hxxps://igg-games[.]cc/3388-command-conquer-renegade-free-download[.]html

Analysis

max time kernel
148s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
21/02/2024, 22:55 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://igg-games.cc/3388-command-conquer-renegade-free-download.html

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2408	Game.exe

Loads dropped DLL 3 IoCs

pid	Process
2408	Game.exe
2408	Game.exe
2408	Game.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 9 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-3594324687-1993884830-4019639329-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3594324687-1993884830-4019639329-1000\{0C5D23C8-3DD3-4300-A7F9-13C6CF87DB44}	msedge.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037.rar:Zone.Identifier	msedge.exe

Suspicious behavior: EnumeratesProcesses 17 IoCs

pid	Process
3040	msedge.exe
3040	msedge.exe
1180	msedge.exe
1180	msedge.exe
4680	msedge.exe
4680	msedge.exe
1832	identity_helper.exe
1832	identity_helper.exe
1556	msedge.exe
3236	msedge.exe
3236	msedge.exe
1460	msedge.exe
1460	msedge.exe
1644	msedge.exe
1644	msedge.exe
1644	msedge.exe
1644	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 31 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeRestorePrivilege	4940	7zG.exe
Token: 35	4940	7zG.exe
Token: SeSecurityPrivilege	4940	7zG.exe
Token: SeSecurityPrivilege	4940	7zG.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe
1180	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1180 wrote to memory of 2456	1180	msedge.exe	78
PID 1180 wrote to memory of 2456	1180	msedge.exe	78
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 5028	1180	msedge.exe	79
PID 1180 wrote to memory of 3040	1180	msedge.exe	80
PID 1180 wrote to memory of 3040	1180	msedge.exe	80
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81
PID 1180 wrote to memory of 2616	1180	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://igg-games.cc/3388-command-conquer-renegade-free-download.html
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd71663cb8,0x7ffd71663cc8,0x7ffd71663cd8
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
  2⤵
  PID:704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4548 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2596 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2624 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:1064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6912 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6744 /prefetch:8
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:1460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
  2⤵
  PID:496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,9825343580674371410,10770491455372815529,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=7936 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1644

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3188

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1040

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\" -spe -an -ai#7zMap9254:132:7zEvent7219
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4940

C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\Game.exe
"C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\Game.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2408

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x0000000000000468
1⤵
PID:4152

Network

DNS

igg-games.cc

msedge.exe

Remote address:

8.8.8.8:53

Request

igg-games.cc

IN A

Response

igg-games.cc

IN A

104.21.13.152

igg-games.cc

IN A

172.67.132.231
DNS

login.live.com

msedge.exe

Remote address:

8.8.8.8:53

Request

login.live.com

IN A

Response

login.live.com

IN CNAME

login.msa.msidentity.com

login.msa.msidentity.com

IN CNAME

www.tm.lg.prod.aadmsa.trafficmanager.net

www.tm.lg.prod.aadmsa.trafficmanager.net

IN CNAME

prdv4a.aadg.msidentity.com

prdv4a.aadg.msidentity.com

IN CNAME

www.tm.v4.a.prd.aadg.trafficmanager.net

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.68

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.2
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.17.179.184

a1952.dscq.akamai.net

IN A

96.17.179.205
DNS

pennilesscomingall.com

msedge.exe

Remote address:

8.8.8.8:53

Request

pennilesscomingall.com

IN A

Response

pennilesscomingall.com

IN A

192.243.61.225

pennilesscomingall.com

IN A

172.240.253.132

pennilesscomingall.com

IN A

172.240.108.76

pennilesscomingall.com

IN A

172.240.108.68

pennilesscomingall.com

IN A

172.240.108.84

pennilesscomingall.com

IN A

172.240.108.92
DNS

disqus.com

msedge.exe

Remote address:

8.8.8.8:53

Request

disqus.com

IN A

Response

disqus.com

IN A

151.101.0.134

disqus.com

IN A

151.101.192.134

disqus.com

IN A

151.101.128.134

disqus.com

IN A

151.101.64.134
DNS

68.159.190.20.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

68.159.190.20.in-addr.arpa

IN PTR

Response
DNS

x.ss2.us

msedge.exe

Remote address:

8.8.8.8:53

Request

x.ss2.us

IN A

Response

x.ss2.us

IN A

99.84.9.46

x.ss2.us

IN A

99.84.9.123

x.ss2.us

IN A

99.84.9.79

x.ss2.us

IN A

99.84.9.125
DNS

www.google-analytics.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google-analytics.com

IN A

Response

www.google-analytics.com

IN A

142.250.178.14
DNS

secure.globalsign.com

msedge.exe

Remote address:

8.8.8.8:53

Request

secure.globalsign.com

IN A

Response

secure.globalsign.com

IN CNAME

global.prd.cdn.globalsign.com

global.prd.cdn.globalsign.com

IN CNAME

cdn.globalsigncdn.com.cdn.cloudflare.net

cdn.globalsigncdn.com.cdn.cloudflare.net

IN A

104.18.21.226

cdn.globalsigncdn.com.cdn.cloudflare.net

IN A

104.18.20.226
DNS

40.36.251.142.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

40.36.251.142.in-addr.arpa

IN PTR

Response

40.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f81e100net
DNS

sandtheircle.com

msedge.exe

Remote address:

8.8.8.8:53

Request

sandtheircle.com

IN A

Response

sandtheircle.com

IN A

18.165.201.14

sandtheircle.com

IN A

18.165.201.3

sandtheircle.com

IN A

18.165.201.37

sandtheircle.com

IN A

18.165.201.103
DNS

d2qf34ln5axea0.cloudfront.net

msedge.exe

Remote address:

8.8.8.8:53

Request

d2qf34ln5axea0.cloudfront.net

IN A

Response

d2qf34ln5axea0.cloudfront.net

IN A

18.165.196.180

d2qf34ln5axea0.cloudfront.net

IN A

18.165.196.177

d2qf34ln5axea0.cloudfront.net

IN A

18.165.196.85

d2qf34ln5axea0.cloudfront.net

IN A

18.165.196.70
DNS

203.220.67.172.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

203.220.67.172.in-addr.arpa

IN PTR

Response
DNS

img1.wsimg.com

msedge.exe

Remote address:

8.8.8.8:53

Request

img1.wsimg.com

IN A

Response

img1.wsimg.com

IN CNAME

global-wildcard.wsimg.com.sni-only.edgekey.net

global-wildcard.wsimg.com.sni-only.edgekey.net

IN CNAME

e40258.g.akamaiedge.net

e40258.g.akamaiedge.net

IN A

184.28.198.211

e40258.g.akamaiedge.net

IN A

184.28.198.177
DNS

www.adsensecustomsearchads.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.adsensecustomsearchads.com

IN A

Response

www.adsensecustomsearchads.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
DNS

challenges.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.17.2.184

challenges.cloudflare.com

IN A

104.17.3.184
DNS

ad.a-ads.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ad.a-ads.com

IN A

Response

ad.a-ads.com

IN A

78.46.32.91
DNS

4.adsco.re

msedge.exe

Remote address:

8.8.8.8:53

Request

4.adsco.re

IN A

Response

4.adsco.re

IN A

162.252.214.5
DNS

186.166.17.104.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

186.166.17.104.in-addr.arpa

IN PTR

Response
DNS

engine.4dsply.com

msedge.exe

Remote address:

8.8.8.8:53

Request

engine.4dsply.com

IN A

Response

engine.4dsply.com

IN A

104.16.158.17

engine.4dsply.com

IN A

104.16.159.17
DNS

186.109.132.38.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

186.109.132.38.in-addr.arpa

IN PTR

Response
DNS

180.178.17.96.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

180.178.17.96.in-addr.arpa

IN PTR

Response

180.178.17.96.in-addr.arpa

IN PTR

a96-17-178-180deploystaticakamaitechnologiescom
DNS

ocsp.digicert.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ocsp.digicert.com

IN A

Response

ocsp.digicert.com

IN CNAME

ocsp.edge.digicert.com

ocsp.edge.digicert.com

IN CNAME

fp2e7a.wpc.2be4.phicdn.net

fp2e7a.wpc.2be4.phicdn.net

IN CNAME

fp2e7a.wpc.phicdn.net

fp2e7a.wpc.phicdn.net

IN A

192.229.221.95
DNS

static.enlisted.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.enlisted.net

IN A

Response

static.enlisted.net

IN CNAME

cl-328f7912.gcdn.co

cl-328f7912.gcdn.co

IN A

93.123.11.62
DNS

s.yimg.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s.yimg.com

IN A

Response

s.yimg.com

IN CNAME

edge.gycpi.b.yahoodns.net

edge.gycpi.b.yahoodns.net

IN A

87.248.114.11

edge.gycpi.b.yahoodns.net

IN A

87.248.114.12
GET

https://igg-games.cc/3388-command-conquer-renegade-free-download.html

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /3388-command-conquer-renegade-free-download.html HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d; path=/
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bhVHtQjsmysc6DiErKcJiAi6Xs98IZzXRpD6VCwVjP%2FH%2B7bS%2B34zpmI7MwD5arkIfcEZjN1sS1xZgNOQJoEdhGhw1Fk7f1AH4UCCW8VrjlGJ4e2iKq0YEUylQcAoOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859293f9cd0d250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/css/all.min.css?v1.0.0

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/css/all.min.css?v1.0.0 HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/png
content-length: 22508
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=2592000
expires: Mon, 26 Feb 2024 11:53:12 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2199746
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIJ5ra9v2ka49Vavum0E3JMzXZanva24CYAeNi21EJ4mkw2DFRwJtpXANaxIyAz%2FItlzUsHlef57J63jHT8d94EtBM0eDQ9crvixVrk%2BdK3MOIpifieJDpk8%2BubQzaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fa9eb2250e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/logo-1.png

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/logo-1.png HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Wed, 21 Feb 2024 23:08:23 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 6435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr2fQjgE4IUPfQzXYxOuCq7pwVXhj9AJs9L9hB6yO8qJ5q5ZtC4iyfFtoBJO7AjNM6zTElnDPqzxwTfl%2Bl0yE2SuH0zAwnj4w0xTEqutRhAHhI1gD1rU5cMXL6S0gl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fa9ebd250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/js/app.min.js?v1.0.0

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/js/app.min.js?v1.0.0 HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=2592000
expires: Wed, 28 Feb 2024 14:42:15 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2016803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTHUEwEzv1B0hFBFraOhDQpulRssxA%2Bv86%2FS5iX4LUieiI%2FO0rVGtH7BdPwOy9lU%2B61ge0kY24PLo5SOng0aXW%2BvhJT6RLrBGQ67ne8a%2Bv2YJbxOgQGZVzVqlh%2BJ6Ts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859293fa9ea7250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/link.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/link.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: application/javascript
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=259200
expires: Sat, 24 Feb 2024 09:57:28 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 46690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd93Qe0VAmGMksCV1CESYWb1ybqbVw%2BHDc%2Bidhn6CzF7zwx3Y1CZewpLRX5uE0fDobUw2pYPPUHMCCZHXmErcrydrbkw7LOx3%2BZ5stafiilBRmECOH6%2BgQH8rIIgFxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859293fa9eb7250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/iggbackground.jpg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/iggbackground.jpg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/jpeg
content-length: 376046
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=432000
expires: Mon, 26 Feb 2024 17:03:33 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyRWwBI5CD6aOlKe6%2BuKvjx2x%2BYxzoVZUdokvgVJkntVcRa8as7bw5hHMuaTbcWqemJAkvE7ewC1cmlZg13NyWCkEQTaXdHiz3sqz8MkG7puol0QZunxjyBaTEjH5PE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f74250e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/home.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/home.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Wed, 21 Feb 2024 23:10:20 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 6318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1ThQs0NgiBqy8vCoGbOj3zGFvxRzx1kYIwZiTfHfdgwuhkIhMoKMKAKxYe0kmaYRx3nMoMPBrZB6G2eR3lUc6vXgN%2FqIfYufUbk4an1codBMILSlCa3FF4ZP2ItJoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f80250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/tag.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/tag.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P75lN05bun%2B6jEERQUAjAXx6Ka2XOuE72wZLuzi0OZsulJA6aTKQnR8stb4Nzyg1le1r4E4YWkBRZdQMHfwq8tX8BiY63x3V7Zq4wvqvlXW0WkJvY21UcnNcSJG7z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f87250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/settings.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/settings.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2a9oQSWWDRTDhkakvLGuunGX2DVwM%2BHPPzbeXBeA3moBx0Hw%2Bfxr7IFHj7rBi98zELBShSH%2Bx%2FaDMHiIo9lI8%2BN0hRvWfT7%2FDv3QH2NcqqId5iUAdm4W8SX%2FbhpjII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f85250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/info.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/info.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpT5qAwtFn1z1MfRufAD9eiJ4JAqi09KtrTAGjq%2FW0s4BFuCTUx7jRUra7B%2BxKcWuZUVgS299m4N%2FV0aK%2BxkGLn5VOAccdNHq9EGnlp0ZsI7SS4qgzQoZbGBwU4uoxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f83250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/list.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/list.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkM2fgK%2BedQo1ems2yCnUNlmuOZPMu8gZ7m%2ByH0aZQhUnKg5QFDw3Igbzb%2FN9X3WRa81mxDUImuAM1oZ61mqADHwZLjsLR7GWopamSSDHwm1wh3qIbyqSKJty9W%2FTX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f7e250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/question.svg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/question.svg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bn94XTYfx18Ggfb71WL6mzFHEjIbR5vyKD0Sh2j2McrAjSBhlleX7CYzNFQ0WgrwwPHMq9qnGY%2BTBP3bSx9Lrojs%2BC0ExSXDD6JC1RA6sSpMAciVjfSTFCwpb83EWSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fb4f86250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/font/font-4c91e794.woff2

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/font/font-4c91e794.woff2 HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://igg-games.cc
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: font/woff2
content-length: 7904
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:48:16 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 442
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw1P8C03TQ%2FyPW4ozRfi%2FSBaE%2F623%2FvJWaV%2BMBm%2B6Q20CqgYsT3xnx3ut7BqAsjD499mUK0%2FMwAQvE5o0Z6%2FHRW4%2BPLnpX8pM3zpjxTR3lr0Q6gZOWW%2Fypu8SMlkpmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fbc83b250e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/font/font-7e3e66cb.woff2

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/font/font-7e3e66cb.woff2 HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://igg-games.cc
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://igg-games.cc/assets/css/all.min.css?v1.0.0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:38 GMT
content-type: font/woff2
content-length: 14564
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=14400
expires: Thu, 22 Feb 2024 00:55:38 GMT
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JztICPCxweku2RVO6n4Jy6EVXH24nJ0%2F2x1TnzWmla2cn5103nmQ3%2FPWG2dIscLfFaU%2Fa8mJdatz%2Fwq%2FnQMi2zdZKFDovwaIgHtlRTDYUW8VHjwMCXCgQ62GMSZfcjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859293fbe85f250e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/js/particles.min.js?_=1708556139813

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/js/particles.min.js?_=1708556139813 HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:40 GMT
content-type: application/javascript
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=259200
expires: Sat, 24 Feb 2024 22:55:40 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwHV7j4D2LtWKaP8i07WI8RFsssl9hWnWwxXECGQrf5FDJXTg8RxykJUGbRI8C%2BsjQid%2BCLmJjy5eckV43HjHPcfzSkVjldS4IQH59mPj7iOixRZkLTAzkse5ELK3Cg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85929405dc87250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/js/particlesjs-config.json

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/js/particlesjs-config.json HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:40 GMT
content-type: application/json
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=7200
expires: Thu, 22 Feb 2024 00:55:40 GMT
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bCu1lIjOGy0IoJIdXoosqguxjGX94E%2Bs4o0vDMiEhF%2BWpLaRqsnR3K9krOON8Ui4vgiyDRIs4nub5RJRjuOy6lN6UzmXNi8TLYyyN0%2BxBWXBgj9OA2B11u862iVNQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294068d9b250e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/assets/img/1-4.jpg

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /assets/img/1-4.jpg HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d
cookie: _ga=GA1.2.1806698686.1708556140
cookie: _gid=GA1.2.1285771151.1708556140
cookie: _gat_gtag_UA_117500068_15=1

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:40 GMT
content-type: image/jpeg
content-length: 19281
x-frame-options: SAMEORIGIN
last-modified: Fri, 05 Feb 2021 13:23:21 GMT
cache-control: max-age=432000
expires: Sun, 25 Feb 2024 02:56:12 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 158368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNR4Z3cSjVzIkqTvcqaMxcYCQ4HQCR6kabHSV97xrsSL%2BHtrlj70HyMIE7dfIaZ1UB7wn%2BxjIy6eG1Nko1k1Q%2FJMQZAZGZUc7Xo7w2Njlya%2ByG%2FZWVsnD9KuB%2FJnWvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85929407dedc250e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://igg-games.cc/redirector?url=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar

msedge.exe

Remote address:

104.21.13.152:443

Request

GET /redirector?url=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar HTTP/2.0
host: igg-games.cc
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://igg-games.cc/3388-command-conquer-renegade-free-download.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=06oataj3ubge9k187ugdmfgs1d
cookie: _ga=GA1.2.1806698686.1708556140
cookie: _gid=GA1.2.1285771151.1708556140
cookie: _gat_gtag_UA_117500068_15=1

Response

HTTP/2.0 302

date: Wed, 21 Feb 2024 22:55:53 GMT
content-type: text/html; charset=UTF-8
location: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCNCcRe3b8YF3LM8k85zu2KH1Evs8mv0uqHGtwA6BhnaJan30R5JZTpHZsjnRPJG9MB4ecJcJDJVQUJOUfQh0JoF0SMBEDVRGrdt2nEXtjFWEJybnfErJS9aiyg8GQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294571f89250e-LHR
alt-svc: h3=":443"; ma=86400
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

96.17.179.184:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 21 Feb 2024 23:55:38 GMT
Date: Wed, 21 Feb 2024 22:55:38 GMT
Connection: keep-alive
GET

https://3.bp.blogspot.com/-KgBXAHf-fWE/VGj5c_hwNDI/AAAAAAAAAts/Lx3B9vY1ynM/s1600/cover.jpg

msedge.exe

Remote address:

172.217.16.225:443

Request

GET /-KgBXAHf-fWE/VGj5c_hwNDI/AAAAAAAAAts/Lx3B9vY1ynM/s1600/cover.jpg HTTP/2.0
host: 3.bp.blogspot.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://igggames-cc.disqus.com/embed.js

msedge.exe

Remote address:

199.232.192.134:443

Request

GET /embed.js HTTP/1.1
Host: igggames-cc.disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://igg-games.cc/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 26153
server: openresty
content-type: application/javascript; charset=utf-8
x-service: router
content-encoding: gzip
Date: Wed, 21 Feb 2024 22:55:39 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET

https://igggames-cc.disqus.com/recommendations.js

msedge.exe

Remote address:

199.232.192.134:443

Request

GET /recommendations.js HTTP/1.1
Host: igggames-cc.disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://igg-games.cc/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 21369
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
x-service: router
content-encoding: gzip
Date: Wed, 21 Feb 2024 22:55:39 GMT
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET

https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://igg-games.cc/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 2785
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Wed, 13 Dec 2023 21:57:41 GMT
ETag: W/"lounge:view:7864326885.00194be2ee86c9a385dea6fe1fde8721.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Wed, 21 Feb 2024 22:55:39 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://igg-games.cc/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 2356
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Wed, 13 Dec 2023 21:57:41 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Wed, 21 Feb 2024 22:55:39 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://disqus.com/next/config.js

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /next/config.js HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 19372
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Age: 47
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Accept: */*
DNT: 1
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 3145
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Accept: application/json, text/javascript, */*; q=0.01
DNT: 1
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __jid=7ub8f0u48ptbg; disqus_unique=7ub8f4fq8oppk

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 6546
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Age: 29
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://c.disquscdn.com/next/embed/common.bundle.8206e89799ee4181c95ad226ce8a6edb.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/common.bundle.8206e89799ee4181c95ad226ce8a6edb.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 94174
date: Mon, 12 Feb 2024 09:16:33 GMT
server: nginx
last-modified: Mon, 12 Feb 2024 09:07:21 GMT
etag: "65c9dfc9-16fde"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 11 Feb 2025 09:16:33 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: itzdg9B7AFZZoD4tL0P0RL9vkf3RNVbjra-IXy5IPk3suuA4B8QcqA==
age: 826746
GET

https://c.disquscdn.com/next/recommendations/common.bundle.7cc23efb3b28d49881e87b3f75f6026a.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/recommendations/common.bundle.7cc23efb3b28d49881e87b3f75f6026a.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 88876
date: Mon, 12 Feb 2024 09:16:27 GMT
server: nginx
last-modified: Mon, 12 Feb 2024 09:07:21 GMT
etag: "65c9dfc9-15b2c"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 11 Feb 2025 09:16:27 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 4GRC1XGvGLSsIIZqKa82mMsKdk62dXfAooP4ok_phEHUEq301jUMXA==
age: 826753
GET

https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css; charset=utf-8
content-length: 33487
date: Tue, 20 Feb 2024 09:11:32 GMT
server: nginx
last-modified: Mon, 19 Feb 2024 05:03:30 GMT
etag: "65d2e122-82cf"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 19 Feb 2025 09:11:32 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: P0mNHvt58XdaQCaI5Wn_V6Zhl50a5oNe-puLhzi6h2WC62J05bt51w==
age: 135848
GET

https://c.disquscdn.com/next/embed/lounge.bundle.cfb08e519cc11c5aa744975ff08a4308.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/lounge.bundle.cfb08e519cc11c5aa744975ff08a4308.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 131212
date: Wed, 21 Feb 2024 09:29:48 GMT
server: nginx
last-modified: Wed, 21 Feb 2024 08:15:26 GMT
etag: "65d5b11e-2008c"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 20 Feb 2025 09:29:48 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: n8xDz9CC2PAFBi6FpEFEmiQMLeUda_XJ1ks9HEgAuHhASLQy9gVKtg==
age: 48352
GET

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css; charset=utf-8
content-length: 2968
date: Mon, 11 Dec 2023 01:10:12 GMT
server: nginx
last-modified: Wed, 06 Dec 2023 19:40:12 GMT
etag: "6570ce1c-b98"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 10 Dec 2024 01:10:12 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: zbHLAo0iPaWa2gmcrIE663od2bdD7jRvPxt2B4RmNbfnvCKr1kgwMQ==
age: 6299128
GET

https://c.disquscdn.com/next/recommendations/recommendations.bundle.c32c8fc7358a20ee5907be6e81b685a8.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/recommendations/recommendations.bundle.c32c8fc7358a20ee5907be6e81b685a8.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 20384
date: Wed, 21 Feb 2024 09:29:52 GMT
server: nginx
last-modified: Wed, 21 Feb 2024 08:15:26 GMT
etag: "65d5b11e-4fa0"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 20 Feb 2025 09:29:52 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: SixvBIYfPfNRZxw0Nmo8TJY8uu6_HUGx4zwnHpJyfplg_QpwlO2wgg==
age: 48348
GET

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.6d7ccb1c98b314b20422a2c2f0497a7f.svg

