
173.239.53.24 0 B URL GET click.pclk.name/thumbnail?i=TDO7HNJC8TQ_0&imgt=icon
IP 173.239.53.24:0
ASN #27257 WEBAIR-INTERNET
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=TDO7HNJC8TQ_0&imgt=icon HTTP/1.1
Host: click.pclk.name
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 30 Oct 2023 14:18:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://eu.messenger-notify.xyz/icn/b-W1i36TWutSJRuOp5VvEM2Jtmq-ygQgSFzUJaCa-s4lFOoO6aFT0c6GuoVUl-bUfYLRCCYR0RdqUFytuc5ck26f6vCROL5xm_ia3sgcaaAJMrl014_73IHo9ZC7SLDQzxCH_afS8KbwTSVKt_52RdpOcu5iu7iU_b9Q6I-dwYvhY5idS_GGPdxyllRbDHWycXkuZfZ6c1dSjRtkIOtDdBS6ss_xtPQLXUvsiDL_CEz-GsFCxcBPparrEFONetJEdIuW7yrrptfeHJPr9DSCgy1LGXq4EzYjAihRJM7Idqr1J3V5Jemp9ciEonFk4jo6CC1cIMYCBsZ6oTCU-uGzaNRnK7q0b4emGw374-g0vgt1palQY1bgH9ecJVur0wHI9Mig7tE52PdG5THwSkfVObnnztJPxHTIVDquRL2YUKhzSmow
Pragma: no-cache
eu.messenger-notify.xyz/icn/b-W1i36TWutSJRuOp5VvEM2Jtmq-ygQgSFzUJaCa-s4lFOoO6aFT0c6GuoVUl-bUfYLRCCYR0RdqUFytuc5ck26f6vCROL5xm_ia3sgcaaAJMrl014_73IHo9ZC7SLDQzxCH_afS8KbwTSVKt_52RdpOcu5iu7iU_b9Q6I-dwYvhY5idS_GGPdxyllRbDHWycXkuZfZ6c1dSjRtkIOtDdBS6ss_xtPQLXUvsiDL_CEz-GsFCxcBPparrEFONetJEdIuW7yrrptfeHJPr9DSCgy1LGXq4EzYjAihRJM7Idqr1J3V5Jemp9ciEonFk4jo6CC1cIMYCBsZ6oTCU-uGzaNRnK7q0b4emGw374-g0vgt1palQY1bgH9ecJVur0wHI9Mig7tE52PdG5THwSkfVObnnztJPxHTIVDquRL2YUKhzSmow
157.90.33.71307 Temporary Redirect 0 B URL GET HTTP/2 eu.messenger-notify.xyz/icn/b-W1i36TWutSJRuOp5VvEM2Jtmq-ygQgSFzUJaCa-s4lFOoO6aFT0c6GuoVUl-bUfYLRCCYR0RdqUFytuc5ck26f6vCROL5xm_ia3sgcaaAJMrl014_73IHo9ZC7SLDQzxCH_afS8KbwTSVKt_52RdpOcu5iu7iU_b9Q6I-dwYvhY5idS_GGPdxyllRbDHWycXkuZfZ6c1dSjRtkIOtDdBS6ss_xtPQLXUvsiDL_CEz-GsFCxcBPparrEFONetJEdIuW7yrrptfeHJPr9DSCgy1LGXq4EzYjAihRJM7Idqr1J3V5Jemp9ciEonFk4jo6CC1cIMYCBsZ6oTCU-uGzaNRnK7q0b4emGw374-g0vgt1palQY1bgH9ecJVur0wHI9Mig7tE52PdG5THwSkfVObnnztJPxHTIVDquRL2YUKhzSmow
IP 157.90.33.71:443
ASN #24940 Hetzner Online GmbH
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjecteu.messenger-notify.xyz
Fingerprint6C:3D:7A:4B:80:BD:95:62:68:BC:6B:31:3E:6B:97:27:35:66:EE:B6
ValidityTue, 29 Aug 2023 03:33:37 GMT - Mon, 27 Nov 2023 03:33:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /icn/b-W1i36TWutSJRuOp5VvEM2Jtmq-ygQgSFzUJaCa-s4lFOoO6aFT0c6GuoVUl-bUfYLRCCYR0RdqUFytuc5ck26f6vCROL5xm_ia3sgcaaAJMrl014_73IHo9ZC7SLDQzxCH_afS8KbwTSVKt_52RdpOcu5iu7iU_b9Q6I-dwYvhY5idS_GGPdxyllRbDHWycXkuZfZ6c1dSjRtkIOtDdBS6ss_xtPQLXUvsiDL_CEz-GsFCxcBPparrEFONetJEdIuW7yrrptfeHJPr9DSCgy1LGXq4EzYjAihRJM7Idqr1J3V5Jemp9ciEonFk4jo6CC1cIMYCBsZ6oTCU-uGzaNRnK7q0b4emGw374-g0vgt1palQY1bgH9ecJVur0wHI9Mig7tE52PdG5THwSkfVObnnztJPxHTIVDquRL2YUKhzSmow HTTP/1.1
Host: eu.messenger-notify.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Mon, 30 Oct 2023 14:18:36 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: https://cdn4image.com/creatives/596/780/192_0_1698590942676.webp
X-Firefox-Spdy: h2
cdn4image.com/creatives/596/780/192_0_1698590942676.webp