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/svg-sprite.6d7ccb1c98b314b20422a2c2f0497a7f.svg HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml; charset=utf-8
content-length: 13540
date: Tue, 30 Jan 2024 18:41:19 GMT
server: nginx
last-modified: Tue, 30 Jan 2024 16:48:51 GMT
etag: "65b92873-34e4"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 29 Jan 2025 18:41:19 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: jAGrEGQO-6Jv00YCovIFuzlj7yHSBHaUtK6FLutGR0phDbVWtbDfPg==
age: 1916061
GET

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
content-length: 2971
date: Sat, 30 Sep 2023 01:16:16 GMT
server: nginx
last-modified: Wed, 27 Sep 2023 18:53:18 GMT
etag: "65147a1e-b9b"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 29 Sep 2024 01:16:16 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: CBLTa9FyqsitgWgthbxm3FKPgZ2ClBK8j8lUbkqYHJV3fdu4lCXMzQ==
age: 12519564
GET

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml; charset=utf-8
content-length: 840
date: Fri, 01 Dec 2023 21:49:03 GMT
server: nginx
last-modified: Tue, 28 Nov 2023 15:53:32 GMT
etag: "65660cfc-348"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 30 Nov 2024 21:49:03 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: QkDQzAupM58vjvcUJiOs0Q2TnnKdnyE0yQFzJwwCLc3vT8mfe7pcNA==
age: 7088797
GET

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml; charset=utf-8
content-length: 891
date: Fri, 15 Dec 2023 00:01:39 GMT
server: nginx
last-modified: Wed, 06 Dec 2023 19:40:12 GMT
etag: "6570ce1c-37b"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 14 Dec 2024 00:01:39 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: IyYouIKvzGqcyZNNhN_3qEu6a1hLW9xohSepc5uU46onGjoI4DiyaQ==
age: 5957641
GET

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml; charset=utf-8
content-length: 605
date: Mon, 04 Sep 2023 03:59:19 GMT
server: nginx
last-modified: Thu, 31 Aug 2023 18:22:32 GMT
etag: "64f0da68-25d"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 03 Sep 2024 03:59:19 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: XJqHg1VrTo2PFV6_hXAwotkQuu64Ahx6hlxkBgBaGXFerBuHBEaakA==
age: 14756181
GET

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 1763
date: Sat, 30 Dec 2023 09:37:53 GMT
server: nginx
last-modified: Thu, 21 Dec 2023 18:58:13 GMT
etag: "65848ac5-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 29 Dec 2024 09:37:53 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: jEC4okwRGN3JJWHLiOZKMiG8mIKxVqwoRIkNouE-GI51BMLcMwUtyw==
age: 4627067
GET

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 26578
date: Sun, 21 Jan 2024 02:19:12 GMT
server: nginx
last-modified: Mon, 08 Jan 2024 22:12:55 GMT
etag: "659c7367-67d2"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Mon, 20 Jan 2025 02:19:12 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: ikBRJU-JPfQHsBiNTeAoy9AJ7g0JZsVv3BCWWSsR0XjvZjYqSUdfng==
age: 2752588
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2020%2F10%2FBaldurs-Gate-3-Free-Download.jpg&key=xp7O07KcIdvGD5borD2LZg&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2020%2F10%2FBaldurs-Gate-3-Free-Download.jpg&key=xp7O07KcIdvGD5borD2LZg&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 15469
date: Tue, 20 Feb 2024 08:15:58 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gpMwTWOI80pdBeiGawk5aTo5ltXcMPLLl95jlATXFhTFWzT%2Fm65oW%2Bqgp3mG55c8tFz14tyJ0ARWr3d68L%2FYdWiLWvjL3LNzUKpKNlwv18Bdy88Ql9bSQZTPay5GVMuEIv2dZbMCl7G8sg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Thu, 21 Mar 2024 08:15:58 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: XtyhMhgtMkPc0d0yF2qpRxDaUFxqaBYU8uL5wJXZ1KGe5sfqKmObag==
age: 139182
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FUNDYING-Free-Download.jpg&key=wb6umhMRgUW9-6vlRMwz0A&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FUNDYING-Free-Download.jpg&key=wb6umhMRgUW9-6vlRMwz0A&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 11809
date: Thu, 08 Feb 2024 11:55:58 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FGaJ5yLNDd6BnNxgNozb9UDbumLTDSvUzVr45N1O8Hz3xE6yROXxbBhDcJ8PrPIId05DtQtBabPh%2Fs3BX%2BuPyZCG10IGBhFt9kXw0VsbNzV4r8dngKdq0YhtnfzVYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 09 Mar 2024 11:55:58 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 9I-EeLW9GLUjHYdIoTH43dIfNN1RCD55biANXDo_2X3gW8UTtfpodA==
age: 1163065
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 13893
date: Thu, 08 Feb 2024 11:51:21 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPMxgOGNr5pO2zfwMBMh3VNiGD%2BA1QasRjD8%2BIBmlB8IchhdPMjze%2BJXO3vTlohq6PjSsmqvMQ4hsPxtXjdJVxQCzxsWWmx3IE%2Bo6gK02CsPzbjsSt8RhqFh0YJUvqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 09 Mar 2024 11:51:21 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 4-68OLDGBQnjFSmxWcKioO1PchlmdNTqVYi6ub3IFxQHE5cPjbtgpA==
age: 1163189
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBassmaster-Fishing-2022-Free-Download.jpg&key=-CFqS0ARPGcgsiKqt_iHWg&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBassmaster-Fishing-2022-Free-Download.jpg&key=-CFqS0ARPGcgsiKqt_iHWg&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 16107
date: Thu, 08 Feb 2024 11:52:47 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BvDv2vjm2tq3etjeaThs%2BGV50ef1jzznlQ3ul5Q9r356wc%2By7EQ1o1K7S1ieG41zuLJBVV9r9CKy4gbiZSbnYvLCLRTBJj7%2BAnUfRLOMh8fIvyVBUu%2BVmTdxIFauvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 09 Mar 2024 11:52:47 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: Tyk3oxD9qn9xp3MHmJd38qfNNAE4YjLKCYGddvQwHxbKMD2Z3Ec99Q==
age: 1162973
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLady-in-Tomb-Free-Download.jpg&key=mCE9GsNbZE5LtGmsaOixGQ&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLady-in-Tomb-Free-Download.jpg&key=mCE9GsNbZE5LtGmsaOixGQ&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 17739
date: Fri, 16 Feb 2024 02:23:42 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akga7B%2BVR%2FbGA2w%2B60hg7LoxPhxnClHIWLtHGR484tpPx6rKileIKZrR4UiRaplFuhcG5dvPHAWVqvX3YlW9%2Fo1YatMuU7LMSf5YWJ0NLRX4vhXj6fSZCRgaqrardBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sun, 17 Mar 2024 02:23:42 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: Lv4JYWxylQt-gs9vEq_JpbYuA8tCr0-CwHhmrpja07H4Ba-Ra_X4WQ==
age: 505918
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAlisa-Free-Download.jpg&key=oJloFxRNciJcjRL4UDM64w&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAlisa-Free-Download.jpg&key=oJloFxRNciJcjRL4UDM64w&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 14719
date: Thu, 08 Feb 2024 11:48:27 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwIuvH0K1QuFc0wXiKAvny%2BJo3JbTg9m4JboW7zoYCTI4RHe4P5J2zEhIymZua8HgnX5MBqKuUoCq7Za%2BWBKD2nXB8MmKIfi991NzTsDpdv14I2gQO1t7nL3N%2BOIsyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 09 Mar 2024 11:48:27 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 9sExH99iUSuCk3IR-WQXrucC4z9JP7tViNFcY5yzi2bz6sOqBHxPeQ==
age: 1163233
GET

https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAxis-Allies-1942-Online-Free-Download.jpg&key=nx3oTH7e9x-vn7MpQuHA1w&h=200

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAxis-Allies-1942-Online-Free-Download.jpg&key=nx3oTH7e9x-vn7MpQuHA1w&h=200 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 18130
date: Thu, 08 Feb 2024 11:49:41 GMT
server: nginx
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWc7awe5DokvJTl%2F4SUE8sJrIS%2B46FVMAyzrG1uAxmicem%2Fm%2Fl6ipsydGqVVEOZs79Clkxli5hMizIOjV3%2BnxEd5LzaoW6NiPIrSUfojvGfZJu4bQ05%2FcOWDO3OxyLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Sat, 09 Mar 2024 11:49:41 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cross-origin-resource-policy: cross-origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: d0A6EbZQPJ4ob5PSCBwioVE3O3Y3rpwpo-WXRbgW2m4hDdptWRgxUQ==
age: 1163159
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/upvote-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 8170
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 21 Feb 2024 22:51:10 GMT
expires: Wed, 21 Feb 2024 22:56:10 GMT
cache-control: max-age=300
cache-control: public
etag: "65d63780-1fea"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: jNbo0AgxomxHqBIFUt3Mqzx-BoCOy6GmncIpVtd07Rh1qLxyrchfAg==
age: 270
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/funny-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 8883
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 21 Feb 2024 22:54:54 GMT
expires: Wed, 21 Feb 2024 22:59:54 GMT
cache-control: max-age=300
cache-control: public
etag: "65d63780-22b3"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: El3z2Z5739cAqMOP2ZaR5GVkv7wVFibgiKbXrepNUIgXjpJ3Kd6log==
age: 46
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/love-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 11910
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 21 Feb 2024 22:52:22 GMT
expires: Wed, 21 Feb 2024 22:57:22 GMT
cache-control: max-age=300
cache-control: public
etag: "65d63780-2e86"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: np_I8qsbgHVy7ioC6SD-VP-ba_I5drjb-sIlf3i1bzCMOVykBazDPw==
age: 198
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/surprised-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 7308
date: Wed, 21 Feb 2024 22:54:12 GMT
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 21 Feb 2024 22:59:12 GMT
cache-control: max-age=300
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
cache-control: public
accept-ranges: bytes
etag: "65d63780-1c8c"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: CIEGV3P_tWUQdR1bwG_FrmIB8Cyz5Uz2zmtxUqN9Iws2bp0KD5FRNw==
age: 88
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/angry-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 20675
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 21 Feb 2024 22:54:36 GMT
expires: Wed, 21 Feb 2024 22:59:36 GMT
cache-control: max-age=300
cache-control: public
etag: "65d63780-50c3"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: m5HLKNIDYG6lziWrE2Oogkde5CLZ4--mvhDR2NFKtLGH9EfPWW6zTw==
age: 64
GET

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/current/publisher-admin/assets/img/emoji/sad-512x512.png HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 8986
server: nginx
last-modified: Wed, 21 Feb 2024 17:48:48 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 21 Feb 2024 22:51:20 GMT
expires: Wed, 21 Feb 2024 22:56:20 GMT
cache-control: max-age=300
cache-control: public
etag: "65d63780-231a"
x-cache: Hit from cloudfront
via: 1.1 eadf79e9c2d5c2d1c323c9bb914a92d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: mQ03iUoQ6ZaL33MfO1eeuVW_MluTVHV_q8zX9gvActTkadpsVbC-TA==
age: 260
DNS

225.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.16.217.172.in-addr.arpa

IN PTR

Response

225.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f11e100net

225.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f1�H
DNS

134.0.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.0.101.151.in-addr.arpa

IN PTR

Response
DNS

referrer.disqus.com

Remote address:

8.8.8.8:53

Request

referrer.disqus.com

IN A

Response

referrer.disqus.com

IN CNAME

prod.disqus.map.fastlylb.net

prod.disqus.map.fastlylb.net

IN A

199.232.192.134

prod.disqus.map.fastlylb.net

IN A

199.232.196.134
DNS

links.services.disqus.com

Remote address:

8.8.8.8:53

Request

links.services.disqus.com

IN A

Response

links.services.disqus.com

IN CNAME

f.ssl.fastly.net

f.ssl.fastly.net

IN A

199.232.192.64

f.ssl.fastly.net

IN A

199.232.196.64
DNS

35.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.36.251.142.in-addr.arpa

IN PTR

Response

35.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f31e100net
DNS

megaup.net

Remote address:

8.8.8.8:53

Request

megaup.net

IN A

Response

megaup.net

IN A

91.209.70.182
DNS

www.facebook.com

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

100.140.244.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

100.140.244.18.in-addr.arpa

IN PTR

Response

100.140.244.18.in-addr.arpa

IN PTR

server-18-244-140-100lhr50r cloudfrontnet
DNS

webpick-cdn.s3.amazonaws.com

Remote address:

8.8.8.8:53

Request

webpick-cdn.s3.amazonaws.com

IN A

Response

webpick-cdn.s3.amazonaws.com

IN CNAME

s3-us-west-2-w.amazonaws.com

s3-us-west-2-w.amazonaws.com

IN A

52.92.128.33

s3-us-west-2-w.amazonaws.com

IN A

52.92.206.225

s3-us-west-2-w.amazonaws.com

IN A

52.92.186.57

s3-us-west-2-w.amazonaws.com

IN A

52.218.133.97

s3-us-west-2-w.amazonaws.com

IN A

52.92.240.113

s3-us-west-2-w.amazonaws.com

IN A

52.92.164.193

s3-us-west-2-w.amazonaws.com

IN A

52.92.180.89

s3-us-west-2-w.amazonaws.com

IN A

52.218.178.131
DNS

211.198.28.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.198.28.184.in-addr.arpa

IN PTR

Response

211.198.28.184.in-addr.arpa

IN PTR

a184-28-198-211deploystaticakamaitechnologiescom
DNS

partner.googleadservices.com

Remote address:

8.8.8.8:53

Request

partner.googleadservices.com

IN A

Response

partner.googleadservices.com

IN CNAME

partner46.googleadservices.com

partner46.googleadservices.com

IN A

142.251.36.2
DNS

challenges.cloudflare.com

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.17.3.184

challenges.cloudflare.com

IN A

104.17.2.184
DNS

prestigiousdauntdistressed.com

Remote address:

8.8.8.8:53

Request

prestigiousdauntdistressed.com

IN A

Response

prestigiousdauntdistressed.com

IN A

172.240.108.92

prestigiousdauntdistressed.com

IN A

192.243.59.13

prestigiousdauntdistressed.com

IN A

192.243.61.225

prestigiousdauntdistressed.com

IN A

192.243.59.20

prestigiousdauntdistressed.com

IN A

172.240.108.84

prestigiousdauntdistressed.com

IN A

192.243.61.227

prestigiousdauntdistressed.com

IN A

172.240.108.76

prestigiousdauntdistressed.com

IN A

192.243.59.12
DNS

107.3.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.3.26.104.in-addr.arpa

IN PTR

Response
DNS

qkrsvcuaztzl.s4.adsco.re

Remote address:

8.8.8.8:53

Request

qkrsvcuaztzl.s4.adsco.re

IN A

Response

qkrsvcuaztzl.s4.adsco.re

IN A

185.200.116.51
DNS

51.116.200.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.116.200.185.in-addr.arpa

IN PTR

Response

51.116.200.185.in-addr.arpa

IN PTR

no-mans-landm247com
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

wu-bg-shim.trafficmanager.net

wu-bg-shim.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

96.17.178.180

a767.dspw65.akamai.net

IN A

96.17.178.194

a767.dspw65.akamai.net

IN A

96.17.178.209
DNS

fp.msedge.net

Remote address:

8.8.8.8:53

Request

fp.msedge.net

IN A

Response

fp.msedge.net

IN CNAME

1.perf.msedge.net

1.perf.msedge.net

IN CNAME

a-0019.a-msedge.net

a-0019.a-msedge.net

IN CNAME

a-0019.a.dns.azurefd.net

a-0019.a.dns.azurefd.net

IN CNAME

a-0019.standard.a-msedge.net

a-0019.standard.a-msedge.net

IN A

204.79.197.222
DNS

1.14.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.14.67.172.in-addr.arpa

IN PTR

Response
DNS

consent.cookiefirst.com

Remote address:

8.8.8.8:53

Request

consent.cookiefirst.com

IN A

Response

consent.cookiefirst.com

IN CNAME

consent.b-cdn.net

consent.b-cdn.net

IN A

143.244.38.136
DNS

134.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.192.232.199.in-addr.arpa

IN PTR

Response
DNS

46.9.84.99.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.9.84.99.in-addr.arpa

IN PTR

Response

46.9.84.99.in-addr.arpa

IN PTR

server-99-84-9-46lhr62r cloudfrontnet
DNS

fonts.gstatic.com

Remote address:

8.8.8.8:53

Request

fonts.gstatic.com

IN A

Response

fonts.gstatic.com

IN A

142.251.36.35
DNS

14.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.178.250.142.in-addr.arpa

IN PTR

Response

14.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f141e100net
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
DNS

pogothere.xyz

Remote address:

8.8.8.8:53

Request

pogothere.xyz

IN A

Response

pogothere.xyz

IN A

172.67.220.203

pogothere.xyz

IN A

104.21.24.208
DNS

parrecleftne.xyz

Remote address:

8.8.8.8:53

Request

parrecleftne.xyz

IN A

Response

parrecleftne.xyz

IN A

72.52.178.23
DNS

84.127.177.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.127.177.108.in-addr.arpa

IN PTR

Response

84.127.177.108.in-addr.arpa

IN PTR

el-in-f841e100net
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.179.196
DNS

126.150.225.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.150.225.34.in-addr.arpa

IN PTR

Response

126.150.225.34.in-addr.arpa

IN PTR

ec2-34-225-150-126 compute-1 amazonawscom
DNS

a.nel.cloudflare.com

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
DNS

platform.bidgear.com

Remote address:

8.8.8.8:53

Request

platform.bidgear.com

IN A

Response

platform.bidgear.com

IN A

104.26.3.107

platform.bidgear.com

IN A

172.67.74.36

platform.bidgear.com

IN A

104.26.2.107
DNS

6.adsco.re

Remote address:

8.8.8.8:53

Request

6.adsco.re

IN A

Response

6.adsco.re

IN A

104.17.167.186

6.adsco.re

IN A

104.17.166.186
DNS

crt.usertrust.com

Remote address:

8.8.8.8:53

Request

crt.usertrust.com

IN A

Response

crt.usertrust.com

IN CNAME

crt.comodoca.com

crt.comodoca.com

IN CNAME

crt.comodoca.com.cdn.cloudflare.net

crt.comodoca.com.cdn.cloudflare.net

IN A

104.18.38.233

crt.comodoca.com.cdn.cloudflare.net

IN A

172.64.149.23
DNS

186.167.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.167.17.104.in-addr.arpa

IN PTR

Response
DNS

90.118.200.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.118.200.185.in-addr.arpa

IN PTR

Response

90.118.200.185.in-addr.arpa

IN PTR

adscorecom
DNS

19.140.106.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.140.106.185.in-addr.arpa

IN PTR

Response
DNS

enlisted.net

Remote address:

8.8.8.8:53

Request

enlisted.net

IN A

Response

enlisted.net

IN A

172.67.14.1

enlisted.net

IN A

104.22.42.210

enlisted.net

IN A

104.22.43.210
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.179.196
DNS

119.251.250.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.251.250.87.in-addr.arpa

IN PTR

Response

119.251.250.87.in-addr.arpa

IN PTR

mcyandexru
DNS

225.61.243.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.61.243.192.in-addr.arpa

IN PTR

Response
DNS

disqus.com

Remote address:

8.8.8.8:53

Request

disqus.com

IN A

Response

disqus.com

IN A

151.101.128.134

disqus.com

IN A

151.101.64.134

disqus.com

IN A

151.101.192.134

disqus.com

IN A

151.101.0.134
DNS

cdn.viglink.com

Remote address:

8.8.8.8:53

Request

cdn.viglink.com

IN A

Response

cdn.viglink.com

IN CNAME

dp2drdtly304p.cloudfront.net

dp2drdtly304p.cloudfront.net

IN A

18.164.68.5

dp2drdtly304p.cloudfront.net

IN A

18.164.68.102

dp2drdtly304p.cloudfront.net

IN A

18.164.68.16

dp2drdtly304p.cloudfront.net

IN A

18.164.68.65
DNS

42.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.36.251.142.in-addr.arpa

IN PTR

Response

42.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f101e100net
DNS

ajax.googleapis.com

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

216.58.208.106
DNS

ghabovethec.info

Remote address:

8.8.8.8:53

Request

ghabovethec.info

IN A

Response

ghabovethec.info

IN A

18.244.140.100

ghabovethec.info

IN A

18.244.140.102

ghabovethec.info

IN A

18.244.140.79

ghabovethec.info

IN A

18.244.140.110
DNS

theharityhild.buzz

Remote address:

8.8.8.8:53

Request

theharityhild.buzz

IN A

Response

theharityhild.buzz

IN A

34.195.224.242

theharityhild.buzz

IN A

54.225.185.110
DNS

241.132.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.132.67.172.in-addr.arpa

IN PTR

Response
DNS

33.128.92.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.128.92.52.in-addr.arpa

IN PTR

Response
DNS

api.aws.parking.godaddy.com

Remote address:

8.8.8.8:53

Request

api.aws.parking.godaddy.com

IN A

Response

api.aws.parking.godaddy.com

IN CNAME

gddomainparking.com

gddomainparking.com

IN A

34.225.150.126

gddomainparking.com

IN A

18.210.111.172
DNS

download.megaup.net

Remote address:

8.8.8.8:53

Request

download.megaup.net

IN A

Response

download.megaup.net

IN A

172.67.192.50

download.megaup.net

IN A

104.21.57.204
DNS

altowriestwispy.com

Remote address:

8.8.8.8:53

Request

altowriestwispy.com

IN A

Response

altowriestwispy.com

IN A

23.109.170.2
DNS

c.adsco.re

Remote address:

8.8.8.8:53

Request

c.adsco.re

IN A

Response

c.adsco.re

IN A

104.17.166.186

c.adsco.re

IN A

104.17.167.186
DNS

92.108.240.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

92.108.240.172.in-addr.arpa

IN PTR

Response
DNS

233.38.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.38.18.104.in-addr.arpa

IN PTR

Response
DNS

90.116.200.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.116.200.185.in-addr.arpa

IN PTR

Response

90.116.200.185.in-addr.arpa

IN PTR

no-mans-landm247com
DNS

s333.adxpremium.services

Remote address:

8.8.8.8:53

Request

s333.adxpremium.services

IN A

Response

s333.adxpremium.services

IN A

185.106.140.19

s333.adxpremium.services

IN A

172.255.100.116
DNS

www.ovardu.com

Remote address:

8.8.8.8:53

Request

www.ovardu.com

IN A

Response

www.ovardu.com

IN A

104.21.96.72

www.ovardu.com

IN A

172.67.174.4
DNS

133.126.35.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.126.35.63.in-addr.arpa

IN PTR

Response

133.126.35.63.in-addr.arpa

IN PTR

ec2-63-35-126-133 eu-west-1compute amazonawscom
DNS

136.38.244.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

136.38.244.143.in-addr.arpa

IN PTR

Response

136.38.244.143.in-addr.arpa

IN PTR

143-244-38-136 bunnyinfranet
GET

https://c.disquscdn.com/next/embed/lounge.load.d6b40c72d6a65395e295d066c35450c7.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/lounge.load.d6b40c72d6a65395e295d066c35450c7.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://disqus.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 629
date: Wed, 21 Feb 2024 09:29:48 GMT
server: nginx
last-modified: Wed, 21 Feb 2024 08:15:26 GMT
etag: "65d5b11e-275"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 20 Feb 2025 09:29:48 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 b0ccdd99457b319f6d3d11d03a119afe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: kK4X9ItPWnxOusZDl2vTA2XF7pp9t3ojjAGk9mF_FX9Qf6SgQQhyBw==
age: 48351
GET

https://c.disquscdn.com/next/recommendations/recommendations.load.ebfb6efa9e61d3e8fa4ba7e418dab15c.js

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/recommendations/recommendations.load.ebfb6efa9e61d3e8fa4ba7e418dab15c.js HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://disqus.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://disqus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
content-length: 447
date: Wed, 21 Feb 2024 09:29:52 GMT
server: nginx
last-modified: Wed, 21 Feb 2024 08:15:26 GMT
etag: "65d5b11e-1bf"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 20 Feb 2025 09:29:52 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 b0ccdd99457b319f6d3d11d03a119afe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: 3L7kNhkw4qUI64N144NSw-HrnoCBULQ5UJjsiJBu00SlLyAmGt1KFA==
age: 48347
GET

https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2

msedge.exe

Remote address:

216.137.44.100:443

Request

GET /next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2 HTTP/2.0
host: c.disquscdn.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://disqus.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/octet-stream
content-length: 8216
date: Sat, 09 Dec 2023 06:58:33 GMT
server: nginx
last-modified: Wed, 06 Dec 2023 19:40:12 GMT
etag: "6570ce1c-2018"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 08 Dec 2024 06:58:33 GMT
cache-control: max-age=31536000
cache-control: public
cache-control: immutable
cache-control: no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 b0ccdd99457b319f6d3d11d03a119afe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: m0G-UAysDH3L6Kp4PeYVuRL6twfWYE3788Jkal9ruQzASdP2jhCzDg==
age: 6451027
GET

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=7864326885&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /api/3.0/threadReactions/loadReactions?thread=7864326885&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Accept: application/json, text/javascript, */*; q=0.01
DNT: 1
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 1339
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=30, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Age: 30
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

msedge.exe

Remote address:

151.101.0.134:443

Request

GET /api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
Accept: */*
DNT: 1
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 3145
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
GET

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=229&event=init_embed&thread=7864326885&forum=igggames-cc&forum_id=5934107&imp=7ub8f1v3qt98h5&thread_slug=command_conquer_renegade_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=1&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

msedge.exe

Remote address:

199.232.192.134:443

Request

GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=229&event=init_embed&thread=7864326885&forum=igggames-cc&forum_id=5934107&imp=7ub8f1v3qt98h5&thread_slug=command_conquer_renegade_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=1&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false HTTP/1.1
Host: referrer.disqus.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 43
server: nginx
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
Date: Wed, 21 Feb 2024 22:55:40 GMT
Cross-Origin-Resource-Policy: cross-origin
GET

https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.6960268122842317

msedge.exe

Remote address:

18.164.68.5:443

Request

GET /images/pixel.gif?ch=1&rn=3.6960268122842317 HTTP/2.0
host: cdn.viglink.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Feb 2024 22:55:33 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 3b9738a5b7451fe82218bb5133021350.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: Ukhb1XKDUV1lKDfgsOme4pha_Jmjt8PIkMAx6D5PLQZ6gyTodF9g8g==
age: 7
GET

https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.6960268122842317

msedge.exe

Remote address:

18.164.68.5:443

Request

GET /images/pixel.gif?ch=2&rn=3.6960268122842317 HTTP/2.0
host: cdn.viglink.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
content-length: 43
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Feb 2024 22:55:33 GMT
cache-control: max-age=15, must-revalidate
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
via: 1.1 3b9738a5b7451fe82218bb5133021350.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: R-aIh2FZVH4EfeEjF44ZQswrmhaipLmUJUVd5uAgIqWITwejAX7FAQ==
age: 7
DNS

64.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.192.232.199.in-addr.arpa

IN PTR

Response
DNS

182.70.209.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

182.70.209.91.in-addr.arpa

IN PTR

Response
DNS

accounts.google.com

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

108.177.127.84
DNS

14.201.165.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.201.165.18.in-addr.arpa

IN PTR

Response

14.201.165.18.in-addr.arpa

IN PTR

server-18-165-201-14lhr50r cloudfrontnet
DNS

asdasdad.net

Remote address:

8.8.8.8:53

Request

asdasdad.net

IN A

Response

asdasdad.net

IN A

96.126.123.244

asdasdad.net

IN A

45.33.23.183

asdasdad.net

IN A

45.33.20.235

asdasdad.net

IN A

72.14.185.43

asdasdad.net

IN A

45.79.19.196

asdasdad.net

IN A

173.255.194.134

asdasdad.net

IN A

45.33.2.79

asdasdad.net

IN A

45.56.79.23

asdasdad.net

IN A

45.33.30.197

asdasdad.net

IN A

72.14.178.174

asdasdad.net

IN A

45.33.18.44

asdasdad.net

IN A

198.58.118.167
DNS

www.adsensecustomsearchads.com

Remote address:

8.8.8.8:53

Request

www.adsensecustomsearchads.com

IN A

Response

www.adsensecustomsearchads.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.179.206
DNS

3.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.214.58.216.in-addr.arpa

IN PTR

Response

3.214.58.216.in-addr.arpa

IN PTR

lhr26s05-in-f31e100net

3.214.58.216.in-addr.arpa

IN PTR

ams17s09-in-f3�F

3.214.58.216.in-addr.arpa

IN PTR

�7
DNS

184.2.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.2.17.104.in-addr.arpa

IN PTR

Response
DNS

cdn.engine.4dsply.com

Remote address:

8.8.8.8:53

Request

cdn.engine.4dsply.com

IN A

Response

cdn.engine.4dsply.com

IN A

104.16.159.17

cdn.engine.4dsply.com

IN A

104.16.158.17
DNS

2.170.109.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.170.109.23.in-addr.arpa

IN PTR

Response
DNS

tags.crwdcntrl.net

Remote address:

8.8.8.8:53

Request

tags.crwdcntrl.net

IN A

Response

tags.crwdcntrl.net

IN A

18.165.201.65

tags.crwdcntrl.net

IN A

18.165.201.18

tags.crwdcntrl.net

IN A

18.165.201.38

tags.crwdcntrl.net

IN A

18.165.201.12
DNS

65.201.165.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.201.165.18.in-addr.arpa

IN PTR

Response

65.201.165.18.in-addr.arpa

IN PTR

server-18-165-201-65lhr50r cloudfrontnet
DNS

11.1.250.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.1.250.178.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

uep.gaijin.net

Remote address:

8.8.8.8:53

Request

uep.gaijin.net

IN A

Response

uep.gaijin.net

IN A

63.35.126.133
DNS

200.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.197.79.204.in-addr.arpa

IN PTR

Response

200.197.79.204.in-addr.arpa

IN PTR

a-0001a-msedgenet
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

msedge.exe

Remote address:

216.58.208.106:443

Request

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /5uer/Command.and.Conquer.Renegade.v1.037.rar HTTP/2.0
host: megaup.net
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
referer: https://igg-games.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6; expires=Thu, 22-Feb-2024 22:55:53 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/custom.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/custom.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/colors/flow.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/responsive.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/responsive.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/styles/file-upload.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/styles/file-upload.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery-1.11.0.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery-1.11.0.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery-ui.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery-ui.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.dataTables.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.dataTables.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.tmpl.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.tmpl.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/load-image.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/load-image.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/canvas-to-blob.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/canvas-to-blob.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.iframe-transport.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.iframe-transport.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.fileupload.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.fileupload.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.fileupload-process.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.fileupload-process.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.fileupload-resize.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.fileupload-resize.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.fileupload-validate.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.fileupload-validate.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/jquery.fileupload-ui.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/jquery.fileupload-ui.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/global.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/global.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/fonts.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/fonts.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/stylesheet.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/sw.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /sw.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/retina/retina.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/custom/custom.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/js/gauge.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/js/clipboardjs/clipboard.min.js

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/images/main_logo_inverted.png

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/images/main_logo_inverted.png HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/images/loading_small.gif

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/images/loading_small.gif HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/fonts/raleway.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt HTTP/2.0
host: megaup.net
cache-control: max-age=0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.png

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/images/icons/favicon/favicon.png HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: image/png
content-length: 536
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-218"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:55:56 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
GET

https://megaup.net/5uer?pt=dZozoKJU18ntmHwGu1yiLjOF3tPgeiI3o%2B%2Fd%2BVlO3AI%3D

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /5uer?pt=dZozoKJU18ntmHwGu1yiLjOF3tPgeiI3o%2B%2Fd%2BVlO3AI%3D HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 302

server: nginx
date: Wed, 21 Feb 2024 22:56:21 GMT
content-type: text/html; charset=UTF-8
location: https://f2.megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar?download_token=2e50d59ef47db6923ab3a90f2ea25ba18469a432335f71003e7276eac25a9016
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
GET

https://megaup.net/

msedge.exe

Remote address:

91.209.70.182:443

Request

GET / HTTP/2.0
host: megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:56:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
GET

https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt

msedge.exe

Remote address:

91.209.70.182:443

Request

GET /sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt HTTP/2.0
host: megaup.net
cache-control: max-age=0
dnt: 1
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: filehosting=lhsqi0pf4463gvbmgnupna6eh6
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=
if-none-match: W/"63a1dfa3-1927c"
if-modified-since: Tue, 20 Dec 2022 16:15:31 GMT

Response

HTTP/2.0 304

server: nginx
date: Wed, 21 Feb 2024 22:56:24 GMT
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: "63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
GET

https://sandtheircle.com/RDNMbUIlUS8AfSUOLks3Nl9xSHACFn4rJnZCKl52KF15DDohUnxDIShcOQkkNlwiGWwqVjhIcAJ+GykILVE2LHUcYjsnBj1LLi8uDXsuCgwQZTs3Z3ZxGy8HBWslChIJYhoJCxFpHSUUNwYVFTEgaw44FwJbGjgYFXkJLHMBARo7ew5lGDcQHAJ4Og0Sag04JRYWfi8QLHoNOnASdQoKNiV6IAoaB3UrGwQGUAMpFhJXCywYJ30KIwocaxYZCgJ5BywvI1IKPBghYwpdFAxxGhwDI0QuKxUrcBlceiFSDgkQCGEaHAMsZgs1L3B0Hlw6PVUdLxECRBYeBXQeKAkDAF8PKCUKZQBcIQVxCgYxAgINHQATQAo5BDN0KjwAF2F9HjUWVHQpBBNDND9zdHICKzEOcCQ7MwVUGSYXPn0oPnIrcC0rBw97GlVzEgMoCSYpdg85BHxWLiwYFms0WDMFAg4mAylbDiw1KGEHATYMaxQ3NgVlGi8DdgcUOAR9ZRwrFAxrFDcqBVg0Cwopcgg6KQF0LgUTHGYrKGQuQCMDMnlgJgA7MAE+BiMVSj4BDw

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /RDNMbUIlUS8AfSUOLks3Nl9xSHACFn4rJnZCKl52KF15DDohUnxDIShcOQkkNlwiGWwqVjhIcAJ+GykILVE2LHUcYjsnBj1LLi8uDXsuCgwQZTs3Z3ZxGy8HBWslChIJYhoJCxFpHSUUNwYVFTEgaw44FwJbGjgYFXkJLHMBARo7ew5lGDcQHAJ4Og0Sag04JRYWfi8QLHoNOnASdQoKNiV6IAoaB3UrGwQGUAMpFhJXCywYJ30KIwocaxYZCgJ5BywvI1IKPBghYwpdFAxxGhwDI0QuKxUrcBlceiFSDgkQCGEaHAMsZgs1L3B0Hlw6PVUdLxECRBYeBXQeKAkDAF8PKCUKZQBcIQVxCgYxAgINHQATQAo5BDN0KjwAF2F9HjUWVHQpBBNDND9zdHICKzEOcCQ7MwVUGSYXPn0oPnIrcC0rBw97GlVzEgMoCSYpdg85BHxWLiwYFms0WDMFAg4mAylbDiw1KGEHATYMaxQ3NgVlGi8DdgcUOAR9ZRwrFAxrFDcqBVg0Cwopcgg6KQF0LgUTHGYrKGQuQCMDMnlgJgA7MAE+BiMVSj4BDw HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 1257
date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: JyuGVeCchH0zr205DUlZZcfl5patHRzodH93adRHiTBsNR07GpJ7mg==
GET

https://sandtheircle.com/OHVQeWlZFzMUVllIMl8cShltXFt+UGI/DQoENkpdVBtlGBFdFGBXClQaJR0PSho+DUdWECRcW35EBhcZVBYHLFh+JCMhPlE8BDg8QBEJLBFvJBZIHn03CRwqQS8YPAMMGB88BgEnFDQmfgwCPyF5NzM8OEs3MUkZfD0BKF1wIzghKHwSCi4sejEeAV1wIRY/HnwdBRwtVQYePDttJRw7KGkzN0kBYDcRKD58BgYxEV8/HxEdeSQpNwNuMwYsPwovAzwBXzkdETxrNDs7AmsSIz84fycbLyx+OQoVUG84YDsCax0ZICoKNx8oLHEbM0kBbjYGNwBtRX07LW4hMzIvakURMDsAPRceHlEtYRpabTIGNzoIPwQaWVAjByhdHUcSPQ5fEQE+OA0kFTc/dx0dNi99NzsqDnEgEhNZbiEWKzFiHTs3KE8aZzFZejEZS1BzJmA/JWEeZS44bQE7KlhcIAZLMHI3EhoscjceODhBOzoqP3ITBhQrXiNgPCh1HWE4OEE7JioCTDcDS1x0LQZAPWEzJyg9fiR2ExpXGyBEHnc2PkkxDSMIFCgMDAY

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /OHVQeWlZFzMUVllIMl8cShltXFt+UGI/DQoENkpdVBtlGBFdFGBXClQaJR0PSho+DUdWECRcW35EBhcZVBYHLFh+JCMhPlE8BDg8QBEJLBFvJBZIHn03CRwqQS8YPAMMGB88BgEnFDQmfgwCPyF5NzM8OEs3MUkZfD0BKF1wIzghKHwSCi4sejEeAV1wIRY/HnwdBRwtVQYePDttJRw7KGkzN0kBYDcRKD58BgYxEV8/HxEdeSQpNwNuMwYsPwovAzwBXzkdETxrNDs7AmsSIz84fycbLyx+OQoVUG84YDsCax0ZICoKNx8oLHEbM0kBbjYGNwBtRX07LW4hMzIvakURMDsAPRceHlEtYRpabTIGNzoIPwQaWVAjByhdHUcSPQ5fEQE+OA0kFTc/dx0dNi99NzsqDnEgEhNZbiEWKzFiHTs3KE8aZzFZejEZS1BzJmA/JWEeZS44bQE7KlhcIAZLMHI3EhoscjceODhBOzoqP3ITBhQrXiNgPCh1HWE4OEE7JioCTDcDS1x0LQZAPWEzJyg9fiR2ExpXGyBEHnc2PkkxDSMIFCgMDAY HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 1253
date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: jFi_n0LQMSegt2GPganBmV4a33tNVCulOK5jhuMeiLDwwGrNAkK54Q==
GET

https://sandtheircle.com/Y0lWMHkCKzVdRgJ0NBYMESVrFUslbGR2HVE4MANNDydjUQEGKGYeGg8mI1QfESY4RFcNLCIVSyU9AwABIAdneQ4qMC5iGzAqOnoeEzgPaBVUCzt+SCkjEGkpIAcueSEUOAxKHioYPAQAJR0cRDQrHGJ/Py0/DwIWFh88R0kAHgRjKScLLlMBJjMYSUxGexBxSjInBnNIACsvaRApJR8ANgoAOGVKMiQaaEACGQVbFS8lJUodDX0TcRcbIzdoOCssP2EVLw8bCTMncDhyLipwGXcaJRA7ekEBCDIDICJ8OHIuKiIcYw4hEzhqXFEPF3IzBBAsYkkieiICHw1kHGcwCgQxekkiehtjGhEYZVQRICc1dSM7eHMCPwcLHFcgURgmaAA6bGRyMCQqEHUhOWxkchoPOmF/Og8nFGcwUwIFdhozESZAGiIqLn8DVz0BWh1RLzFhNjonZwgbIgc7aTEbOhRnNwsoDnExKh0fQTBTHGFUF1cMF10/CBA4dTsHexAIM1IEZ1QXVwwSXTNaLxFHKTp7IlkdIg9mehclM3BaCgwnJg0aKDFiRDMWJTdpCTkr

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /Y0lWMHkCKzVdRgJ0NBYMESVrFUslbGR2HVE4MANNDydjUQEGKGYeGg8mI1QfESY4RFcNLCIVSyU9AwABIAdneQ4qMC5iGzAqOnoeEzgPaBVUCzt+SCkjEGkpIAcueSEUOAxKHioYPAQAJR0cRDQrHGJ/Py0/DwIWFh88R0kAHgRjKScLLlMBJjMYSUxGexBxSjInBnNIACsvaRApJR8ANgoAOGVKMiQaaEACGQVbFS8lJUodDX0TcRcbIzdoOCssP2EVLw8bCTMncDhyLipwGXcaJRA7ekEBCDIDICJ8OHIuKiIcYw4hEzhqXFEPF3IzBBAsYkkieiICHw1kHGcwCgQxekkiehtjGhEYZVQRICc1dSM7eHMCPwcLHFcgURgmaAA6bGRyMCQqEHUhOWxkchoPOmF/Og8nFGcwUwIFdhozESZAGiIqLn8DVz0BWh1RLzFhNjonZwgbIgc7aTEbOhRnNwsoDnExKh0fQTBTHGFUF1cMF10/CBA4dTsHexAIM1IEZ1QXVwwSXTNaLxFHKTp7IlkdIg9mehclM3BaCgwnJg0aKDFiRDMWJTdpCTkr HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 1258
date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: XlCypC8Fpj-RiC8WtlbT6ZFEBamhjGNqwQjh0b_ydTN3dDHT97OFfw==
GET

https://sandtheircle.com/N2FOZ0JWAy0KfVZcLEE3RQ1zQnBxRHwhJgUQKFR2Ww97BjpSAH5JIVsOOwMkRQ4gE2xZBDpCcHERLDEIVgMZMg1nNR8rFV8KeTcudQIZMDZeNn8hDngiJSQBT1A4LgEDMQwkLUExGDJ1fCk5PQpADTgGKUQrCiM1DjQLKgtnJSI2FHISNDclDjgZPxNBJQgAA2cyDyIBZiQ0AXMPCxkvOkYyCAMmUgh+IgFACncrEAIgFlULByYbJSRuDDoDEQZQfQYRDiAWVQtDIw8TIG0PdwIIBwkpBiphNRk/NhJTCD9zYiwHDi11IAwIcXggFyoFbwUhLHN1BBQ/b2UEG1cqUAAlMg11MhdUA2IjKCIaDgcYNgcALB8PA29TB14BdjgJNxp5KBhWck8sJl8JdiUqQnBxOTcpF24PHAMRBg0jBhQGLRZVDFgyCAMmfjU9KwB1WXkBcw8LGSAEQzB/PSBTUyYDA3YKfwFzDwsYIAgHORsTFG5TBCMXBhV+K3N1NGgNMVgPPlo4dAsnHzdnURgd

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /N2FOZ0JWAy0KfVZcLEE3RQ1zQnBxRHwhJgUQKFR2Ww97BjpSAH5JIVsOOwMkRQ4gE2xZBDpCcHERLDEIVgMZMg1nNR8rFV8KeTcudQIZMDZeNn8hDngiJSQBT1A4LgEDMQwkLUExGDJ1fCk5PQpADTgGKUQrCiM1DjQLKgtnJSI2FHISNDclDjgZPxNBJQgAA2cyDyIBZiQ0AXMPCxkvOkYyCAMmUgh+IgFACncrEAIgFlULByYbJSRuDDoDEQZQfQYRDiAWVQtDIw8TIG0PdwIIBwkpBiphNRk/NhJTCD9zYiwHDi11IAwIcXggFyoFbwUhLHN1BBQ/b2UEG1cqUAAlMg11MhdUA2IjKCIaDgcYNgcALB8PA29TB14BdjgJNxp5KBhWck8sJl8JdiUqQnBxOTcpF24PHAMRBg0jBhQGLRZVDFgyCAMmfjU9KwB1WXkBcw8LGSAEQzB/PSBTUyYDA3YKfwFzDwsYIAgHORsTFG5TBCMXBhV+K3N1NGgNMVgPPlo4dAsnHzdnURgd HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 1256
date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: eN8bwdgrsvi--qRxA1mTDWK4tjv_lO0tEsmbi9fYEkURFSA5kcSeag==
GET

https://sandtheircle.com/dHFaVjMVEzk7DBVMOHBGBh1ncwEyVGgQV0YAPGUHGB9vN0sREGp4UBgeLzJVBh40Ih0aFC5zATIiDhBxNxMeA0UkCC0dcB4WbxxfMTI/O2EOJhsEQjsbHxJkDgkuHEQcBRY8Byw6awdHORYyHWIgKGowAgMlExJ2BzItPkI6Ii0GcDxAaB9EHCk5AWEfNh8DWTtCYjRiJxZsGXIuMBEsVEUiMRdHFiJiEmcNJGIaVEQgPD5pRyA9AEMtHxATYh0kf2RxPhYUFWNHJy0OdQdFPg5xFzMSLhZGMzk9WDM1NABELDQTOmMaIwMTe0wiAGcHMj8dDAEmIxhzATYoGXt+FyMJFwI6IDYOeQ4aaAViFzoADnUWNmlvXi5AbhBpMAIrEXUTFj4OcgI0EmNUOBYMM3gsJy0OdT0BFy9YMDkdOloXFmMyYx5JLBVhNlRoFHUaBTkRAAxUaBRXGBYdMHtBBgIHVwQoNB9VIjI1Ln41JAswWy5CAiF5HShpBHk2Qi1neRMCCzBbLkYCFEdMFzQmVzAmEDtXMQEbNWQxVzAlXBoBZzNXLBM0A3QVEDgc