157.90.91.144200 OK 2.3 kB URL GET HTTP/2 cdn4image.com/creatives/596/780/192_0_1698590942676.webp
IP 157.90.91.144:443
ASN #24940 Hetzner Online GmbH
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectcdn4image.com
FingerprintAD:DE:9B:AF:1E:DA:A9:E0:BC:1D:D5:41:2F:E3:12:EB:2A:0B:CE:07
ValidityWed, 20 Sep 2023 03:30:18 GMT - Tue, 19 Dec 2023 03:30:17 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2cb048e3eac2f0c17408a6262e620162
1268c93eb252908b3c9c5625a2d8d9039fca087b
8487c4071fd298ff09f613e870b947dd0e409c36bec35f151ababa8057d7f56a
GET /creatives/596/780/192_0_1698590942676.webp HTTP/1.1
Host: cdn4image.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:36 GMT
content-type: image/webp
content-length: 2254
last-modified: Sun, 29 Oct 2023 16:16:18 GMT
etag: "653e8552-8ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:37 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
asyetaprovinc.org/cVNBa09ebCIYcicpFyEqGx00KnwzFwIGezw2BF8KKxIlTn03AAA+aQU6JVZ3Q2Z4Wn5XIygPckJhZxg7ECc0GHJDY3FeaRg9JwRyQ2NxXX9BYnJZakYQKR87ASBkWA5UYQdOfTcrLAdhEzozD2IWNjUKLRg3bwUqBXZzLTsZJiwJIRA6LU58NzpkWAs0KQ5ZADo+NAUmPAxxTn1HI2RYC0BleFN5RmZ0Wn1fYXNbd0BmZFl5GD4mH2pCFygIIB92dighBD8tTngyYXBefkdjeVx8QmtxUn5DYHZYe1clfFthSH1zRXpXJnxeeUhhdF98SGd2UndGYXBNOwEyJlZ+VyM1HyNMYndSd0dkdF5+SGpyXQ
104.21.49.130204 No Content 0 B URL POST HTTP/3 asyetaprovinc.org/cVNBa09ebCIYcicpFyEqGx00KnwzFwIGezw2BF8KKxIlTn03AAA+aQU6JVZ3Q2Z4Wn5XIygPckJhZxg7ECc0GHJDY3FeaRg9JwRyQ2NxXX9BYnJZakYQKR87ASBkWA5UYQdOfTcrLAdhEzozD2IWNjUKLRg3bwUqBXZzLTsZJiwJIRA6LU58NzpkWAs0KQ5ZADo+NAUmPAxxTn1HI2RYC0BleFN5RmZ0Wn1fYXNbd0BmZFl5GD4mH2pCFygIIB92dighBD8tTngyYXBefkdjeVx8QmtxUn5DYHZYe1clfFthSH1zRXpXJnxeeUhhdF98SGd2UndGYXBNOwEyJlZ+VyM1HyNMYndSd0dkdF5+SGpyXQ
IP 104.21.49.130:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectasyetaprovinc.org
Fingerprint0A:43:E8:C4:15:5B:18:00:EC:A1:B2:19:90:B0:70:76:1A:E8:98:E6
ValiditySun, 22 Oct 2023 07:30:34 GMT - Sat, 20 Jan 2024 07:30:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cVNBa09ebCIYcicpFyEqGx00KnwzFwIGezw2BF8KKxIlTn03AAA+aQU6JVZ3Q2Z4Wn5XIygPckJhZxg7ECc0GHJDY3FeaRg9JwRyQ2NxXX9BYnJZakYQKR87ASBkWA5UYQdOfTcrLAdhEzozD2IWNjUKLRg3bwUqBXZzLTsZJiwJIRA6LU58NzpkWAs0KQ5ZADo+NAUmPAxxTn1HI2RYC0BleFN5RmZ0Wn1fYXNbd0BmZFl5GD4mH2pCFygIIB92dighBD8tTngyYXBefkdjeVx8QmtxUn5DYHZYe1clfFthSH1zRXpXJnxeeUhhdF98SGd2UndGYXBNOwEyJlZ+VyM1HyNMYndSd0dkdF5+SGpyXQ HTTP/1.1
Host: asyetaprovinc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Mon, 30 Oct 2023 14:18:39 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTmZworA5fihAvDTcC18lZraRR7%2BxHE%2F1G1gIw047if6m9bijHzEnXEPhTKJ4Dc5hw8Kq%2B0gQT9Yqor0rizWeM6l65YWqQKNNYmpLEeOEmuzH5MqasVtRa3qhS2u3NgSXywYnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449ea29a25688-OSL
alt-svc: h3=":443"; ma=86400
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:39 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:39 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:39 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:39 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