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /dHFaVjMVEzk7DBVMOHBGBh1ncwEyVGgQV0YAPGUHGB9vN0sREGp4UBgeLzJVBh40Ih0aFC5zATIiDhBxNxMeA0UkCC0dcB4WbxxfMTI/O2EOJhsEQjsbHxJkDgkuHEQcBRY8Byw6awdHORYyHWIgKGowAgMlExJ2BzItPkI6Ii0GcDxAaB9EHCk5AWEfNh8DWTtCYjRiJxZsGXIuMBEsVEUiMRdHFiJiEmcNJGIaVEQgPD5pRyA9AEMtHxATYh0kf2RxPhYUFWNHJy0OdQdFPg5xFzMSLhZGMzk9WDM1NABELDQTOmMaIwMTe0wiAGcHMj8dDAEmIxhzATYoGXt+FyMJFwI6IDYOeQ4aaAViFzoADnUWNmlvXi5AbhBpMAIrEXUTFj4OcgI0EmNUOBYMM3gsJy0OdT0BFy9YMDkdOloXFmMyYx5JLBVhNlRoFHUaBTkRAAxUaBRXGBYdMHtBBgIHVwQoNB9VIjI1Ln41JAswWy5CAiF5HShpBHk2Qi1neRMCCzBbLkYCFEdMFzQmVzAmEDtXMQEbNWQxVzAlXBoBZzNXLBM0A3QVEDgc HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 1232
date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: qO0SYZL95OvG_Tk_pisUc62qvPAC2dYjiJcN2Id0RbvUTJhMiJF9ug==
GET

https://sandtheircle.com/utx?cb=FavHbrXqmdYn&top=megaup.net&tid=761186

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /utx?cb=FavHbrXqmdYn&top=megaup.net&tid=761186 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 21 Feb 2024 22:56:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: qxj4FZfYi62-bfYqx_0vmWs31wXPayZcM4nR2r37qFlXs8RuZQzx8g==
GET

https://sandtheircle.com/utx?cb=oTh39Y2jfXpd&top=megaup.net&tid=876318

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /utx?cb=oTh39Y2jfXpd&top=megaup.net&tid=876318 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 21 Feb 2024 22:56:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: xBrgbIghAbZ6kmkRvNC7KiCMGJcKDq1rOX-d7jxLLkvWwmA5wcZr1A==
GET

https://sandtheircle.com/utx?cb=g6D2eyejOLVH&top=megaup.net&tid=825911

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /utx?cb=g6D2eyejOLVH&top=megaup.net&tid=825911 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 21 Feb 2024 22:56:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: nMDEIQ4AeedGeqvM0gZ2ONQU0vSaJtgx0oWEWgTx-g2lhrNyZkccEQ==
GET

https://sandtheircle.com/utx?cb=tEuX98CS7M4c&top=megaup.net&tid=764141

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /utx?cb=tEuX98CS7M4c&top=megaup.net&tid=764141 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 21 Feb 2024 22:56:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: vgbduTcnGIzEII0NkGCcqMSU9fWcAWgP2Lms0oF9DkXg8MMvgF-8Lg==
GET

https://sandtheircle.com/multi?cs=cHJEeXRAQXFBRURHd0hGQUJ1TEU&abt=0&red=1&sm=76&k=download%20file%20command%20conquer%20renegade&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&_1ZZf=1708556154692&crc=1

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /multi?cs=cHJEeXRAQXFBRURHd0hGQUJ1TEU&abt=0&red=1&sm=76&k=download%20file%20command%20conquer%20renegade&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&_1ZZf=1708556154692&crc=1 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain
content-length: 41
date: Wed, 21 Feb 2024 22:55:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8c4329d1-ab90-4da2-9694-da6acec5f9b8
set-cookie: csu=1264574189947902
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: u1uBtZ6qKpTD4Wb5gfN3U7ss3GtyJbh6kQXv4HAXxoww9wOQxtH-8A==
GET

https://sandtheircle.com/floater?cs=OVc3cHIJZAZDQwxjBkFEDGYDR0Y&abt=0&red=1&sm=83&k=download%20file%20command%20conquer%20renegade&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&aa=oi1_&_J4nV=1708556154694&crc=1

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /floater?cs=OVc3cHIJZAZDQwxjBkFEDGYDR0Y&abt=0&red=1&sm=83&k=download%20file%20command%20conquer%20renegade&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&aa=oi1_&_J4nV=1708556154694&crc=1 HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
content-length: 1075
date: Wed, 21 Feb 2024 22:55:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=fc1424b3-cba9-4c10-9771-f0147168e23f
set-cookie: csu=1264574189947902
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: p0o3Q-0gu_VqWZsmUofET7vCPVhK2cVAFYBOA7yTQmS_E41u31Sagw==
GET

https://sandtheircle.com/OTNBVkUGUDJrFn5pNzUuXQoUOnR7VXIiE2FYD3N3e1ZwGCBrexRwJFtHfGZjS1Yla3QfQCxrdA8VKmshVkQvOipYV2RkdV9aLTNgCwMiOShUUi8yYAsDIjkrSEYkJGALAzMzK1xUIDIgH0V8Z2sKB29lcRcDZyUxSg5xcDVLXXxmY1xeI2t1H0coMngOBXBnfQ8VMy48BAJzbnVmBHNmY1BdImt9H0Z8Z3QMC3lvcQoGcGNwDQJ3ZWNYVCQ1eAgEcW5wDAVwY3AfVTJrdB9eIz0nBAFwZGsKAnVkdwwDdGV1Dgt0YGNfWi0zeHpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyR4MwgdcWVyF0EgJGNLVidrLU1HMSVgCnJkZAMcAQc7IF5SNCZrV1Y1c3d%2FBjQzNxwBBxUqVF4gOCEXUi8ya3pcLycwXEFvBCBXViY3IVwdN2drCQB2eDdYQWc5NksOKDEiFFQgOyBKHSI1Y11ANTp4UUc1JjYcAABzd38WcxAhVkQvOipYV287IF5SNCZrV1Y1c3d%2FFnIQLF1GMzpgCndxOixBfyAAcHULeBwOWF4iHh1sUSQidH0FGGQvcEAZYQZqXXkucUpqNA4kaQEnFAFbaQoiNFELBCcQexZzEB0NSgYvL0p%2FKhBzDXETFBF0fC8vKmMADhUEAQYgZQFUBgczJF1hNzUwSXgqGQt0FnISYAsFKDIjUF8kOCRUVmRlAXpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyRzdwwBcXgzCB1xZXIXQSAkYAsFKDIjUF8kJSxDVmRlAQwHdHhyCxZzY3cJfgNwL0pHfGZjXF0za3UfXyIjJAReLiwsVV8gc3d%2FBm9mYAsDaSEsV1cuITYcAXE4MRwBcWd1FwNkZQccAXEhLFcFdXN2exZzZj0PB2hzdwlSMSYpXEQkNC5QR2RkAwwAdnh2DxZzZm1SWzU7KRwBAnN3CV8oPSAcAXExIFpYLn9gCwMiPjdWXiRzd38KcXh1Fwd1ZXUXAXBkYAsDMjcjWEEoc3d%2FBnJhawoFZGR1XFcmc3d%2FCnF4dRcLcG5rDwVnIj9dDnFwMFVcImtjUFV8ZmNaR3xnY1pHImtxH2wxIg1jDnBhdQEGdGB0DAR4ZXIfRjUkdAR9IBh%2Fd1IPbAtYfWcjMUsBfBgkdxU0IjcKDjQ4IVxVKDggXRU0IjcNDjQ4IVxVKDggXRU0IjcMDjQ4IVxVKDggXRU0IjcPDjQ4IVxVKDggXRU0IjcODjQ4IVxVKDggXRU3NylQV3xn

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /OTNBVkUGUDJrFn5pNzUuXQoUOnR7VXIiE2FYD3N3e1ZwGCBrexRwJFtHfGZjS1Yla3QfQCxrdA8VKmshVkQvOipYV2RkdV9aLTNgCwMiOShUUi8yYAsDIjkrSEYkJGALAzMzK1xUIDIgH0V8Z2sKB29lcRcDZyUxSg5xcDVLXXxmY1xeI2t1H0coMngOBXBnfQ8VMy48BAJzbnVmBHNmY1BdImt9H0Z8Z3QMC3lvcQoGcGNwDQJ3ZWNYVCQ1eAgEcW5wDAVwY3AfVTJrdB9eIz0nBAFwZGsKAnVkdwwDdGV1Dgt0YGNfWi0zeHpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyR4MwgdcWVyF0EgJGNLVidrLU1HMSVgCnJkZAMcAQc7IF5SNCZrV1Y1c3d%2FBjQzNxwBBxUqVF4gOCEXUi8ya3pcLycwXEFvBCBXViY3IVwdN2drCQB2eDdYQWc5NksOKDEiFFQgOyBKHSI1Y11ANTp4UUc1JjYcAABzd38WcxAhVkQvOipYV287IF5SNCZrV1Y1c3d%2FFnIQLF1GMzpgCndxOixBfyAAcHULeBwOWF4iHh1sUSQidH0FGGQvcEAZYQZqXXkucUpqNA4kaQEnFAFbaQoiNFELBCcQexZzEB0NSgYvL0p%2FKhBzDXETFBF0fC8vKmMADhUEAQYgZQFUBgczJF1hNzUwSXgqGQt0FnISYAsFKDIjUF8kOCRUVmRlAXpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyRzdwwBcXgzCB1xZXIXQSAkYAsFKDIjUF8kJSxDVmRlAQwHdHhyCxZzY3cJfgNwL0pHfGZjXF0za3UfXyIjJAReLiwsVV8gc3d%2FBm9mYAsDaSEsV1cuITYcAXE4MRwBcWd1FwNkZQccAXEhLFcFdXN2exZzZj0PB2hzdwlSMSYpXEQkNC5QR2RkAwwAdnh2DxZzZm1SWzU7KRwBAnN3CV8oPSAcAXExIFpYLn9gCwMiPjdWXiRzd38KcXh1Fwd1ZXUXAXBkYAsDMjcjWEEoc3d%2FBnJhawoFZGR1XFcmc3d%2FCnF4dRcLcG5rDwVnIj9dDnFwMFVcImtjUFV8ZmNaR3xnY1pHImtxH2wxIg1jDnBhdQEGdGB0DAR4ZXIfRjUkdAR9IBh%2Fd1IPbAtYfWcjMUsBfBgkdxU0IjcKDjQ4IVxVKDggXRU0IjcNDjQ4IVxVKDggXRU0IjcMDjQ4IVxVKDggXRU0IjcPDjQ4IVxVKDggXRU0IjcODjQ4IVxVKDggXRU3NylQV3xn HTTP/2.0
host: sandtheircle.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-type: text/plain
content-length: 0
location: http://asdasdad.net
date: Wed, 21 Feb 2024 22:55:58 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=be93c03d-7386-48a3-9dfd-393ae363fde1
set-cookie: csu=1158894351554163
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: xfbgb8n_EDGMDvmsci5M9Lg3OX6RMirdXAOUBNDL5OOzJ_q8HRCj2w==
GET

https://sandtheircle.com/SFJvc3J3MRxOFiMmHiUfAhoMQgovBCoXShBgViIgJhwJKiQJdA4RBnViSQEXLG9eVQElb15FVCNvCxwFJj4AEhZtYF8VGyQ3SkFCKz0CHhMmNkpBQis9AQIHLSBKQUI6NwEWFSk2ClUEdWNBQEZmYVtdQm4hGwBPeHQfARx1YkkWHypvX1UGITZSRER5Y1dFVDoqFk5DempfLEV6YkkaHCtvV1UHdWNeRkpwa1tAR3lnWkdDfmFJEhUtMVJCRXhqWkZEeWdaVRQ7b15VHyo5DU5AeWBBQEN8YF1GQn1hX0RKfWRJFRskN1IwHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtfBlCXHhhWF0AKSBJARcubwcHBjghSkAzbWApVkAOPwoUEz0iQR0XPHddNUc9Nx1WQA4RAB4fKTwLXRMmNkEwHSYjGhYAZgAKHRcvMwsWXD5jQUNBf3wdEgBuPRwBTyE1CF4VKT8KAFwrMUkXATw%2BUhsGPCIcVkEJd101V3oUCxwFJj4AEhZmPwoUEz0iQR0XPHddNVd7FAYXBzo%2BSkA2eD4GCz4pBFo%2FSnEYJBIfKxo3JhAtJl43RBFgBToBEGUsIBxwKlsAKz0KDiNALhArESgDJh4bSg0jOjFXehQ3RwsPKwUAPiMUWUcwGhA7Pj0mKwApQQcRLktHKWErHkcONw4XID4xGgM5Ix0hPld7FkpBRCE2CRoeLTwOHhdtYSswHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtd11GQHh8GUJceGFYXQApIEpBRCE2CRoeLSEGCRdtYStGRn18WEFXemddQz8KdAUABnViSRYcOm9fVR4rJw5OHycoBh8eKXddNUdmYkpBQmAlBh0WJyUcVkB4PBtWQHhjX11CbWEtVkB4JQYdRHx3XDFXemIXRUZhd11DEzgiAxYFLTAEGgZtYClGQX98XEVXemJHGBo8PwNWQAt3XUMeITkKVkB4NQoQGSd7SkFCKzodHB8td101S3h8X11GfGFfXUB5YEpBQjszCRIAIXddNUd7ZUFARG1gXxYWL3ddNUt4fF9dSnlqQUVEbiYVF094dBofHStvSRoUdWJJEAZ1Y0kQBitvW1UtfQYINE95ZV9LR31kXkVBemVXVQc8IF5OPCkcVT0TBmghEjxuJxsBQHUcDj1UPSYdQE89PAsWFCE8ChdUPSYdR089PAsWFCE8ChdUPSYdRk89PAsWFCE8ChdUPSYdRU89PAsWFCE8ChdUPSYdRE89PAsWFCE8ChdUPjMDGhZ1Yw%3D%3D

msedge.exe

Remote address:

18.165.201.14:443

Request

GET /SFJvc3J3MRxOFiMmHiUfAhoMQgovBCoXShBgViIgJhwJKiQJdA4RBnViSQEXLG9eVQElb15FVCNvCxwFJj4AEhZtYF8VGyQ3SkFCKz0CHhMmNkpBQis9AQIHLSBKQUI6NwEWFSk2ClUEdWNBQEZmYVtdQm4hGwBPeHQfARx1YkkWHypvX1UGITZSRER5Y1dFVDoqFk5DempfLEV6YkkaHCtvV1UHdWNeRkpwa1tAR3lnWkdDfmFJEhUtMVJCRXhqWkZEeWdaVRQ7b15VHyo5DU5AeWBBQEN8YF1GQn1hX0RKfWRJFRskN1IwHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtfBlCXHhhWF0AKSBJARcubwcHBjghSkAzbWApVkAOPwoUEz0iQR0XPHddNUc9Nx1WQA4RAB4fKTwLXRMmNkEwHSYjGhYAZgAKHRcvMwsWXD5jQUNBf3wdEgBuPRwBTyE1CF4VKT8KAFwrMUkXATw%2BUhsGPCIcVkEJd101V3oUCxwFJj4AEhZmPwoUEz0iQR0XPHddNVd7FAYXBzo%2BSkA2eD4GCz4pBFo%2FSnEYJBIfKxo3JhAtJl43RBFgBToBEGUsIBxwKlsAKz0KDiNALhArESgDJh4bSg0jOjFXehQ3RwsPKwUAPiMUWUcwGhA7Pj0mKwApQQcRLktHKWErHkcONw4XID4xGgM5Ix0hPld7FkpBRCE2CRoeLTwOHhdtYSswHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtd11GQHh8GUJceGFYXQApIEpBRCE2CRoeLSEGCRdtYStGRn18WEFXemddQz8KdAUABnViSRYcOm9fVR4rJw5OHycoBh8eKXddNUdmYkpBQmAlBh0WJyUcVkB4PBtWQHhjX11CbWEtVkB4JQYdRHx3XDFXemIXRUZhd11DEzgiAxYFLTAEGgZtYClGQX98XEVXemJHGBo8PwNWQAt3XUMeITkKVkB4NQoQGSd7SkFCKzodHB8td101S3h8X11GfGFfXUB5YEpBQjszCRIAIXddNUd7ZUFARG1gXxYWL3ddNUt4fF9dSnlqQUVEbiYVF094dBofHStvSRoUdWJJEAZ1Y0kQBitvW1UtfQYINE95ZV9LR31kXkVBemVXVQc8IF5OPCkcVT0TBmghEjxuJxsBQHUcDj1UPSYdQE89PAsWFCE8ChdUPSYdR089PAsWFCE8ChdUPSYdRk89PAsWFCE8ChdUPSYdRU89PAsWFCE8ChdUPSYdRE89PAsWFCE8ChdUPjMDGhZ1Yw%3D%3D HTTP/2.0
host: sandtheircle.com
device-memory: 8
dpr: 1
viewport-width: 1280
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: csu=1158894351554163

Response

HTTP/2.0 302

content-type: text/plain
content-length: 0
location: http://asdasdad.net
date: Wed, 21 Feb 2024 22:56:04 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=1158894351554163
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: Bn1XKg7xbjYI3Cvov8voE8hwWgw6UsZ0E2GrRcztTkQ4bX7hxg2lBg==
GET

https://hildrenastheyc.info/dDZ4QVVbCRsyaCZgHC4bIwcCGDlAdS9yLRluKRsMF2FBIxQyDl41PBALT3dkRQ5OZyUdUkVwcwdCGTUgBwtJZzwaUBd8cwILSW9mQBhLdXtEEA18ZFJCCCAySQdeMSEAWkVwYkQOTXRjRQNLeW1B

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /dDZ4QVVbCRsyaCZgHC4bIwcCGDlAdS9yLRluKRsMF2FBIxQyDl41PBALT3dkRQ5OZyUdUkVwcwdCGTUgBwtJZzwaUBd8cwILSW9mQBhLdXtEEA18ZFJCCCAySQdeMSEAWkVwYkQOTXRjRQNLeW1B HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNCKI2%2FM3TC%2FfjjSznbrJqp0umMbGD6sV%2FwTQwzmhT60jowa%2Fynmrb%2Fy8cbl2Ch0myGUcRW9OWcYV8IRtOd7yufVTQxfYGnVlnv3G1XzKIL%2BO4gxZ0vAJX9cz%2BChCXUk2g2nQzGE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbc8635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/S2FCcGVkXiEDWC82ewQxAysEKCMjURNAIyo5LEEkGSd7EwAeLGQEDC9cekdTeFB6VhUiBX9CXG0SNhERPhJ/QUMiDyQfWG0Xf0FLe090QEt4RzdNVG0VMhECdlBkABE/DX9BUntZd0VTelRxSVV9

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /S2FCcGVkXiEDWC82ewQxAysEKCMjURNAIyo5LEEkGSd7EwAeLGQEDC9cekdTeFB6VhUiBX9CXG0SNhERPhJ/QUMiDyQfWG0Xf0FLe090QEt4RzdNVG0VMhECdlBkABE/DX9BUntZd0VTelRxSVV9 HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0gX05sZpRA%2FvPbT6gsxUkV3TF2qOpug54oNYlkQZv14UAll5PA9iumxW097n%2Fc0CWNzkHwYAyzPPplViwih%2BvuQfucCkibl66ASl478tKLaETuqHg03h8CC2gfHxcjEJk75iQdx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbd0635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/eE1hNDFXcgJHDDY3LAZkLyopdXAcJDZleDAPU3ZUOSood2sUOkdAWBxwWQYEQXxQEkERKVwHA14+FVVFDT5cBRcRIwdbDF47XAQfQWNTGgReOFwFFww9AFMMSWsRQEUUcFADAUB4VAIATX5YBgI

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /eE1hNDFXcgJHDDY3LAZkLyopdXAcJDZleDAPU3ZUOSood2sUOkdAWBxwWQYEQXxQEkERKVwHA14+FVVFDT5cBRcRIwdbDF47XAQfQWNTGgReOFwFFww9AFMMSWsRQEUUcFADAUB4VAIATX5YBgI HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYvR20tLb4F7S4N3JdXscSg%2FxV5lrCAvH6mSrTvHkdDENXI0Cox4shOUZ%2B%2FBUIKUVFzJxK6426rwf5f7HlKaXmE9%2FWHK1XOPuoOlebjGDcnUohCOzYqgccqCBIY6Z1XzlDT9%2FTz6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbd2635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/amF0RnZFXhc1Syc2OTElMgI2EzcsVyYhJDIgLC40KCc9AxABLFIyHw5cTHRDU1BFYAYDBUl1REwSACcCHxJJdEZaVlIvGAwOSXRQHFxEaE9EU1pzUB9cRWACGgATe0dMEQAyGldQQ3ZOX1RCd0NZWEZ/

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /amF0RnZFXhc1Syc2OTElMgI2EzcsVyYhJDIgLC40KCc9AxABLFIyHw5cTHRDU1BFYAYDBUl1REwSACcCHxJJdEZaVlIvGAwOSXRQHFxEaE9EU1pzUB9cRWACGgATe0dMEQAyGldQQ3ZOX1RCd0NZWEZ/ HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb9MgrDY4slYeWyEUO2yvIiTYxanc00%2F0kHjLUVrXdGHs9RRcTwMqn41%2BdJPGl8%2BS1JJIwLai3I7f3%2BwJzq0RPfVaPJkBhI1fWMBcUJPlAwrLYnZyicbnUpC7cz3%2B7rdlgue27mi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbcc635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/cTFhczleDgIABDxpIEJuHVYmIV4zQAMyezBzDAtLM3QGNFsmBUcHUBUMWEcASQdVVUkYVVxCAVdCFRJNBEJcQh8YXwccBFdHXEIXQR9TXQ1XRFxCHwVBABQEQBcRB00dDFBECUkEVEUIRAJYQAA

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /cTFhczleDgIABDxpIEJuHVYmIV4zQAMyezBzDAtLM3QGNFsmBUcHUBUMWEcASQdVVUkYVVxCAVdCFRJNBEJcQh8YXwccBFdHXEIXQR9TXQ1XRFxCHwVBABQEQBcRB00dDFBECUkEVEUIRAJYQAA HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5sG1BgyRI6Xak%2Fd8rv9y2lRLYUjFmtvaeQ%2Bxg3zR%2BWxfKQwswlQ%2Fo12orHM%2BVFFzoiZVkNGmB3yUf2K02eBpoYcd6HllfbPG8SD0xwLQvKq2bSt1ZYDKHe0%2Bl1K15ExysAi6x0p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbd1635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/YlZiNWZNaQFGWzURNFk1UwQKYCAgbztiVzYADE0LAzo4ZgAlIURBDwZrVQNSU2JTExYLMl8EQBEiA0ETEWtTEw8MMA0IQBRrUxtVVnhRAUhScBcIV0QiElQBX2dERRIWOl8EUVJuVwBQU2NRDFBX

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /YlZiNWZNaQFGWzURNFk1UwQKYCAgbztiVzYADE0LAzo4ZgAlIURBDwZrVQNSU2JTExYLMl8EQBEiA0ETEWtTEw8MMA0IQBRrUxtVVnhRAUhScBcIV0QiElQBX2dERRIWOl8EUVJuVwBQU2NRDFBX HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1sy7HWAnQPeV5ZtRv%2FvwsM0TdSyXPmIiWe2wWACtkU3DDdRVkrLypDs8W%2FTKNBEhGfoN0UQagLMishalo7aX0PzhYdN4rQ%2FS7WOGWTlSXEO5SbAmmShpBOlf2HQ8MzO5Y%2F6BsXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945ecbce635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/WWtCNlZ2VCFFaxRaJmUPawgJbzs9PRdRDDEyFGQAGDwQWgAfU2RCPz1WdQBiaF9zECYwD38HcCofI0IjKlZxBmZoTStYMDZWcgZmaE00C2d3WHYYZW1FchAjZFpyA25oW3oBYWhYdABvYV1kQiY4DH8HcCkfNlpraFxyDmNsXXMDYm9Zcg