91.209.70.182200 OK 32 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6; _ga_Z9TE2LW16Q=GS1.1.1698675512.1.0.1698675512.0.0.0; _ga=GA1.1.1791799190.1698675513
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:39 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
a.magsrv.com/ad-provider.js
185.76.9.25200 OK 30 kB URL GET HTTP/2 a.magsrv.com/ad-provider.js
IP 185.76.9.25:443
ASN #60068 Datacamp Limited
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 7b6436cb376987ed0fe2f40d611145d2
aefdca9b2d93bde6c34a9230fa876377ea386e92
e5d2c35d61d8683e7ad5b8a4df2ca3214fb00dcad5820b9ca6b94a8b4e87f01d
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:31 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"c3bf4dda1c80c2d4305bf3c54ed"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 30 Oct 2023 13:59:53 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: ArlMCRQ3Nzf/XQQAALlMCgE3Nzf/eQAAAA
x-77-nzt-ray: af585630f1906b6d37bb3f656638851a
x-accel-expires: @1698685194
x-accel-date: 1698674394
x-77-cache: HIT
x-77-age: 1238
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 1117
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
xml.bird-getabid.net/thumbnail?i=EzO2OKmuniM_0&p=1698675512.220815&imgt=icon
198.134.116.29302 Found 0 B URL GET HTTP/1.1 xml.bird-getabid.net/thumbnail?i=EzO2OKmuniM_0&p=1698675512.220815&imgt=icon
IP 198.134.116.29:443
ASN #27257 WEBAIR-INTERNET
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectbird-getabid.net
FingerprintE5:F6:77:5D:45:92:F9:BE:D5:D1:E5:90:11:D7:61:49:C1:01:6F:9A
ValidityMon, 04 Sep 2023 06:38:20 GMT - Sun, 03 Dec 2023 06:38:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=EzO2OKmuniM_0&p=1698675512.220815&imgt=icon HTTP/1.1
Host: xml.bird-getabid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 30 Oct 2023 14:18:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://static.servingserved.com/n337/ad/192x192_hpbo3YohsfFJjjTRWsB9.jpeg
Pragma: no-cache
static.servingserved.com/n337/ad/192x192_hpbo3YohsfFJjjTRWsB9.jpeg
151.139.128.10200 OK 6.4 kB URL GET HTTP/1.1 static.servingserved.com/n337/ad/192x192_hpbo3YohsfFJjjTRWsB9.jpeg
IP 151.139.128.10:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectservingserved.com
Fingerprint52:93:27:F9:89:4A:E6:16:52:73:66:6D:41:30:09:8A:03:75:54:F7
ValidityMon, 04 Sep 2023 06:51:39 GMT - Sun, 03 Dec 2023 06:51:38 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 760e083b0199dcf36cfadd363d72dbf6
6469a8818e2991ddee3eb5e1261f27d0bebc13f7
d4f6e490f7ce250a7f89d2b15391bc6e41eebf134ad92e220e6cdb863693c6d7
GET /n337/ad/192x192_hpbo3YohsfFJjjTRWsB9.jpeg HTTP/1.1
Host: static.servingserved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Oct 2023 14:18:39 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 07 Apr 2023 23:13:51 GMT
Accept-Ranges: bytes
ETag: "6430a3af-18d1"
Cache-Control: max-age=86400
Server: fbs
X-HW: 1698675519.cds232.sk1.hn,1698675519.cds257.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 6353
pogothere.xyz/asd100.bin
172.64.110.13200 OK 102 kB IP 172.64.110.13:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6539
last-modified: Mon, 30 Oct 2023 12:29:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqBz75LzRYwuuZbHpLJysIKQY3ziBeRcyvjMELwkktj%2F8hi5TF7CwZRpNDpVPGKgWVsnxC3MkrJIVjqfn46%2B2OZ%2FAu%2Fg%2Fqb1Di83zZYZdpbi9NC5htCFaFJkiPOBb4Em"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81e449c1de733db2-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 25 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
Hash 6d74ec0b03e02825fef8093d64629489
de746f1c7aeb0927541e1d55bdea4672bb47aa73
5d4a5378ed9f8bf68dbfb6246761e6d44e2b11fa626d8b4f8d1d6a779f037cd2
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 8.7 kB URL GET HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type assembler source, ASCII text, with very long lines (9188), with no line terminators
Hash e6aa00105765c90499065e7b4953475e
c214db0a0c9ceda57bef567789961817554e01c9
33af7cdbf9e003d6a268f344b7d9fd8fc39d19b0a412b9eaa4487d509a4a54b1
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 8.1 kB URL GET HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (8281), with no line terminators
Hash fe90ec8075308aa0695b41a01faa8d7c
9ef0157a99a6efd2a8672b699dbf4225d8fa67ad
782f2530cd4df35901bcdba4dab3cd8769f7cebfcfa96cec776cbcdc10d66062
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
91.209.70.182200 OK 23 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash f8398a4ad2442f1943b62d93f89249b6
280150fc79d01a95808b1c16ca8749e8d8cda85e
7c10acbcb15a2f181df3ad0d009a44f892e406bbfc8f94df12f8a47a71b696e5
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:30 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 3.4 kB URL GET HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (3612), with no line terminators
Hash e44702657a9e124a9ba6ba57e941d9e8
cbfc48ed2d804918f7f97c4f1ed6ea2a4780151b
39b318c989a0ac479bbf9196494fb1bec96cd1e54186051f5ba6225877acfd83
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
91.209.70.182200 OK 2.8 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (3129), with no line terminators
Hash 51c9993916aaff91429614ae79394a6b
51383b05a8ada15406d7eff96fc706c47cfb581b
7c418339961aab6dec877ed3760307367e9deea17a1fbd175e611c215e48634f
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:30 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 16 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 38c5167c8052d0c73892c3742b16e903
213ef9210b4a5c4e73a242e832a08f4abef69a74
743b919a337dfbb6d1e8648d0793532d47f8af48059e17f7e32ae8738c7614a7
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:29 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
91.209.70.182200 OK 1.7 kB URL GET HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP 91.209.70.182:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerSectigo Limited
Subject*.megaup.net
Fingerprint87:12:86:1C:E3:CE:6F:75:2C:26:9D:CD:B7:92:23:0F:CA:D5:15:1A
ValidityThu, 05 Oct 2023 00:00:00 GMT - Mon, 04 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (1734), with no line terminators
Hash 4d22ff28e999a5c332705be886a5984b
8f458405367020346f614bbe41d21da151fdfa87
65e973e0ec1ed64f42a2ad48e4d02a34c9db54a7340761d86c53149a508e9b32
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
DNT: 1
Connection: keep-alive
Cookie: filehosting=0vnc81hravi7kgk6iv7f01pfj6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 30 Oct 2023 14:18:30 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PXUoEMRCEr+IFJnT136T32WcFxQNkftYnF0GFFfrwJqPIpgh0N1XJ10wsE2gSugOdUE+CDJSgolxgmg+PT6nIt/21fb2Xy/6ZCGFwegRpzRCt7KnqiuppQIrDtWdqH5i7JywlqYtNVEdViNjCc57z5fn+uOjiFKIrG/V6fJwgTu0NXUecXNfg1mba3PUcjqaItsK3fZ9lH8ZbUvpVIXTe8Tr9axpWgQp3oH4oj3H7+L6smTfGIfuLcuSBozoA++q8RKjNaqaytSV4RVtgUD5zbD/BbzZTXAEAAA==
95.211.229.246200 OK 0 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PXUoEMRCEr+IFJnT136T32WcFxQNkftYnF0GFFfrwJqPIpgh0N1XJ10wsE2gSugOdUE+CDJSgolxgmg+PT6nIt/21fb2Xy/6ZCGFwegRpzRCt7KnqiuppQIrDtWdqH5i7JywlqYtNVEdViNjCc57z5fn+uOjiFKIrG/V6fJwgTu0NXUecXNfg1mba3PUcjqaItsK3fZ9lH8ZbUvpVIXTe8Tr9axpWgQp3oH4oj3H7+L6smTfGIfuLcuSBozoA++q8RKjNaqaytSV4RVtgUD5zbD/BbzZTXAEAAA==
IP 95.211.229.246:443
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PXUoEMRCEr+IFJnT136T32WcFxQNkftYnF0GFFfrwJqPIpgh0N1XJ10wsE2gSugOdUE+CDJSgolxgmg+PT6nIt/21fb2Xy/6ZCGFwegRpzRCt7KnqiuppQIrDtWdqH5i7JywlqYtNVEdViNjCc57z5fn+uOjiFKIrG/V6fJwgTu0NXUecXNfg1mba3PUcjqaItsK3fZ9lH8ZbUvpVIXTe8Tr9axpWgQp3oH4oj3H7+L6smTfGIfuLcuSBozoA++q8RKjNaqaytSV4RVtgUD5zbD/BbzZTXAEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22653fbb37bc7d89.424459173788601565%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Oct 2023 14:18:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Wed, 29 Oct 2025 14:18:32 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
pogothere.xyz/
172.64.110.13200 OK 27 B IP 172.64.110.13:443
Requested by https://megaup.net/3kAby/Cities.Skylines.II-RUNE.part01.rar
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 81190b87ad9aa6da3914d850b05a61e0
86dc23d288db2cec47e9f460a6a25e550fa2a500
b6eb1789daadc57d182cff331e2daacb6b82de664c8f068115ef64adf7785f99
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 30 Oct 2023 14:18:32 GMT
content-type: text/plain
set-cookie: csu=1994333178983046@1@1698675512; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wk2eSCw%2BR%2Bgc%2FnjclZZVhSIDVwl8%2B%2FmWcF0IxbLYRRMWpqh0pEnvLvvWLKIg2nEn%2F7Q12AIPbRoT8TDKTmp50%2FIyLDPWK3YhTyFQSclsDD985zrLrgAwTVV9raITKTO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81e449c1fe923db2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.110.13200 OK 102 kB IP 172.64.110.13:443