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /WWtCNlZ2VCFFaxRaJmUPawgJbzs9PRdRDDEyFGQAGDwQWgAfU2RCPz1WdQBiaF9zECYwD38HcCofI0IjKlZxBmZoTStYMDZWcgZmaE00C2d3WHYYZW1FchAjZFpyA25oW3oBYWhYdABvYV1kQiY4DH8HcCkfNlpraFxyDmNsXXMDYm9Zcg HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 96777
last-modified: Tue, 20 Feb 2024 20:02:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIT9SxpF9hmJgYyaPd7DUVOsnMghuyTMyc73WgCdD0eRrf67Q9EZJWXOXNFxthBl9ZoCzVD%2BGawXVu7aSVUg1JhUF8t6hP41wTQtjHz0X3hoRiZEgCPTZMuxyQ14wDCPIg5%2FCHAB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 85929461f824635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://hildrenastheyc.info/popunder.gif

msedge.exe

Remote address:

172.67.132.241:443

Request

GET /popunder.gif HTTP/2.0
host: hildrenastheyc.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWEdMXFFTPnOYWBR3MXJPCWmIgTURdazh9oCZzAFYcjLP0AZdoPhuqBQwcoPdmazRI%2F58rPWcIcAq741lSN1d542ppsUBm9BlHqG%2FiUGgOFClOA1Aw2P7PV%2BCHOr8wBgaQJGnNPi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85929461f820635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/ajhNMmtFBy5BVg4IPUY4AHoFVz0SDQxnIU8KD2ojGX8cXB8wXhxjTR5RKQ9TWA10A1pMSCRWVlkKa0EfC0w4QVZYCH0FTQNWK11WWB47D1tEAWMARV8eOA9aWA55B1xeCXULUl4PdAJZTEw9UwxXCWtCHx5UcANcWgB4B11bDXkEUlk

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /ajhNMmtFBy5BVg4IPUY4AHoFVz0SDQxnIU8KD2ojGX8cXB8wXhxjTR5RKQ9TWA10A1pMSCRWVlkKa0EfC0w4QVZYCH0FTQNWK11WWB47D1tEAWMARV8eOA9aWA55B1xeCXULUl4PdAJZTEw9UwxXCWtCHx5UcANcWgB4B11bDXkEUlk HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EaFwYyqKKey8JweCuJTCdwyLrQhuG%2BgFvWW6TGf13QBoTvah%2Bg%2BOnJvMGdTxrmeJzqt5PEOuWAWdZ7vp%2BQe0tqU8WeMDp0G7PFYM48c3QDCOFVbBXtJ5VhtPeRUwUsgJ3SENKu7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592946268ae635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/anhRSVVFRzI6aDAvGycPWTIHHAMwLQB4Fz0uPRMQPz4fHQAvIXc9PA5FaXtgU0lgbyUDHGx6Z0wLJSghHwtse2VaTXcgOwwXbHtlWk5heWVaTnR+FgIMJTkmT0sQbGcsXWMPIg8aISA2AVUyLTtEC2JnNAcZKyY7Cw8iZzYFFXR7ExkWMDkwCRk5PXsaFjZsYikWJCU5T08ScGRbQGFwYFxMYXBjXkFneGJbXid0ZURBf3t7X14kdGRbTWlxbF5LZHhgX0xgf2ZMDCEoMldJdzkhHhRseGJaQGR8Y1tNZ3BmWQ

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /anhRSVVFRzI6aDAvGycPWTIHHAMwLQB4Fz0uPRMQPz4fHQAvIXc9PA5FaXtgU0lgbyUDHGx6Z0wLJSghHwtse2VaTXcgOwwXbHtlWk5heWVaTnR+FgIMJTkmT0sQbGcsXWMPIg8aISA2AVUyLTtEC2JnNAcZKyY7Cw8iZzYFFXR7ExkWMDkwCRk5PXsaFjZsYikWJCU5T08ScGRbQGFwYFxMYXBjXkFneGJbXid0ZURBf3t7X14kdGRbTWlxbF5LZHhgX0xgf2ZMDCEoMldJdzkhHhRseGJaQGR8Y1tNZ3BmWQ HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmI8XCee5zZJ1a9ljvSciB6%2F5o0be86uHhgd%2B8Omg5VlpiddUuL3rtTBgjb7iUV8OA3nEFb3xi1q%2BWS0TYUhU%2FXFRK33EdiEFIdBsVfbPE%2BmOGChKV3alyEbBH5vrM6o2FWyDFQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294706a6a635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/YXBzQzJOTxAwDzglSjpXNkEmJgIjOyUVeFkhQytnNB4DB2ZQSFU3WwVNRHUDUEhFZUIIFE5yFBIEEjdHEk1AZVsPFhx+Xw4FACZWDgcdZURcQV1wBk9DR20CRwVOcgNUSEt6BlJFQnYHVUFFcBQVABIkD1BWAzdGDU1CdAJZRUZ1A1RHSnAH

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /YXBzQzJOTxAwDzglSjpXNkEmJgIjOyUVeFkhQytnNB4DB2ZQSFU3WwVNRHUDUEhFZUIIFE5yFBIEEjdHEk1AZVsPFhx+Xw4FACZWDgcdZURcQV1wBk9DR20CRwVOcgNUSEt6BlJFQnYHVUFFcBQVABIkD1BWAzdGDU1CdAJZRUZ1A1RHSnAH HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oQhfBjoBQN5y8XtMVdv1AYpM9VKmfI4%2BW1tSItRrXO%2BCMv01ROP7IXCj%2F9FY%2FjIGreTFz3UrDVWOAr%2FN1eaHZKVPXSiTjSKqDZfpjHPnxbExItSd%2FJf1QgMEmD%2BHdv7XKwdOJDu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85929476ab4d635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/aWd4bjlGWBsdBCdVPiNtWgQ7OGFcXywZazoBIFt2KyEqV1w8Ml4aUA1aT1gIWF9OSEkAA0VfHxoTGRpMGlpNSFAHARdTHx9aSUAKXUlLWhdZQQ1TCFhSQFYAXVRNXwxcU0lYCk8TCA9eVFZeHk0dC0VfDllfTVsPWFJPVw1Q

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /aWd4bjlGWBsdBCdVPiNtWgQ7OGFcXywZazoBIFt2KyEqV1w8Ml4aUA1aT1gIWF9OSEkAA0VfHxoTGRpMGlpNSFAHARdTHx9aSUAKXUlLWhdZQQ1TCFhSQFYAXVRNXwxcU0lYCk8TCA9eVFZeHk0dC0VfDllfTVsPWFJPVw1Q HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:55:58 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGhZCftqYhrSfHrw7%2B8OXBVBAOS2eVGt%2BHC%2Bg6dLGa9dyJjGBwu25AGkJxKCrDjXV%2F4Ee8%2F1lXaJ0TLH9gQv3uH3yRgjug8UXbYigUrR7EJGAbWrLFa5u3zhpOKLDvpsuUDrEid%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85929476eba6635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/cU1hMm5ecgJBUxUbJ2U6GhcgaDkjdAdZNBgXUgtLQwszXzwfKCljSAUkBQ9ZR3xQClhXPQhWU0BrEkYPBTgSD11BfVMUBx8rDg9aX31UA0gHcFAcXUVjUgZAQWsUD19AeFkKV0V+VANbRHlQBF1XORFTCUx8R0IaBSFcA1lBdVQHWEB7UwJeQQ

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /cU1hMm5ecgJBUxUbJ2U6GhcgaDkjdAdZNBgXUgtLQwszXzwfKCljSAUkBQ9ZR3xQClhXPQhWU0BrEkYPBTgSD11BfVMUBx8rDg9aX31UA0gHcFAcXUVjUgZAQWsUD19AeFkKV0V+VANbRHlQBF1XORFTCUx8R0IaBSFcA1lBdVQHWEB7UwJeQQ HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:56:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrCJTc5N%2BwYGuI1IyOQEUOKmHcvAori4X3GfJBVPbsJ6htmAYvjMeRLpclreUjGOD0CkBp5vRWAZJ5wYdnOLiDGr4TdLKiTAqAGdsWYb%2BUqcbYdbaulu1%2BaxGoWH%2Fsjid5AcDTWX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294901cc7635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/YTFjYWVODgASWDdlCFU/C2sIIDRUYCImNC51NVkgO2AmLzAwYEUVDAUMVFdUUAlVRxUIVV5QQxJFAhUQEgxQRwwPVwxcCA5EEAQBDkYNRxNcAE1SUU8CV09VR0ReUFRUCVtYUVIEUlRQVQBVUkMVQQIGWFAXExURDQxSVlVZBFZXVFcCUVZT

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /YTFjYWVODgASWDdlCFU/C2sIIDRUYCImNC51NVkgO2AmLzAwYEUVDAUMVFdUUAlVRxUIVV5QQxJFAhUQEgxQRwwPVwxcCA5EEAQBDkYNRxNcAE1SUU8CV09VR0ReUFRUCVtYUVIEUlRQVQBVUkMVQQIGWFAXExURDQxSVlVZBFZXVFcCUVZT HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:56:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSsYHZ0mnCxU%2BbXauxTj9eUpexgTr3dMFW4t5YT56zTdVf8GqgIWJk8d3vUItyw1aMg4uCpdISv0mO7owlHj1FQFqc6H%2BL8eF4MAMcBS5z1glzGPxEfSfswxC3wSw0xy8qxbbQGW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294981ead635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/QkdNcVdteC4CagwAIUANcjALJAIMFSgWAScWC0RycAUPNxEDEgVFcTYuKUxgdHZ8SWFkNyQVanNhPgU2NjI+TGJkLiMXOH9hO0xmbHR5X2R2aX1XIn92fERven55QmJzcnhFZnR0awUnIyBwQHEyMzkdanNwfUlid3F8R2Rwf3o

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /QkdNcVdteC4CagwAIUANcjALJAIMFSgWAScWC0RycAUPNxEDEgVFcTYuKUxgdHZ8SWFkNyQVanNhPgU2NjI+TGJkLiMXOH9hO0xmbHR5X2R2aX1XIn92fERven55QmJzcnhFZnR0awUnIyBwQHEyMzkdanNwfUlid3F8R2Rwf3o HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:56:03 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sNV9o6aSSU60kqoqZR69aUkszecUO96d7IcJ9hAIeIMXnJBt%2BvNYgs85k3NKal%2F%2BREepErJP355lps6bNsGbYI8%2Fjn9pHKci2V8G3KPfSn%2BMEkqWoUV8LUZRT3N%2FyOxnFN%2FtENl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294983ee8635b-LHR
alt-svc: h3=":443"; ma=86400
POST

https://hildrenastheyc.info/cXA5WlVeT1opaBVDXTIEHT5+DmQVQGMPDzAmcS49I0AADzEmNR8uPBVNDmxkQEgPfCUYFARrcwIEWC4gAk0KamVDVlA0Mx5NC3RnREIfLGhAXgpue0JEF2pzBE0Ia2BJSABuZkRBDG9hQEYKfCEBEV5nZFcATS45TEEOam1ERQ9rY0RFCmM

msedge.exe

Remote address:

172.67.132.241:443

Request

POST /cXA5WlVeT1opaBVDXTIEHT5+DmQVQGMPDzAmcS49I0AADzEmNR8uPBVNDmxkQEgPfCUYFARrcwIEWC4gAk0KamVDVlA0Mx5NC3RnREIfLGhAXgpue0JEF2pzBE0Ia2BJSABuZkRBDG9hQEYKfCEBEV5nZFcATS45TEEOam1ERQ9rY0RFCmM HTTP/2.0
host: hildrenastheyc.info
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Wed, 21 Feb 2024 22:56:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi2BW8OIAcCSWzDKcLSP9h2EcRlMOPmp8bVdev1%2Bp3zYXblXoiIOP0VpjSz6fjbF1vsOd6GlshFQpJ7NVT%2BxKoOio6IvhNBpyGD7o0%2F3oN4kjhM9tnKhndkuRu9yeXLxX7jx0c8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294a63809635b-LHR
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/asd100.bin

msedge.exe

Remote address:

172.67.220.203:443

Request

GET /asd100.bin HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1928
last-modified: Wed, 21 Feb 2024 22:23:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCkWFuOIeQ7DcOpmdxkSANOGTmKLd9v82BXNB%2B5dpSRaYNqhv9ddAWB2AjeLROvE3VuXDUDMAfJsLsJ7%2Bo2TZVcUWkQdOfhRaUonUZDhBScPhZnDzNrKe45qlqRUHM%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8592945f59113d8e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/asd100.bin

msedge.exe

Remote address:

172.67.220.203:443

Request

GET /asd100.bin HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1928
last-modified: Wed, 21 Feb 2024 22:23:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPm2SUmxUD85heTlk9D6loJTBCim%2BxZsa734usCG3p9KsLpRXGPzT777ktfuJxpGS6TICc0dWdMuOw%2Bj8eNqc5VwC2%2BDYOObHROoN1t%2BAVFnEigAERht1cx%2BBhl2ScFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8592945f590f3d8e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/asd100.bin

msedge.exe

Remote address:

172.67.220.203:443

Request

GET /asd100.bin HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1928
last-modified: Wed, 21 Feb 2024 22:23:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWqH9ycQQRP4IkK981R6JLRDXN5xFoYr0BpJWEG5XArIpBvkc4mg7%2F2%2FCzd193Z%2F53%2F%2Bhw%2B63RvPOLw1uvUxNRhVkvdmoGFgLVAT%2BdH%2BBIaok0c3sYEEq%2FyDZ9A1OOx4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8592945f59123d8e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/

msedge.exe

Remote address:

172.67.220.203:443

Request

GET / HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1928
last-modified: Wed, 21 Feb 2024 22:23:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAZL7rpyhTdXK5sZsqeQmDaLcX9MvdhFqSkTH4rzLxtiQzRB5zsZI8BQK7sc2d044DVxVOfDsEVpw%2BzkGEg580q9DBBrTm8xRyrjYdRM5topMTDA7%2F23Fwcc9rb1sWNX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8592945f59153d8e-LHR
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/asd100.bin

msedge.exe

Remote address:

172.67.220.203:443

Request

GET /asd100.bin HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:54 GMT
content-type: text/plain
set-cookie: csu=1218187407659677@1@1708556154; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu3OH85oQMw4BQE%2BLbAX8ZhbwP7StapOEL1Y1CyC1ExMWxE0FjgJ6ULC5mOIaLFueax7s%2F5gYNgUZ55q8G5JHrKFP%2B2KA%2FM6GGxzt5FYpq5PMFEQ73%2FiRDxtfiOd2YS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8592945f59133d8e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/

msedge.exe

Remote address:

172.67.220.203:443

Request

GET / HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: text/plain
set-cookie: csu=1058108771366986@1@1708556154; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reoB7bxOGz%2FdONROEn5U6RgCt6RqEaL06ksBQdiALiVNYdAYtS1q%2FttyO4iOOltr5%2FoggVfBywiUC0KOEhJfLck0q6KAJ6gvCNjsNWupeGC5gfDJVje0ucQ9nfLpzbDx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294605a2f3d8e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/

msedge.exe

Remote address:

172.67.220.203:443

Request

GET / HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: text/plain
set-cookie: csu=1264574189947902@1@1708556155; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od0fc7wvqCsI50lMl7EV8HUzApbRmN8X0wHoSbmuTB3gl0db0uNYqRPqgUVRWGt4bO0x7bIufs8ZhKpQadamU59VVyBCT9VlTCV3PayxFsl4yUO25GZeq16CrCfdcz9J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294612ae93d8e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://pogothere.xyz/

msedge.exe

Remote address:

172.67.220.203:443

Request

GET / HTTP/2.0
host: pogothere.xyz
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:55:55 GMT
content-type: text/plain
set-cookie: csu=1158894351554163@1@1708556155; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NsP99lFct1yrDv%2F8jGj5Q1hSZuzwAVi0tWClrdOvQXMTANVxIE%2F%2B2cnk1bRh2tDSKw6CUIszSyXP%2FtBAkilwSU7KIKhQB%2BHo%2F71IRCSYKjvvscdX5%2FGMXn0rWq8SIWz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 85929461fbdd3d8e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

msedge.exe

Remote address:

108.177.127.84:443

Request

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/2.0
host: accounts.google.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

msedge.exe

Remote address:

108.177.127.84:443

Request

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/2.0
host: accounts.google.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://d2qf34ln5axea0.cloudfront.net/MWDJibzA7XQwJDyxbBlIHbgNTVwZ+WBEAXigPMQVdIUZQHVs5YxsdXBUUFhVUZQJEA1E2VV9JVTZRX14WOVYAUgR+RhIAW2VFFgtaIlgXCFgvFBcODTVdGAZcNFNHXXZtHFJKAmgaFQZePF0VHBVqAgwbFWoCU18eaBdRLRVqAhUGXm4GR1xyfQBSFwZsG0-ddADlCEgNVL1cABFksF1ApBWsFTFwGfQBSR1swRg8DFWpxR10ANFsJChVqAgUKUzNdS0oCaFEKHV81V0dddmECTF8ebAZRXx5qA1BKAmhBAwlRKltHXXZtAVVBA24XUF9VPFVHXXZhAkxfHmADWkEGbhQXUgE

msedge.exe

Remote address:

18.165.196.180:443

Request

GET /MWDJibzA7XQwJDyxbBlIHbgNTVwZ+WBEAXigPMQVdIUZQHVs5YxsdXBUUFhVUZQJEA1E2VV9JVTZRX14WOVYAUgR+RhIAW2VFFgtaIlgXCFgvFBcODTVdGAZcNFNHXXZtHFJKAmgaFQZePF0VHBVqAgwbFWoCU18eaBdRLRVqAhUGXm4GR1xyfQBSFwZsG0-ddADlCEgNVL1cABFksF1ApBWsFTFwGfQBSR1swRg8DFWpxR10ANFsJChVqAgUKUzNdS0oCaFEKHV81V0dddmECTF8ebAZRXx5qA1BKAmhBAwlRKltHXXZtAVVBA24XUF9VPFVHXXZhAkxfHmADWkEGbhQXUgE HTTP/2.0
host: d2qf34ln5axea0.cloudfront.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://sandtheircle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 572
date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: 1jvu3nl83d3eTONfVE9bI63XJBgfyHybSBTvCwVH9YI1VgSyf6foFQ==
GET

https://d2qf34ln5axea0.cloudfront.net/tU0xCN1IwIyxRbSclJgpqYXl7BmN1JjFYPCNxIXwqZzgIQj4yFTJtMHU4OFNvY2ouVjw0cWRSPDBxcxEzNy5/A3QnPC1cbyYiJlI0OiInU3QmLX9aPSklLlszdn4EAnxjaXAHeiQlLFM9JD9nBWI9OGcFYmJ8bAd3YA5nBWIkJSwBZnZ/ABJgYzR0A3t2fn-JWIiMgJ0A3MScrQ3dhCncEZX1/dBJgY2QpXyY+IGcFEXZ+cls7OClnBWI0KSFcPXppcAcxOz4tWjd2fgQOYn18bANmYHxsBWNhaXAHITIqI0U7dn4EAmFkYnEBd2F8J1M1dn4EDmJ9fGwPY2tidAF0JnFz

msedge.exe

Remote address:

18.165.196.180:443

Request

GET /tU0xCN1IwIyxRbSclJgpqYXl7BmN1JjFYPCNxIXwqZzgIQj4yFTJtMHU4OFNvY2ouVjw0cWRSPDBxcxEzNy5/A3QnPC1cbyYiJlI0OiInU3QmLX9aPSklLlszdn4EAnxjaXAHeiQlLFM9JD9nBWI9OGcFYmJ8bAd3YA5nBWIkJSwBZnZ/ABJgYzR0A3t2fn-JWIiMgJ0A3MScrQ3dhCncEZX1/dBJgY2QpXyY+IGcFEXZ+cls7OClnBWI0KSFcPXppcAcxOz4tWjd2fgQOYn18bANmYHxsBWNhaXAHITIqI0U7dn4EAmFkYnEBd2F8J1M1dn4EDmJ9fGwPY2tidAF0JnFz HTTP/2.0
host: d2qf34ln5axea0.cloudfront.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://sandtheircle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 367
date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: OxERJy7ncXQ89RBc_wSGq0pkvwDLDirZ6rQrFikB4ss25F6NoCenBg==
GET

https://d2qf34ln5axea0.cloudfront.net/1VnplcWU1FQsXWiITAUxdYUxWQF1wEBYeCyZHEj4mOEo9RDMOFyRFHABcEQsBa0pDHQQ4HVhXADgZWEBDNx4HTFFwDhUeDmsNERUPLBAQFg0hXBAQWDsVHxgJOhtAQyNjVFVUV2ZSEhgLMhUSAkBkSgsFQGRKVEFLZl9WM0BkShIYC2BOQEInc0hVCVNiU0-BDVTcKFR0AIR8HGgwiX1c3UGVNS0JTc0hVWQ4+DggdQGQ5QENVOhMOFEBkSgIUBj0VTFRXZhkNAwo7H0BDI29KS0FLYk5WQUtkS1dUV2YJBBcEJBNAQyNjSVJfVmBfV0EAMh1AQyNvSktBS25LXV9TYFwQTFQ

msedge.exe

Remote address:

18.165.196.180:443

Request

GET /1VnplcWU1FQsXWiITAUxdYUxWQF1wEBYeCyZHEj4mOEo9RDMOFyRFHABcEQsBa0pDHQQ4HVhXADgZWEBDNx4HTFFwDhUeDmsNERUPLBAQFg0hXBAQWDsVHxgJOhtAQyNjVFVUV2ZSEhgLMhUSAkBkSgsFQGRKVEFLZl9WM0BkShIYC2BOQEInc0hVCVNiU0-BDVTcKFR0AIR8HGgwiX1c3UGVNS0JTc0hVWQ4+DggdQGQ5QENVOhMOFEBkSgIUBj0VTFRXZhkNAwo7H0BDI29KS0FLYk5WQUtkS1dUV2YJBBcEJBNAQyNjSVJfVmBfV0EAMh1AQyNvSktBS25LXV9TYFwQTFQ HTTP/2.0
host: d2qf34ln5axea0.cloudfront.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://sandtheircle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 188
date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: q4Binn5n1xo1yhyqxG_UXqSDWv1wKIzv7XnYvWuXW5VpL23CNeoPKg==
GET

https://d2qf34ln5axea0.cloudfront.net/STFBCbDUvPywKCjg5JlECemRzWARqOjEDWzxtJwhtLj4XK1QtMghKQTY0f1wTIDEsCwhqNSwPCH12IwhXcWRkGEUjO38bQSg6OAZAKzg1SkAtbS8DTyU8Lg0QfhZ3QgVpYnJEQiU+JgNCP3VwXFs4dXBcBHx+ckkGDnVwXEIlPnRYEH8SZ14FNGZ2RRB+YC-McRSA1NQlXJzk2SQcKZXFbG39mZ14FZDsqGFggdXAvEH5gLgVeKXVwXFIpMykDHGlicg9dPj8vCRB+FntcG3x+dlgGfH5wXQdpYnIfVCoxMAUQfhZ3XwJiY3RJB3w1JgsQfhZ7XBt8fnpdDWJmdEpAcWE

msedge.exe

Remote address:

18.165.196.180:443

Request

GET /STFBCbDUvPywKCjg5JlECemRzWARqOjEDWzxtJwhtLj4XK1QtMghKQTY0f1wTIDEsCwhqNSwPCH12IwhXcWRkGEUjO38bQSg6OAZAKzg1SkAtbS8DTyU8Lg0QfhZ3QgVpYnJEQiU+JgNCP3VwXFs4dXBcBHx+ckkGDnVwXEIlPnRYEH8SZ14FNGZ2RRB+YC-McRSA1NQlXJzk2SQcKZXFbG39mZ14FZDsqGFggdXAvEH5gLgVeKXVwXFIpMykDHGlicg9dPj8vCRB+FntcG3x+dlgGfH5wXQdpYnIfVCoxMAUQfhZ3XwJiY3RJB3w1JgsQfhZ7XBt8fnpdDWJmdEpAcWE HTTP/2.0
host: d2qf34ln5axea0.cloudfront.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://sandtheircle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 446
date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: o9rc94J1_lq3wga-DsE_KOZsZcyBvT9lP7X7rdK8s9MZBQvfjBWFlA==
GET

https://d2qf34ln5axea0.cloudfront.net/pbVJabWUOPTQLWhk7PlBcWWtiW1FLOCkCCx1vIC4PBCovPVU7KHwZHwlvaksJDDw9UEMIPDlQVEszPg9YWXQvDFgAPSAECQEzf18jWHxqSFddei0ECwk9LR5AX2I0GUBfYmtdS113aS9AX2ItBAtbZn9eJ0hgahVTWXt/X1UMIioBABo3OAYMGXdoK1BeZX-ReU0hgakUOBSY3AUBfEX9fVQE7MQhAX2I9CAYGPXNIV10xMh8KADd/XyNUYnRdS1lmaV1LX2NoSFddITsLBB87f18jWGFtQ1Zbd2hdAAk1f18jVGJ0XUtVY2JDU1t0L1BU

msedge.exe

Remote address:

18.165.196.180:443

Request

GET /pbVJabWUOPTQLWhk7PlBcWWtiW1FLOCkCCx1vIC4PBCovPVU7KHwZHwlvaksJDDw9UEMIPDlQVEszPg9YWXQvDFgAPSAECQEzf18jWHxqSFddei0ECwk9LR5AX2I0GUBfYmtdS113aS9AX2ItBAtbZn9eJ0hgahVTWXt/X1UMIioBABo3OAYMGXdoK1BeZX-ReU0hgakUOBSY3AUBfEX9fVQE7MQhAX2I9CAYGPXNIV10xMh8KADd/XyNUYnRdS1lmaV1LX2NoSFddITsLBB87f18jWGFtQ1Zbd2hdAAk1f18jVGJ0XUtVY2JDU1t0L1BU HTTP/2.0
host: d2qf34ln5axea0.cloudfront.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://sandtheircle.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 583
date: Wed, 21 Feb 2024 22:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 182a59e089d675b68d266c3e1c14253c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: I8DrXC_SI-LXxm4nkM7Z5Cb2w5EPOdrRtpo171sGF28doQhfEI1bgA==
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-Z9TE2LW16Q&gtm=45je42h0v9124836801za200&_p=1708556154120&gcd=13l3l3l3l1&npa=0&dma=0&cid=1374742328.1708556154&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708556154&sct=1&seg=0&dl=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&dr=https%3A%2F%2Figg-games.cc%2F&dt=Command.and.Conquer.Renegade.v1.037.rar%20-%20MegaUp&en=page_view&_fv=1&_ss=1&tfd=1570

msedge.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-Z9TE2LW16Q&gtm=45je42h0v9124836801za200&_p=1708556154120&gcd=13l3l3l3l1&npa=0&dma=0&cid=1374742328.1708556154&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708556154&sct=1&seg=0&dl=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&dr=https%3A%2F%2Figg-games.cc%2F&dt=Command.and.Conquer.Renegade.v1.037.rar%20-%20MegaUp&en=page_view&_fv=1&_ss=1&tfd=1570 HTTP/2.0
host: region1.google-analytics.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

242.224.195.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

242.224.195.34.in-addr.arpa

IN PTR

Response

242.224.195.34.in-addr.arpa

IN PTR

ec2-34-195-224-242 compute-1 amazonawscom
DNS

196.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.179.250.142.in-addr.arpa

IN PTR

Response

196.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f41e100net
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.179.196
DNS

50.192.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.192.67.172.in-addr.arpa

IN PTR

Response
DNS

dotsply.com

Remote address:

8.8.8.8:53

Request

dotsply.com

IN A

Response

dotsply.com

IN A

172.66.40.43

dotsply.com

IN A

172.66.43.213
DNS

13.138.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.138.67.172.in-addr.arpa

IN PTR

Response
DNS

c.adsco.re

Remote address:

8.8.8.8:53

Request

c.adsco.re

IN A

Response

c.adsco.re

IN A

104.17.167.186

c.adsco.re

IN A

104.17.166.186
DNS

bcp.crwdcntrl.net

Remote address:

8.8.8.8:53

Request

bcp.crwdcntrl.net

IN A

Response

bcp.crwdcntrl.net

IN A

99.81.54.149

bcp.crwdcntrl.net

IN A

52.212.53.200

bcp.crwdcntrl.net

IN A

54.155.211.205

bcp.crwdcntrl.net

IN A

54.77.245.72

bcp.crwdcntrl.net

IN A

52.213.118.200

bcp.crwdcntrl.net

IN A

108.128.158.24

bcp.crwdcntrl.net

IN A

34.246.36.174

bcp.crwdcntrl.net

IN A

63.35.74.224
DNS

149.54.81.99.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.54.81.99.in-addr.arpa

IN PTR

Response

149.54.81.99.in-addr.arpa

IN PTR

ec2-99-81-54-149 eu-west-1compute amazonawscom
DNS

f2.megaup.net

Remote address:

8.8.8.8:53

Request

f2.megaup.net

IN A

Response

f2.megaup.net

IN A

145.239.65.72
DNS

browser.pipe.aria.microsoft.com

Remote address:

8.8.8.8:53

Request

browser.pipe.aria.microsoft.com

IN A

Response

browser.pipe.aria.microsoft.com

IN CNAME

browser.events.data.trafficmanager.net

browser.events.data.trafficmanager.net

IN CNAME

onedscolprdwus08.westus.cloudapp.azure.com

onedscolprdwus08.westus.cloudapp.azure.com

IN A

20.189.173.9
DNS

17.158.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.158.16.104.in-addr.arpa

IN PTR

Response
DNS

bat.bing.com

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

130.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.179.250.142.in-addr.arpa

IN PTR

Response

130.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f21e100net
DNS

36.34.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.34.239.216.in-addr.arpa

IN PTR

Response
DNS

145.243.33.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.243.33.3.in-addr.arpa

IN PTR

Response

145.243.33.3.in-addr.arpa

IN PTR

a3edc0dabdef92d6dawsglobalacceleratorcom
DNS

www.gstatic.com

Remote address:

8.8.8.8:53

Request

www.gstatic.com

IN A

Response

www.gstatic.com

IN A

216.58.214.3
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

imp9.bidgear.com

Remote address:

8.8.8.8:53

Request

imp9.bidgear.com

IN A

Response

imp9.bidgear.com

IN A

172.67.74.36

imp9.bidgear.com

IN A

104.26.3.107

imp9.bidgear.com

IN A

104.26.2.107
DNS

17.159.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.159.16.104.in-addr.arpa

IN PTR

Response
DNS

qkrsvcuaztzl.n4.adsco.re

Remote address:

8.8.8.8:53

Request

qkrsvcuaztzl.n4.adsco.re

IN A

Response

qkrsvcuaztzl.n4.adsco.re

IN A

38.132.109.115
DNS

51.118.200.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.118.200.185.in-addr.arpa

IN PTR

Response

51.118.200.185.in-addr.arpa

IN PTR

adscorecom
DNS

72.65.239.145.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.65.239.145.in-addr.arpa

IN PTR

Response

72.65.239.145.in-addr.arpa

IN PTR

ns3086263 ip-145-239-65eu
DNS

9.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.173.189.20.in-addr.arpa

IN PTR

Response
DNS

72.96.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.96.21.104.in-addr.arpa

IN PTR

Response
DNS

mc.yandex.ru

Remote address:

8.8.8.8:53

Request

mc.yandex.ru

IN A

Response

mc.yandex.ru

IN A

87.250.251.119

mc.yandex.ru

IN A

87.250.250.119

mc.yandex.ru

IN A

77.88.21.119

mc.yandex.ru

IN A

93.158.134.119
DNS

180.196.165.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

180.196.165.18.in-addr.arpa

IN PTR

Response

180.196.165.18.in-addr.arpa

IN PTR

server-18-165-196-180lhr50r cloudfrontnet
DNS

244.123.126.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.123.126.96.in-addr.arpa

IN PTR

Response

244.123.126.96.in-addr.arpa

IN PTR

li372-244memberslinodecom
DNS

2.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.36.251.142.in-addr.arpa

IN PTR

Response

2.36.251.142.in-addr.arpa

IN PTR

ams15s44-in-f21e100net
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

adxbid.info

Remote address:

8.8.8.8:53

Request

adxbid.info

IN A

Response

adxbid.info

IN A

172.67.138.13

adxbid.info

IN A

104.21.48.215
DNS

91.32.46.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.32.46.78.in-addr.arpa

IN PTR

Response

91.32.46.78.in-addr.arpa

IN PTR

static91324678clientsyour-serverde
DNS

qkrsvcuaztzl.l4.adsco.re

Remote address:

8.8.8.8:53

Request

qkrsvcuaztzl.l4.adsco.re

IN A

Response

qkrsvcuaztzl.l4.adsco.re

IN A

185.200.118.51
DNS

ad.crwdcntrl.net

Remote address:

8.8.8.8:53

Request

ad.crwdcntrl.net

IN A

Response

ad.crwdcntrl.net

IN A

99.80.32.224

ad.crwdcntrl.net

IN A

54.155.211.205

ad.crwdcntrl.net

IN A

52.212.53.200

ad.crwdcntrl.net

IN A

34.246.36.174

ad.crwdcntrl.net

IN A

99.81.54.149

ad.crwdcntrl.net

IN A

63.35.74.224

ad.crwdcntrl.net

IN A

108.128.158.24

ad.crwdcntrl.net

IN A

52.211.215.251
DNS

224.32.80.99.in-addr.arpa

Remote address:

8.8.8.8:53

Request

224.32.80.99.in-addr.arpa

IN PTR

Response

224.32.80.99.in-addr.arpa

IN PTR

ec2-99-80-32-224 eu-west-1compute amazonawscom
DNS

id.crwdcntrl.net

Remote address:

8.8.8.8:53

Request

id.crwdcntrl.net

IN A

Response

id.crwdcntrl.net

IN A

54.155.211.205

id.crwdcntrl.net

IN A

63.35.74.224

id.crwdcntrl.net

IN A

52.213.118.200

id.crwdcntrl.net

IN A

99.81.54.149

id.crwdcntrl.net

IN A

52.211.215.251

id.crwdcntrl.net

IN A

108.128.158.24

id.crwdcntrl.net

IN A

34.246.36.174

id.crwdcntrl.net

IN A

52.212.53.200
DNS

engine.4dsply.com

Remote address:

8.8.8.8:53

Request

engine.4dsply.com

IN A

Response

engine.4dsply.com

IN A

104.16.158.17

engine.4dsply.com

IN A

104.16.159.17
DNS

uep.gaijin.net

Remote address:

8.8.8.8:53

Request

uep.gaijin.net

IN A

Response

uep.gaijin.net

IN A

63.35.126.133
DNS

googleads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.179.130
GET

http://asdasdad.net/

msedge.exe

Remote address:

96.126.123.244:80

Request

GET / HTTP/1.1
Host: asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Wed, 21 Feb 2024 22:55:59 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
GET

http://asdasdad.net/?gp=1&js=1&uuid=1708556159.0072398514&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

msedge.exe

Remote address:

96.126.123.244:80

Request

GET /?gp=1&js=1&uuid=1708556159.0072398514&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9 HTTP/1.1
Host: asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://asdasdad.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

server: openresty/1.13.6.1
date: Wed, 21 Feb 2024 22:55:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJhc2Rhc2RhZC5uZXQiLCJodHRwOi8vd3d3Ni5hc2Rhc2RhZC5uZXQvP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0xJnNfdG9rZW49MTcwODU1NjE1OS4wMzI5NzAwMDAwJnV1aWQ9MTcwODU1NjE1OS4wMzI5NzAwMDAwJnRlcm09RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPVJhbmRvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1DdXN0b20lMjBIb3N0ZWQlMjBTZXJ2ZXJzJnRlcm09RG93bmxvYWQlMjBGcm9tJTIwSGlnaCUyMFNlY3VyaXR5JTIwQ2xvdWQlMjBGaWxlJTIwU3RvcmFnZSZzZWFyY2hib3g9MCZzaG93RG9tYWluPTAmYmFja2ZpbGw9MCIsMSwiMjAyNC0wMi0yMSAyMjo1NTo1OSIsMSwiMTcwODU1NjE1OS4wMzI5NzAwMDAwIiwxMDksbnVsbCxudWxsXQ:1rcvVP:BeTE_q6qNZPLi-OCgiifKvQI914; expires=Wed, 21-Feb-2024 23:55:59 GMT; Max-Age=3600; Path=/
connection: close
GET

http://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

msedge.exe

Remote address:

3.33.243.145:80

Request

GET /?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: openresty
Date: Wed, 21 Feb 2024 22:55:59 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Location: https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0
ETag: "65d0dd59-0"
GET

https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

msedge.exe

Remote address:

3.33.243.145:443

Request

GET /?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Wed, 21 Feb 2024 22:56:00 GMT
Content-Type: text/html
Content-Length: 524
Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT
Connection: keep-alive
ETag: "65b834cc-20c"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_EDPGzZfHV3Cs5SZtBcKbAVzLn83izgrY7JvzvK8djbYeLObIbxYZVTdhSIf6Se1xcxxuQ4//6egoXVYIrP/yew
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=89.149.23.59;Path=/;Max-Age=86400;
Set-Cookie: country=RO;Path=/;Max-Age=86400;
Set-Cookie: city="";Path=/;Max-Age=86400;
Set-Cookie: lander_type=parking;Path=/;Max-Age=86400;
Set-Cookie: expiry_partner=;Path=/;Max-Age=86400;
Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400;
Accept-Ranges: bytes
GET

https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

msedge.exe

Remote address:

3.33.243.145:443

Request

GET /?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: caf_ipaddr=89.149.23.59; country=RO; city=""; lander_type=parking; expiry_partner=; _policy={"restricted_market":false,"tracking_market":"none"}; __gsas=ID=e0ac5da66a847700:T=1708556161:RT=1708556161:S=ALNI_Mam0xzu4icQsX0Mdg-uDYKKx5plZQ
If-None-Match: "65b834cc-20c"
If-Modified-Since: Mon, 29 Jan 2024 23:29:16 GMT

Response

HTTP/1.1 304 Not Modified

Server: openresty
Date: Wed, 21 Feb 2024 22:56:04 GMT
Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT
Connection: keep-alive
ETag: "65b834cc-20c"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_EDPGzZfHV3Cs5SZtBcKbAVzLn83izgrY7JvzvK8djbYeLObIbxYZVTdhSIf6Se1xcxxuQ4//6egoXVYIrP/yew
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=89.149.23.59;Path=/;Max-Age=86400;
Set-Cookie: country=RO;Path=/;Max-Age=86400;
Set-Cookie: city="";Path=/;Max-Age=86400;
Set-Cookie: lander_type=parking;Path=/;Max-Age=86400;
Set-Cookie: expiry_partner=;Path=/;Max-Age=86400;
Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400;
GET

https://www.google.com/adsense/domains/caf.js?abp=1

msedge.exe

Remote address:

142.250.179.196:443

Request

GET /adsense/domains/caf.js?abp=1 HTTP/2.0
host: www.google.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://img1.wsimg.com/parking-lander/static/css/main.37af1632.css

msedge.exe

Remote address:

184.28.198.211:443

Request

GET /parking-lander/static/css/main.37af1632.css HTTP/2.0
host: img1.wsimg.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: Q+N7bCPSUr5mQDHtZOpjFjDJlBz7inRSUZRsC+B6qKmq4Da944IcF0eMEGSgnZHXZdxGks9dv/ZRk+eKSza5UQ==
x-amz-request-id: 7TK3AX50AE8YERQD
last-modified: Mon, 29 Jan 2024 23:28:27 GMT
etag: "60449466bbb7938507f40b03b6416f58"
x-amz-server-side-encryption: AES256
x-amz-version-id: uVpdC376pEVh8LHko2uN3ClOGdrFblYV
accept-ranges: bytes
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
content-length: 188
cache-control: max-age=31536000
expires: Thu, 20 Feb 2025 22:56:00 GMT
date: Wed, 21 Feb 2024 22:56:00 GMT
timing-allow-origin: *
access-control-allow-origin: *
GET

https://img1.wsimg.com/parking-lander/static/js/main.6b7ddab3.js

msedge.exe

Remote address:

184.28.198.211:443

Request

GET /parking-lander/static/js/main.6b7ddab3.js HTTP/2.0
host: img1.wsimg.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: wDsAPOAnefDu0vxetJzhWV8p2Pgqw+/B9TtZPEiBU8vIN5O3hOdJa3bv0+6jO00xiHz3TABFl3LGOciWnXcCuw==
x-amz-request-id: 7TK8PEBX49E6PFA2
last-modified: Mon, 29 Jan 2024 23:28:03 GMT
etag: "f90af6a5fc3873243aa6f7308c94789a"
x-amz-server-side-encryption: AES256
x-amz-version-id: zfvSW3iKEzDsBkebMuX859gJ2juU9KG_
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 174020
cache-control: max-age=31536000
expires: Thu, 20 Feb 2025 22:56:00 GMT
date: Wed, 21 Feb 2024 22:56:00 GMT
timing-allow-origin: *
access-control-allow-origin: *
GET

https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=08231&domain_name=asdasdad.net&client=dp-namemedia08_3ph&r=m&rpbu=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Europe%20Dedicated%20Servers%2CRandom%20Dedicated%20Servers%2CCustom%20Hosted%20Servers%2CDownload%20From%20High%20Security%20Cloud%20File%20Storage&type=3&uiopt=true&swp=as-drid-2235535430585190&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C71847096&format=r4&nocache=7701708556160952&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1708556160953&u_w=1280&u_h=720&biw=1263&bih=601&psw=1263&psh=811&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&jsv=607429171&rurl=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0

msedge.exe

Remote address:

142.250.179.206:443

Request

GET /afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=08231&domain_name=asdasdad.net&client=dp-namemedia08_3ph&r=m&rpbu=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Europe%20Dedicated%20Servers%2CRandom%20Dedicated%20Servers%2CCustom%20Hosted%20Servers%2CDownload%20From%20High%20Security%20Cloud%20File%20Storage&type=3&uiopt=true&swp=as-drid-2235535430585190&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C71847096&format=r4&nocache=7701708556160952&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1708556160953&u_w=1280&u_h=720&biw=1263&bih=601&psw=1263&psh=811&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&jsv=607429171&rurl=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0 HTTP/2.0
host: www.adsensecustomsearchads.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://img1.wsimg.com/parking-lander/px.js?ch=1&abp=1

msedge.exe

Remote address:

184.28.198.211:443

Request

GET /parking-lander/px.js?ch=1&abp=1 HTTP/2.0
host: img1.wsimg.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www6.asdasdad.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: MPrfETQ9U91qAprIwx0Qz+LnfNusSGEiQXHI54ddG6GtFF+UHfkoPYnSWbJ3VayWhBUdS69/pO8=
x-amz-request-id: 7B49BE4BFP5J8WXJ
last-modified: Mon, 29 Jan 2024 23:28:34 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-amz-version-id: skvZSsKsBwQXKF1lVVno3FVyarBqNXpI
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 20
cache-control: max-age=31536000
expires: Thu, 20 Feb 2025 22:56:01 GMT
date: Wed, 21 Feb 2024 22:56:01 GMT
timing-allow-origin: *
access-control-allow-origin: *
GET

https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=1

msedge.exe

Remote address:

184.28.198.211:443

Request

GET /parking-lander/px.js?ch=2&abp=1 HTTP/2.0
host: img1.wsimg.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www6.asdasdad.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: 1lSzenUa7pdipLnj0TEPZa+vRxsurUN+BwsrD4scWpHdIM1MM90DWasGdF9+vKel3w+YU4XdG6I=
x-amz-request-id: 7B454P016PW4TKMX
last-modified: Mon, 29 Jan 2024 23:28:34 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-amz-version-id: skvZSsKsBwQXKF1lVVno3FVyarBqNXpI
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 20
cache-control: max-age=31536000
expires: Thu, 20 Feb 2025 22:56:01 GMT
date: Wed, 21 Feb 2024 22:56:01 GMT
timing-allow-origin: *
access-control-allow-origin: *
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=www6.asdasdad.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie

msedge.exe

Remote address:

142.251.36.2:443

Request

GET /gampad/cookie.js?domain=www6.asdasdad.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/2.0
host: partner.googleadservices.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www6.asdasdad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://asdasdad.net/

msedge.exe

Remote address:

96.126.123.244:80

Request

GET / HTTP/1.1
Host: asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: mtm_delivered=WyJhc2Rhc2RhZC5uZXQiLCJodHRwOi8vd3d3Ni5hc2Rhc2RhZC5uZXQvP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0xJnNfdG9rZW49MTcwODU1NjE1OS4wMzI5NzAwMDAwJnV1aWQ9MTcwODU1NjE1OS4wMzI5NzAwMDAwJnRlcm09RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPVJhbmRvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1DdXN0b20lMjBIb3N0ZWQlMjBTZXJ2ZXJzJnRlcm09RG93bmxvYWQlMjBGcm9tJTIwSGlnaCUyMFNlY3VyaXR5JTIwQ2xvdWQlMjBGaWxlJTIwU3RvcmFnZSZzZWFyY2hib3g9MCZzaG93RG9tYWluPTAmYmFja2ZpbGw9MCIsMSwiMjAyNC0wMi0yMSAyMjo1NTo1OSIsMSwiMTcwODU1NjE1OS4wMzI5NzAwMDAwIiwxMDksbnVsbCxudWxsXQ:1rcvVP:BeTE_q6qNZPLi-OCgiifKvQI914; __gsas=ID=e0ac5da66a847700:T=1708556161:RT=1708556161:S=ALNI_Mam0xzu4icQsX0Mdg-uDYKKx5plZQ

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Wed, 21 Feb 2024 22:56:04 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
GET

http://asdasdad.net/?gp=1&js=1&uuid=1708556164.0084700544&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

msedge.exe

Remote address:

96.126.123.244:80

Request

GET /?gp=1&js=1&uuid=1708556164.0084700544&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9 HTTP/1.1
Host: asdasdad.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://asdasdad.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: mtm_delivered=WyJhc2Rhc2RhZC5uZXQiLCJodHRwOi8vd3d3Ni5hc2Rhc2RhZC5uZXQvP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0xJnNfdG9rZW49MTcwODU1NjE1OS4wMzI5NzAwMDAwJnV1aWQ9MTcwODU1NjE1OS4wMzI5NzAwMDAwJnRlcm09RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPVJhbmRvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1DdXN0b20lMjBIb3N0ZWQlMjBTZXJ2ZXJzJnRlcm09RG93bmxvYWQlMjBGcm9tJTIwSGlnaCUyMFNlY3VyaXR5JTIwQ2xvdWQlMjBGaWxlJTIwU3RvcmFnZSZzZWFyY2hib3g9MCZzaG93RG9tYWluPTAmYmFja2ZpbGw9MCIsMSwiMjAyNC0wMi0yMSAyMjo1NTo1OSIsMSwiMTcwODU1NjE1OS4wMzI5NzAwMDAwIiwxMDksbnVsbCxudWxsXQ:1rcvVP:BeTE_q6qNZPLi-OCgiifKvQI914; __gsas=ID=e0ac5da66a847700:T=1708556161:RT=1708556161:S=ALNI_Mam0xzu4icQsX0Mdg-uDYKKx5plZQ

Response

HTTP/1.1 302 Found

server: openresty/1.13.6.1
date: Wed, 21 Feb 2024 22:56:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0
referrer-policy: no-referrer
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJhc2Rhc2RhZC5uZXQiLCJodHRwOi8vd3d3Ni5hc2Rhc2RhZC5uZXQvP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0xJnNfdG9rZW49MTcwODU1NjE1OS4wMzI5NzAwMDAwJnV1aWQ9MTcwODU1NjE1OS4wMzI5NzAwMDAwJnRlcm09RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPVJhbmRvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1DdXN0b20lMjBIb3N0ZWQlMjBTZXJ2ZXJzJnRlcm09RG93bmxvYWQlMjBGcm9tJTIwSGlnaCUyMFNlY3VyaXR5JTIwQ2xvdWQlMjBGaWxlJTIwU3RvcmFnZSZzZWFyY2hib3g9MCZzaG93RG9tYWluPTAmYmFja2ZpbGw9MCIsMSwiMjAyNC0wMi0yMSAyMjo1NTo1OSIsMiwiMTcwODU1NjE1OS4wMzI5NzA4ODMwIiwxMDksbnVsbCxudWxsXQ:1rcvVU:H82D21Gr89ZNDOQdgRE5m7hkv9c; expires=Wed, 21-Feb-2024 23:56:04 GMT; Max-Age=3600; Path=/
connection: close
GET

https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 403

date: Wed, 21 Feb 2024 22:56:07 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD857Wpnu2Xyw1eI2zlET%2FwAvJ3VQGvmHqfMjeUuhPN78EhQhgc7GcrwhkA7%2FiL2Dn5XO0vsspFA5f1HoyNObIwC9j%2Bt9dQFp6skEoU82ABDS2xGTi1bkfHybT2IWAWoxBH7ckG2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294b01c126347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859294b01c126347

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859294b01c126347 HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB&__cf_chl_rt_tk=DHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556154.0.0.0
cookie: _ga=GA1.1.1374742328.1708556154

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:07 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uos2iUjFAb%2BLZZDeaHHB4NlGx4d5HI1HZrUsK7VHKCJw5Id%2FBqSqUAAHoWQP6fMQ6AzeZdCauzgy%2BS%2Biwlu8bud0TfyAQ%2BHnIMNDI%2B6e8HY3mzDYySaCk9zt51JehvzF2JHg3xoU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294b09cd56347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/favicon.ico

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /favicon.ico HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 403

date: Wed, 21 Feb 2024 22:56:07 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kR0KmC%2BqofVTdF0uN4woaYTfmd8BeR1OKARwRJNremEFDpaI3G5WrVvm9SLj%2FZjGzM4f53l%2FMsfnF9OpDWee3HvFvi1B1a%2FlM8AeqW%2FHIdkozVmiV2WWP4ZjXo8bj%2FqN8Ul1VQM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294b10d5a6347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/favicon.ico

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /favicon.ico HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 403

date: Wed, 21 Feb 2024 22:56:07 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfE0uxCO1sNjMpwPgHLyFzkdw93VynTrE0zknWuJoDMN9gv1e2P%2BjioJDCzhV2cAyaebEz5b7tQULusWci3mFlftWLneOjVogv7UbQfJ%2FOqcCjNDXwDpQQFFcDWp3%2B3%2FUkVbF434"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294b16dd76347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44

msedge.exe

Remote address:

172.67.192.50:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44 HTTP/2.0
host: download.megaup.net
content-length: 2297
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
sec-ch-ua-model:
cf-challenge: aba0d78f7097d44
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://download.megaup.net
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:07 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: M0j8zIgeoi60Nhn2/sCjOk2EZEtg36Dyv4ZZMVMVPabCrS5iYYptIC0Y/PtEBJ70$F8NC6ktu6SJ7WngQUJUzWQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyRhy2LRoaGaOW3rhOEFlr7fE%2FA9Lf6ftf6thX9OMqU6IG0YQTfZPvQYcVC9JORScOKvYb5GpHxZ%2BchbQD0oPe1STVAl3aRBNL1%2FiFyUIj8tvVg1iHHQFTe14y2g31IeER0Oow2h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294b1be446347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44

msedge.exe

Remote address:

172.67.192.50:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44 HTTP/2.0
host: download.megaup.net
content-length: 3685
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
content-type: application/x-www-form-urlencoded
sec-ch-ua-model:
cf-challenge: aba0d78f7097d44
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://download.megaup.net
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_ni=;Expires=Tue, 20 Feb 2024 22:56:12 GMT;SameSite=Strict
cf-chl-out: uRMa5TNXCgRuTd9EQFsWdhoW0Sbkk5In2EYIo7w3BxxPufvBpzPro+eby2ssKKFlvDbMROwCwLjs3zkxPWhUeVFVAP1NdxrWnnwFY9ShhSMiPoJKmlTLCTJT8qTgqV0V$645HXieSn2byJbipuBMuNg==
cf-chl-out-s: 3RyUn8VY4DDMo/ulhhrL16EI1RybkLhpzXsMt+IjrtyKaYMJn5TpqDoBzJ8gS2ORYeiVTz8r3m4aedSfPuRmv6cbjcFNqyVF/jF8tTjyNXI2H+KJMEWCHdp1ULqEuBFGg1+esdRqccwkdyP0bsp8BLQTZlvWDPWynrynOv+IS296KRAM/PskRVOHL78zLHWyzDw6PmpD4nw120k6fy62TRnh0TA7JnJQyi8QugQVORm9TM2cfHEgsGoJaSzC411GkY0ifJ73SERvebfIGWyscz8V5Dy2k4ijjN5idH1ITjlU/mfo10RpU6G+KAkAmDWOYmK+cTdM71PO2UDZmq9iwwKuazji9LeHCVY0Yjth3ZvWDICXfCLnzsLpCyyXRlZgWIWfmQDIttl2CoVqw5DSu1lKll3c02V+g8C9ll00zOE9F2vNeRhcAAZmDTp/AYtnrOr8AgnhuOKx6wGwljkN0Q==$835RqgGyfMg6nS8E5i+o6g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb68Qqc3iF3a0hQ19gtPaBLFj8QKGl9ETICt9vQ%2B66JQ0OSYSF53kQez7B5AWLvBAZd1ftkTbJqkuc1FmESSnDzYo9BqsWNWE%2F6bd3bSbr%2BYDYnQVTmyvm45jX1Kwz3ZqnNGW61Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294ccfa6c6347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB

msedge.exe

Remote address:

172.67.192.50:443

Request

POST /?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB HTTP/2.0
host: download.megaup.net
content-length: 6890
cache-control: max-age=0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
origin: https://download.megaup.net
upgrade-insecure-requests: 1
dnt: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB&__cf_chl_tk=DHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 403

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B3v2LX4vyVvlWwl38GzdMVjz%2FP5vgwad65LqHFKascGeAhrHaEKjjqvhWXoaTwJxqLwVpIxU6gdlsyhEirkGBi2TifviECQDbtrI1sVPwdb5HBZ7YXstWFYCXRrnJdrtTlvVBVq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294cdcb5f6347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/favicon.ico

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /favicon.ico HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB&__cf_chl_tk=DHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=; path=/; expires=Thu, 20-Feb-25 22:56:12 GMT; domain=.megaup.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKS%2FlyzoLGiPZLCDQGnaYKzA%2F3eEDxX52XkWG8sOjTTFE191lXCuYqmiHE8FhwctnGjiy43o3%2BSJDae37xfvrERXIvgyoqTh4EeksAMy%2B8LRG1nh0AfGtlw4mUueJmC2R6b23x8H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294cdcb5d6347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/openads.js

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /openads.js HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: application/javascript
content-length: 19
last-modified: Sun, 12 Nov 2023 10:08:58 GMT
vary: Accept-Encoding
etag: "6550a43a-13"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8wY2FgUr03U12hZh4bSAe0xa6AkQM1lkp2UecyAlFuU2CZd3kEkHQ1UKWNVk9igoCDoO42B%2FvnXS5Ym3rtkl6rUZy3rZorbhJyz3vm4SaAA%2FVaWWAS9f5LW%2BBVql77wzysJcP01"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294ceecf86347-LHR
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/images/main_logo_inverted.png

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /images/main_logo_inverted.png HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 19 Jan 2021 21:02:46 GMT
vary: Accept-Encoding
etag: "600748f6-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLC2mRVhx0zOiM90lRE%2FRDIa1PaonyaIdXuJ1PyAxV63c00zmszeo48%2BIQu0jBrIhu%2FzqeG41RMxbwXs%2BC3isnu6ufF1IQ4Vexlv%2FztyLOaI9Evz9k%2B30eafsEkU6EcXCLJMrKLJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294ceecfa6347-LHR
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/downloadd.png

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /downloadd.png HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: image/png
content-length: 69251
last-modified: Tue, 13 Feb 2024 12:55:43 GMT
vary: Accept-Encoding
etag: "65cb66cf-10e83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=875UpPn73MLbXSdpZyVbMjdwNTtFEii9YB%2B5E%2BneBTR9PlGEp5zXHtRlKqoB3Um8vXDaNuouAmgS4dZ%2FNTFt8GzE9YFA0Z43SaSezl1Ie%2B1%2F1B6lwOPMdCZLluGEBL29EtMcsmc6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294cf6df66347-LHR
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/images/favicon.ico

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /images/favicon.ico HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=
cookie: g36FastPopSessionRequestNumber=1
cookie: a=qEpcDoVbVva4W3cawZTSfEt67FNs63rv

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: image/x-icon
last-modified: Tue, 19 Jan 2021 21:06:58 GMT
vary: Accept-Encoding
etag: W/"600749f2-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F46%2BwI8kn5h7a%2FWVmwBNZAK%2Bv7cdqgKc8c5fRjA7nl9Et1lxeMEpT5AMJ6w%2FsnWRvW1I0bH9xDF21BA0TTMS8Qr6yBcXXYf14T2SROJbADi1rVwHTfEuA2q4wtJBe7eqqKbyHlhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294dacd946347-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/downloade.png

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /downloade.png HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "90.0.818.66"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model:
sec-ch-ua-platform: "Windows"
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=
cookie: g36FastPopSessionRequestNumber=1
cookie: a=qEpcDoVbVva4W3cawZTSfEt67FNs63rv
cookie: token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:19 GMT
content-type: image/png
content-length: 1228
last-modified: Wed, 14 Feb 2024 14:08:10 GMT
vary: Accept-Encoding
etag: "65ccc94a-4cc"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nV3gbdy9z1vAe0sUrP%2F78%2BP4bozfgvQd%2BumLHztIknPAmfPGuKaszbTqtH2qxgR2MEzY7M8XiYu4rSK4501AU4x2MInxjJmBa3Cf46%2FEH4gew3HvPEOXsaXLeDbolKqcz48cqtvt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294fca9ae6347-LHR
alt-svc: h3=":443"; ma=86400
GET

https://download.megaup.net/favicon.ico

msedge.exe

Remote address:

172.67.192.50:443

Request

GET /favicon.ico HTTP/2.0
host: download.megaup.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=
cookie: g36FastPopSessionRequestNumber=1
cookie: a=qEpcDoVbVva4W3cawZTSfEt67FNs63rv
cookie: token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q

Response

HTTP/2.0 302

date: Wed, 21 Feb 2024 22:56:21 GMT
content-type: text/html; charset=UTF-8
location: https://megaup.net
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9jnfgQ4z%2F8q40dC9uavp6XiP41BmoUBPcIByK0ZrwtqkIzANPW4fWbSmSiMQOH3LhOSJ3p2b92J9TEaCaEH8FkWy3PTBD1CuxHSZBvteY3QZBBIe4kIxHCA%2FJm5KP%2BX1EM0Y3V3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859295053cf96347-LHR
alt-svc: h3=":443"; ma=86400
OPTIONS

https://a.nel.cloudflare.com/report/v3?s=kD857Wpnu2Xyw1eI2zlET%2FwAvJ3VQGvmHqfMjeUuhPN78EhQhgc7GcrwhkA7%2FiL2Dn5XO0vsspFA5f1HoyNObIwC9j%2Bt9dQFp6skEoU82ABDS2xGTi1bkfHybT2IWAWoxBH7ckG2

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v3?s=kD857Wpnu2Xyw1eI2zlET%2FwAvJ3VQGvmHqfMjeUuhPN78EhQhgc7GcrwhkA7%2FiL2Dn5XO0vsspFA5f1HoyNObIwC9j%2Bt9dQFp6skEoU82ABDS2xGTi1bkfHybT2IWAWoxBH7ckG2 HTTP/2.0
host: a.nel.cloudflare.com
origin: https://download.megaup.net
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://download.megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294b21e8f63c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:10 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 859294b318017324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/hEl5hztDgMrsMc%2BrRYLC83cxIufv%2BmUci2forpa%2B7PU%3D

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/cmg/1/hEl5hztDgMrsMc%2BrRYLC83cxIufv%2BmUci2forpa%2B7PU%3D HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:10 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 859294c06b767324-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=859294b318017324

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=859294b318017324 HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 859294c06b787324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a

msedge.exe

Remote address:

104.17.2.184:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a HTTP/2.0
host: challenges.cloudflare.com
content-length: 3475
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
cf-challenge: c703ee597a78c3a
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:10 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: XSsUoh8l2R4B/RSVcT2ypGBSnx8VnJSJgZSagGzM2XZjYw0/Ll2AZNTYe1WjK1ioyFYjtgfq/q6ZxNvQBZyXde2rni0DJXm24KIjWh6qQA+qQZxLIkHN/Q7agrdXvxPCLwnrDfIG7v8We8n2JlZuWQYnltciVao+kul/LaAgF9/07IyK7rdnyZsMIwpY8zGxtge/dok88LD+p0jW9wXmXiYuqC2gcRsQjnsPJIha0PyL8p7YCf4AtWFeVNXypFO33WZsOxN2zsvJTGD+j2tDNEYXiYPm1advb+ODN7/pSw1BhVw3vk6ytNVSTahbjHiM5EhNQW9zCsLTfHBl6h/GHGGB+FSmTQvxvuWUJQoHl7mV6HocGaVt2eh7USwoWigDh0MvNbS7EPTAiioBR8JGPB4zGXPMw8nv5e2yxd1onNw=$nw4sEOeAO0CH3PVKNOrGVQ==
server: cloudflare
cf-ray: 859294c18ca77324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/859294b318017324/1708556170504/89898f0fbce3bc17a182fb4227252e470ab71d94f72507e6898daee8d442465c/-t5nAi6dIXqo-m9

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/pat/859294b318017324/1708556170504/89898f0fbce3bc17a182fb4227252e470ab71d94f72507e6898daee8d442465c/-t5nAi6dIXqo-m9 HTTP/2.0
host: challenges.cloudflare.com
cache-control: max-age=0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

date: Wed, 21 Feb 2024 22:56:11 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20giYmPD7zjvBehgvtCJyUuRwq3HZT3JQfmiY2u6NRCRlwAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAkt02FQ_ncs0qYXM4lkWjTMwLvuYceZhJUKY-eGZxlP0l6WD4MTwRQZMEpcnIqgFfxZR-DmU46SdaHXKJtGZzBK4jJ05tUhmafe7B-kFggeJTL_XYP0r1EvL5SgGr81BLJob9k84Fhn1nz7Qhr7DPXqQc-aJCbR1TmVFGYvKYYff4_U9QAdvSpHUwSxAlbb9GFZMWy1YUIEJyd2GvjTc7XEOFQ-V5wyGyjI9DU2my2bKlKysC7YJp7WMaSs5Mkt0aQY2eKt-kbbptnsZ3eOqH8oKB-ErfP-ps_GCjPgLvwJY2yUjZzcEoV2ikyUwKSlv-bHe8Uj-yeysvhSWvHkYoNQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIImJjw-847wXoYL7QiclLkcKtx2U9yUH5omNrujUQkZcABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtieFeQ1mn7Pqyvd7K-2ngQIub-aM65wQRENNEkWwe_le08rbJrWfDe9Mpm7s_QDnnyM-o4wCNDtYhjJYFxjZWAbZ9LPKc0TCymAh5TbJ-K37FcDrYUR9lga9vkNTjHp_ij7DALZnUXFnr6dD3NOT8-l9BZgSAYW-5ktB52BR5qbxSfZ6up3monYj-49uhol8BatgkkJm2I3O3VnlV7Es2nm1tEFBQxUOV3mCNi_BTM4yKLVao4g4e2jzEzV1xRR8k1eNQd-_fUSNjsOyaIfLpk3k0eX4rHV7SsNxUFVwYvFGLmszKpGmxZuHJhQdiHVgPXeZXue8UP3cgr-4aRgM6wIDAQAB, max-age=20
server: cloudflare
cf-ray: 859294c71b257324-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/859294b318017324/1708556170504/O0hHK1ty-PNO5lt

msedge.exe

Remote address:

104.17.2.184:443

Request

GET /cdn-cgi/challenge-platform/h/b/i/859294b318017324/1708556170504/O0hHK1ty-PNO5lt HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:11 GMT
content-type: image/png
server: cloudflare
cf-ray: 859294c77bc87324-LHR
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a

msedge.exe

Remote address:

104.17.2.184:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a HTTP/2.0
host: challenges.cloudflare.com
content-length: 27539
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
cf-challenge: c703ee597a78c3a
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: r22eA4Jx6UIJ8nZ+0GEUFc4ODt5t4AbDplASw0Asi7mc1S2S2TwsETqF/e8tK/QP5Vp2ZwQuP7CkCqL4a7osI6QKj662XZWGB4XTaNvRuWiI18yO+F3iBF54SlOYhw6V$qKVUat6yYORR8FpxoeO7WA==
cf-chl-out-s: 46MHPbdOxM2JcJ0mebTcJgaEf9atYOon+yVIkUJ2lQUakylG5p0x17q94jYngtd26YZo0f6ErNUAKUdvMkmWteYZ1+eImzcte5nrwDWM1UI/D+a1lz0GRtp0z0OSydvVNG/S5MYb9emw1cWxndqOYaWTSYUHQdEXEFmtoyk/s9qhIxk+XmNT6LbsnATtfzZHrhbMNbOiy3ko2VjHqu9wt6i5LU5SsVTWl+HgF9c73tvZlJjLgt57uiDeLj1j093/9MSfiI4mEM8TIMS1dShvXYncJweP8gzw0sIUVjtcOiI=$p4FpmO7zviv12gdJ/eaoEQ==
server: cloudflare
cf-ray: 859294cc38597324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://platform.bidgear.com/ads.php?domainid=5593&sizeid=12&zoneid=6192

msedge.exe

Remote address:

104.26.3.107:443

Request

GET /ads.php?domainid=5593&sizeid=12&zoneid=6192 HTTP/2.0
host: platform.bidgear.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:12 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi%2BGktVF6xL1st7pH725cXWdNKiuacGB6vzZk%2F49TZvEQOC27SN8Kf63fAZNvgxLdLkEfjYR6ewmdDCT9RXC8HvmVmpaR1%2BfkbkYrmP55wDx%2BTR1lRNRDokiY%2Bgys0SiVYUVWhTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294d059b22401-LHR
content-encoding: br
GET

https://imp9.bidgear.com/rec?t=1&z=6192&uuid=3d9e679de16a4aaa9be2d14eb7fe3839&p=36&g=GB&token=4a44335432&tbg=1708556172

msedge.exe

Remote address:

104.26.3.107:443

Request

GET /rec?t=1&z=6192&uuid=3d9e679de16a4aaa9be2d14eb7fe3839&p=36&g=GB&token=4a44335432&tbg=1708556172 HTTP/2.0
host: imp9.bidgear.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjvFO1fWaU3b5GEZyB5F%2FtZhdRklRh8%2FzSeIbo0HfOqy15i3DoZQyGmPmOFPHtjHN3CARp%2ByrWvzVCsG7XlcDNDoeHIYfIGXFgIJKnWUKsz6bbPBAKXTYSneij7to%2Fp5Ln4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859294d17ac02401-LHR
GET

https://ad.a-ads.com/1811811?size=300x250

msedge.exe

Remote address:

78.46.32.91:443

Request

GET /1811811?size=300x250 HTTP/2.0
host: ad.a-ads.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
vary: Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://download.megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
GET

https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2

msedge.exe

Remote address:

104.16.159.17:443

Request

GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/2.0
host: cdn.engine.4dsply.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Wed, 21 Feb 2024 22:40:30 GMT
cf-cache-status: HIT
expires: Wed, 21 Feb 2024 23:11:13 GMT
server: cloudflare
cf-ray: 859294d1fc667711-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://engine.4dsply.com/Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=74690&ver=async&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=601&res=1280x720&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&bp=%7B%7D

msedge.exe

Remote address:

104.16.159.17:443

Request

GET /Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=74690&ver=async&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=601&res=1280x720&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&bp=%7B%7D HTTP/2.0
host: engine.4dsply.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: proxy
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294dc18877711-LHR
alt-svc: h3=":443"; ma=86400
GET

https://engine.4dsply.com/verify?sig=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q

msedge.exe

Remote address:

104.16.159.17:443

Request

GET /verify?sig=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q HTTP/2.0
host: engine.4dsply.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://download.megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: application/json; charset=utf-8
cf-ray: 859294db1f487711-LHR
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-transform
content-encoding: gzip
set-cookie: IKSR={}; path=/; SameSite=None; secure
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR IND"
set-cookie: __INF_CC=; expires=Sun, 11-Feb-2024 22:56:14 GMT; path=/
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=24efebd7-0ed2-458b-b261-9d49c3b0543f; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=717B00; path=/; SameSite=None; secure
set-cookie: VMI=; path=/; SameSite=None; secure
set-cookie: CHN=#[]; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP={"Profile":{"Audiences":{"Audience":[],"ThirdPartyAudience":[]}},"CreatedDate":"2024-02-21T22:56:14.8069184Z"}; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#2/21/2024 10:56:14 PM; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#2/21/2024 10:56:14 PM; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#True; expires=Thu, 22-Feb-2024 02:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH=#{"22494":[{"SId":"717B00","D":"24/2/21T14:56:14"}]}; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[22494]; expires=Tue, 21-Feb-2034 22:56:14 GMT; path=/; SameSite=None; secure; HttpOnly
x-adscore-status: null
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://adxbid.info/megaupnetdynamic.js

msedge.exe

Remote address:

172.67.138.13:443

Request

GET /megaupnetdynamic.js HTTP/2.0
host: adxbid.info
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: application/javascript
last-modified: Mon, 05 Feb 2024 11:08:18 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 5143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w66Tz3oT1Gc9CVvVSKxKKumoi0Yn%2F8zvWxBqgw2Cv%2BMznoNT9fA31Blulvnh4krsXDnf6TYxL1rK%2BU%2FmOoS27UosuKVLbH2IzO64%2BDHGM7kru3k4CemqSgeOOQLiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d20cd5654f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://dotsply.com/pixel/fetch

msedge.exe

Remote address:

172.66.40.43:443

Request

GET /pixel/fetch HTTP/2.0
host: dotsply.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=86400
expires: Thu, 22 Feb 2024 22:12:39 GMT
last-modified: Wed, 21 Feb 2024 22:12:39 GMT
vary: *, Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
p3p: CP="CAO PSA OUR IND"
cf-cache-status: HIT
age: 1042
server: cloudflare
cf-ray: 859294d36f187737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://c.adsco.re/

msedge.exe

Remote address:

104.17.166.186:443

Request

GET / HTTP/2.0
host: c.adsco.re
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 23 Mar 2024 22:56:13 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 626542
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d3cf8d891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://c.adsco.re/

msedge.exe

Remote address:

104.17.166.186:443

Request

GET / HTTP/2.0
host: c.adsco.re
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 23 Mar 2024 22:56:14 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 626543
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d93f43891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://c.adsco.re/

msedge.exe

Remote address:

104.17.166.186:443

Request

GET / HTTP/2.0
host: c.adsco.re
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://c.adsco.re/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 23 Mar 2024 22:56:14 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 626543
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d9bfcf891e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://6.adsco.re/

msedge.exe

Remote address:

104.17.167.186:443

Request

GET / HTTP/2.0
host: 6.adsco.re
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://download.megaup.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
purpose: prefetch
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:13 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://download.megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d5294d385c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://6.adsco.re/

msedge.exe

Remote address:

104.17.167.186:443

Request

GET / HTTP/2.0
host: 6.adsco.re
origin: https://c.adsco.re
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
purpose: prefetch
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://c.adsco.re/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://c.adsco.re
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d9ae23385c-LHR
alt-svc: h3=":443"; ma=86400
GET

https://6.adsco.re:2087/

msedge.exe

Remote address:

104.17.167.186:2087

Request

GET / HTTP/2.0
host: 6.adsco.re:2087
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://download.megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:56:14 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://download.megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 859294d9acee888b-LHR
alt-svc: h3=":2087"; ma=86400
GET

https://tags.crwdcntrl.net/c/4575/cc_af.js

msedge.exe

Remote address:

18.165.201.65:443

Request

GET /c/4575/cc_af.js HTTP/2.0
host: tags.crwdcntrl.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
last-modified: Mon, 03 Oct 2022 20:58:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 21 Feb 2024 12:00:16 GMT
cache-control: public, max-age=86400
etag: W/"09cbe8bc81a16aa97f13458c21729605"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f5db034a9eef3b097715a6b5d2c824a8.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P3
x-amz-cf-id: imutu9Q1IYBX8e_YUCnOlH7WsRYaeVvAAz5O18rJ7pdUKeFm62nF2g==
age: 39360
GET

https://f2.megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar?download_token=2e50d59ef47db6923ab3a90f2ea25ba18469a432335f71003e7276eac25a9016

msedge.exe

Remote address:

145.239.65.72:443

Request

GET /5uer/Command.and.Conquer.Renegade.v1.037.rar?download_token=2e50d59ef47db6923ab3a90f2ea25ba18469a432335f71003e7276eac25a9016 HTTP/2.0
host: f2.megaup.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gid=GA1.2.2118792876.1708556154
cookie: _gat_gtag_UA_108868042_1=1
cookie: _ga=GA1.1.1374742328.1708556154
cookie: _ga_Z9TE2LW16Q=GS1.1.1708556154.1.0.1708556167.0.0.0
cookie: cf_clearance=JGRkqiBBz4XyWM2_R0bNEW2Ict5pv88XYYpZM_VnTfY-1708556167-1.0-AdiL301r0DdFUoAID1wVYHV3d/psEtq9hHEEKCJTGYcUf9UxUcfbOjQjSUDLsSLmSVIm8R8Nm3hbBUlsnX5JYn0=

Response

HTTP/2.0 200

server: nginx
date: Wed, 21 Feb 2024 22:56:23 GMT
content-type: application/x-rar-compressed
content-length: 572227219
last-modified: Thu, 20 Sep 2018 16:01:46 GMT
vary: Accept-Encoding
set-cookie: filehosting=ou92viut3q10at2uj14jhai214; expires=Thu, 22-Feb-2024 22:56:21 GMT; Max-Age=86400; path=/
expires: 0
cache-control: must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-disposition: attachment; filename="Command.and.Conquer.Renegade.v1.037.rar"
etag: "5ba3c46a-221b7e93"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
OPTIONS

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1

msedge.exe

Remote address:

178.250.1.11:443

Request

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1 HTTP/2.0
host: gum.criteo.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://download.megaup.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Wed, 21 Feb 2024 22:56:52 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://download.megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 223959
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1

msedge.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: application/json
accept: */*
origin: https://download.megaup.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Wed, 21 Feb 2024 22:56:53 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://download.megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 200685
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
OPTIONS

https://s333.adxpremium.services/graphql

msedge.exe

Remote address:

185.106.140.19:443

Request

OPTIONS /graphql HTTP/1.1
Host: s333.adxpremium.services
Connection: keep-alive
Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-Fetch-Dest: empty
Referer: https://download.megaup.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Wed, 21 Feb 2024 22:56:55 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST
Access-Control-Allow-Headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
Access-Control-Expose-Headers: X-GraphQL-Event-Stream
X-GraphQL-Event-Stream: /graphql/stream
POST

https://s333.adxpremium.services/graphql

msedge.exe

Remote address:

185.106.140.19:443

Request

POST /graphql HTTP/1.1
Host: s333.adxpremium.services
Connection: keep-alive
Content-Length: 265
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Content-Type: application/json
Accept: */*
Origin: https://download.megaup.net
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://download.megaup.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Wed, 21 Feb 2024 22:56:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 84
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST
Access-Control-Allow-Headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
Access-Control-Expose-Headers: X-GraphQL-Event-Stream
X-GraphQL-Event-Stream: /graphql/stream
GET

https://engine.4dsply.com/fp.engine?id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=undefined&ver=async&time=0&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&subId=&tid=&abr=false&stdTime=0&res=1280x720&fpe=1&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&spt=0

msedge.exe

Remote address:

104.16.158.17:443

Request

GET /fp.engine?id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=undefined&ver=async&time=0&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&subId=&tid=&abr=false&stdTime=0&res=1280x720&fpe=1&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&spt=0 HTTP/2.0
host: engine.4dsply.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Wed, 21 Feb 2024 22:57:19 GMT
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
location: /Redirect.eng?MediaSegmentId=67932&dcid=1_ctx_e3c32b21-e2e7-476e-8beb-cdd88dedec38&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=0&dst=False&v=J-UdGRUfUY_bqtSyQoLO6Nxxy-jNB8bt_WbwHDDxhSWCdQXrcRS2XcpjTJW_2-Q2KI3J-vSH-y6gC7mWFuxO1DdzZKWVaACnIiiOWnJudaTYLvpssd8YmMsmVOMF8SyhMhlzfA2V8uXeTyvrm6QF-K-Awr7yBkxChyqLEuVaxl5GQgC21XcTI3hHsaeOU5jnetXp3XFmbtKiPxVEixmjD2kw5OWQ3u_ZT-k9fFSwf-qbYJ4ByzVWnhg8XiWdElBMpRxJeB_URkdhrF2PjcJHCI5IihYL_XygmLh_dwv5FieQ441US7RWNdDvoruJKozQuQFlwkZuxPTkP1-tBSSLsClxcL4bwjZ7WXMIFn_zYPf1MP2oScgbCXtx0SMqVb9wvxzRv4MDZyvx2sKHib1ZHAlWnjs8S2N0qNDDGpVnum7VuU-9ea29ccZ1sHe_sdGl2wh51rmODeKHzDCPY6Hw_gr2MmjM8vXPqNNnF2L4dMwHnfGe5i8WXvUZ8CocSvM3G_vqD6VCsA-P6hc7WlIgow_hsbki_rxuhU4uHTV74ecGCZClI8K0fjdiIPJdtX5NHmE0lUtJF4P6RLg-bzYJ9utOARnebBYt_OY2T8RKC5g_3PE6ur-kh_Mk8GDbw0ZDhq6mJjXQCXsh5fG5_WnKr8hBu81Vqqnsror5nAxyRnnJo_Qc1A38V1LsfXclQw5b7c3iXkZJRqnxWIZvHZhY0y_jRfDG7p65jB5UBlyr4TaK-pVAvtxZGCqfKUd78sX_WF_hb01cQ-f2Bf2M0nWcRjw8IbPEYUwHLrd1HaD0mCXG2GHQaDq9ya8QX0A7cxQeDNUnbK2tRuJcpTNufjeAPdtISSItMw7TDS2bt_GyKpZr2I9_KxrllfvJTy4KEAvGkmRQaxmBvC13vYy3cFYNnvbKP-3OfOgcSL5Ij9qv8Hh3dhZJRJGC5wTx1tvjqDFO_AgyS54n2fDb4wCYnhRZ5vGqkB5cI-z6SEzCM993uLLFp5dGOOBFZgxcyU3V_U5eX4Rv-7CXXUk4b4uFyJl4_6_H5Ut9CrS8Ms2EefN3VU0JVFikSIXQ5r6myCSh2sh6oR7J4bvksspWptDVyDYeZDxa-kosVVfor6wdgC9MhgV_rN1RcZaMrqATZzlpmbbIV_OsFiOd4yOmWENyHbfb0q0hKZ9CkJbwtljsL2THxnq0bu9-UWqsK5DBCx3pbzj0Vq6fdPS52XrhZQGU2at6K11VODA7Czmx2phufmPXtrUP_htnQvuzOrypRbHXXLNlFqUPWcI-dAvGQfAqkco0dA2&kw=&mw=1024&mh=768&res=1280x720&spt=0&kw=
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=1c4cfbf9-b39c-4249-a530-01193338cc6d; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=717B01; path=/; SameSite=None; secure
set-cookie: VMI=; path=/; SameSite=None; secure
set-cookie: IPLH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: CHN=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP=null; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#False; expires=Thu, 22-Feb-2024 02:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH=#{}; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:19 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 859296714e5963fd-LHR
alt-svc: h3=":443"; ma=86400
GET

https://engine.4dsply.com/Redirect.eng?MediaSegmentId=67932&dcid=1_ctx_e3c32b21-e2e7-476e-8beb-cdd88dedec38&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=0&dst=False&v=J-UdGRUfUY_bqtSyQoLO6Nxxy-jNB8bt_WbwHDDxhSWCdQXrcRS2XcpjTJW_2-Q2KI3J-vSH-y6gC7mWFuxO1DdzZKWVaACnIiiOWnJudaTYLvpssd8YmMsmVOMF8SyhMhlzfA2V8uXeTyvrm6QF-K-Awr7yBkxChyqLEuVaxl5GQgC21XcTI3hHsaeOU5jnetXp3XFmbtKiPxVEixmjD2kw5OWQ3u_ZT-k9fFSwf-qbYJ4ByzVWnhg8XiWdElBMpRxJeB_URkdhrF2PjcJHCI5IihYL_XygmLh_dwv5FieQ441US7RWNdDvoruJKozQuQFlwkZuxPTkP1-tBSSLsClxcL4bwjZ7WXMIFn_zYPf1MP2oScgbCXtx0SMqVb9wvxzRv4MDZyvx2sKHib1ZHAlWnjs8S2N0qNDDGpVnum7VuU-9ea29ccZ1sHe_sdGl2wh51rmODeKHzDCPY6Hw_gr2MmjM8vXPqNNnF2L4dMwHnfGe5i8WXvUZ8CocSvM3G_vqD6VCsA-P6hc7WlIgow_hsbki_rxuhU4uHTV74ecGCZClI8K0fjdiIPJdtX5NHmE0lUtJF4P6RLg-bzYJ9utOARnebBYt_OY2T8RKC5g_3PE6ur-kh_Mk8GDbw0ZDhq6mJjXQCXsh5fG5_WnKr8hBu81Vqqnsror5nAxyRnnJo_Qc1A38V1LsfXclQw5b7c3iXkZJRqnxWIZvHZhY0y_jRfDG7p65jB5UBlyr4TaK-pVAvtxZGCqfKUd78sX_WF_hb01cQ-f2Bf2M0nWcRjw8IbPEYUwHLrd1HaD0mCXG2GHQaDq9ya8QX0A7cxQeDNUnbK2tRuJcpTNufjeAPdtISSItMw7TDS2bt_GyKpZr2I9_KxrllfvJTy4KEAvGkmRQaxmBvC13vYy3cFYNnvbKP-3OfOgcSL5Ij9qv8Hh3dhZJRJGC5wTx1tvjqDFO_AgyS54n2fDb4wCYnhRZ5vGqkB5cI-z6SEzCM993uLLFp5dGOOBFZgxcyU3V_U5eX4Rv-7CXXUk4b4uFyJl4_6_H5Ut9CrS8Ms2EefN3VU0JVFikSIXQ5r6myCSh2sh6oR7J4bvksspWptDVyDYeZDxa-kosVVfor6wdgC9MhgV_rN1RcZaMrqATZzlpmbbIV_OsFiOd4yOmWENyHbfb0q0hKZ9CkJbwtljsL2THxnq0bu9-UWqsK5DBCx3pbzj0Vq6fdPS52XrhZQGU2at6K11VODA7Czmx2phufmPXtrUP_htnQvuzOrypRbHXXLNlFqUPWcI-dAvGQfAqkco0dA2&kw=&mw=1024&mh=768&res=1280x720&spt=0&kw=

msedge.exe

Remote address:

104.16.158.17:443

Request

GET /Redirect.eng?MediaSegmentId=67932&dcid=1_ctx_e3c32b21-e2e7-476e-8beb-cdd88dedec38&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=0&dst=False&v=J-UdGRUfUY_bqtSyQoLO6Nxxy-jNB8bt_WbwHDDxhSWCdQXrcRS2XcpjTJW_2-Q2KI3J-vSH-y6gC7mWFuxO1DdzZKWVaACnIiiOWnJudaTYLvpssd8YmMsmVOMF8SyhMhlzfA2V8uXeTyvrm6QF-K-Awr7yBkxChyqLEuVaxl5GQgC21XcTI3hHsaeOU5jnetXp3XFmbtKiPxVEixmjD2kw5OWQ3u_ZT-k9fFSwf-qbYJ4ByzVWnhg8XiWdElBMpRxJeB_URkdhrF2PjcJHCI5IihYL_XygmLh_dwv5FieQ441US7RWNdDvoruJKozQuQFlwkZuxPTkP1-tBSSLsClxcL4bwjZ7WXMIFn_zYPf1MP2oScgbCXtx0SMqVb9wvxzRv4MDZyvx2sKHib1ZHAlWnjs8S2N0qNDDGpVnum7VuU-9ea29ccZ1sHe_sdGl2wh51rmODeKHzDCPY6Hw_gr2MmjM8vXPqNNnF2L4dMwHnfGe5i8WXvUZ8CocSvM3G_vqD6VCsA-P6hc7WlIgow_hsbki_rxuhU4uHTV74ecGCZClI8K0fjdiIPJdtX5NHmE0lUtJF4P6RLg-bzYJ9utOARnebBYt_OY2T8RKC5g_3PE6ur-kh_Mk8GDbw0ZDhq6mJjXQCXsh5fG5_WnKr8hBu81Vqqnsror5nAxyRnnJo_Qc1A38V1LsfXclQw5b7c3iXkZJRqnxWIZvHZhY0y_jRfDG7p65jB5UBlyr4TaK-pVAvtxZGCqfKUd78sX_WF_hb01cQ-f2Bf2M0nWcRjw8IbPEYUwHLrd1HaD0mCXG2GHQaDq9ya8QX0A7cxQeDNUnbK2tRuJcpTNufjeAPdtISSItMw7TDS2bt_GyKpZr2I9_KxrllfvJTy4KEAvGkmRQaxmBvC13vYy3cFYNnvbKP-3OfOgcSL5Ij9qv8Hh3dhZJRJGC5wTx1tvjqDFO_AgyS54n2fDb4wCYnhRZ5vGqkB5cI-z6SEzCM993uLLFp5dGOOBFZgxcyU3V_U5eX4Rv-7CXXUk4b4uFyJl4_6_H5Ut9CrS8Ms2EefN3VU0JVFikSIXQ5r6myCSh2sh6oR7J4bvksspWptDVyDYeZDxa-kosVVfor6wdgC9MhgV_rN1RcZaMrqATZzlpmbbIV_OsFiOd4yOmWENyHbfb0q0hKZ9CkJbwtljsL2THxnq0bu9-UWqsK5DBCx3pbzj0Vq6fdPS52XrhZQGU2at6K11VODA7Czmx2phufmPXtrUP_htnQvuzOrypRbHXXLNlFqUPWcI-dAvGQfAqkco0dA2&kw=&mw=1024&mh=768&res=1280x720&spt=0&kw= HTTP/2.0
host: engine.4dsply.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0"
sec-ch-ua-model: ""
referer: https://download.megaup.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: INF_DFL8=false
cookie: IUID=1c4cfbf9-b39c-4249-a530-01193338cc6d
cookie: ISSH=717B01
cookie: VMI=
cookie: IPLH=#{}
cookie: IPLH_Q=#[]
cookie: CHN=#[]
cookie: MSSH=#{}
cookie: MSRH=#{}
cookie: ILP=null
cookie: ILPLU=#1/1/0001 12:00:00 AM
cookie: ILEALC=#1/1/0001 12:00:00 AM
cookie: ILMPF=#False
cookie: IPMPLU=#1/1/0001 12:00:00 AM
cookie: IPMUID=#
cookie: BSWUID=#
cookie: IKSR={}
cookie: IBL=#[]
cookie: IPLSH=#{}
cookie: IPLSH_Q=#[]
cookie: IZH=#{}
cookie: IZH_Q=#[]
cookie: IMCH=#{}
cookie: IMCH_Q=#[]
cookie: IMH=#{}
cookie: IMH_Q=#[]
cookie: ISH=#{}
cookie: ISH_Q=#[]
cookie: ISPH=#{}
cookie: ISPH_Q=#[]
cookie: ICH=#{}
cookie: ICH_Q=#[]

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:57:20 GMT
content-type: text/html; charset=utf-8
content-length: 241
cache-control: private, no-transform
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=1c4cfbf9-b39c-4249-a530-01193338cc6d; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=717B01; path=/; SameSite=None; secure
set-cookie: VMI=e3e20997-ea75-4714-ab1f-5d7f16f6efc3; path=/; SameSite=None; secure
set-cookie: IPLH=#{"95528":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLH_Q=#[95528]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: CHN=#[]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP=null; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#False; expires=Thu, 22-Feb-2024 02:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#1/1/0001 12:00:00 AM; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH=#{"22494_95528":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPLSH_Q=#["22494_95528"]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH=#{"80770":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IZH_Q=#[80770]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH=#{}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMCH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH=#{"109826":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IMH_Q=#[109826]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH=#{}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH=#{"22494":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISPH_Q=#[22494]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH=#{"46843":[{"SId":"717B01","D":"24/2/21T14:57:20"}]}; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ICH_Q=#[46843]; expires=Tue, 21-Feb-2034 22:57:20 GMT; path=/; SameSite=None; secure; HttpOnly
p3p: CP="CAO PSA OUR IND"
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 85929673996d63fd-LHR
alt-svc: h3=":443"; ma=86400
GET

https://www.ovardu.com/cmp/3LJWDLH/HN7SG7/?sub1=22494&sub2=85a93495-e7b5-4a1f-bf03-1f95a4e7d9e3

msedge.exe

Remote address:

104.21.96.72:443

Request

GET /cmp/3LJWDLH/HN7SG7/?sub1=22494&sub2=85a93495-e7b5-4a1f-bf03-1f95a4e7d9e3 HTTP/2.0
host: www.ovardu.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://engine.4dsply.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Wed, 21 Feb 2024 22:57:20 GMT
content-type: text/html; charset=utf-8
location: https://enlisted.net/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
x-eflow-request-id: 0dcb98fe-6759-4c7a-b2e9-d508c62f6c04
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
x-served-by: cache-lcy-eglc8600041-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1708556240.342775,VS0,VE310
vary: Origin
set-cookie: uniqueClick_HN7SG7=18541224-e4d3-462a-a1e8-96b6cdf8006a:1708556240; Path=/; Expires=Thu, 22 Feb 2024 22:57:20 GMT; SameSite=None; Secure
set-cookie: transaction_id=e5ba1eebf403418597460ef586da5f01; Path=/; Expires=Tue, 21 May 2024 22:57:20 GMT; SameSite=None; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3%2B%2Fa0SOPMiCb8XKB%2B8F%2BAUnNGk5OxxwqLVxSwrmNbiU5lRXOgm1Lp6P5aYrFQ6vTke3s%2Bkw%2Bqcnf9%2BhCvYdt0d4V8Spt0THc%2FB%2B3HOI9U8ul11H8SCQRxX7WtvSlOia5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 859296761d344182-LHR
alt-svc: h3=":443"; ma=86400
GET

https://enlisted.net/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

msedge.exe

Remote address:

172.67.14.1:443

Request

GET /play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01 HTTP/2.0
host: enlisted.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
referer: https://engine.4dsply.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Wed, 21 Feb 2024 22:57:20 GMT
content-type: text/html; charset=UTF-8
location: https://enlisted.net/en/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
x-powered-by: PHP/8.0.3
set-cookie: identity_sid=85dt3tf274fcfcoem2t8595so0; expires=Wed, 06-Mar-2024 22:57:20 GMT; Max-Age=1209600; path=/
set-cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==; expires=Thu, 20-Feb-25 22:57:20 GMT; domain=enlisted.net; path=/
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 21 Feb 2024 21:57:20 +0000
last-modified: Wed, 21 Feb 2024 22:57:20 GMT
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 859296795b2d6553-LHR
GET

https://enlisted.net/en/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

msedge.exe

Remote address:

172.67.14.1:443

Request

GET /en/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01 HTTP/2.0
host: enlisted.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
referer: https://engine.4dsply.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: identity_sid=85dt3tf274fcfcoem2t8595so0
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==

Response

HTTP/2.0 301

date: Wed, 21 Feb 2024 22:57:20 GMT
content-type: text/html; charset=UTF-8
location: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
x-powered-by: PHP/8.0.3
cache-control: private, max-age=10800
last-modified: Wed, 21 Feb 2024 16:25:57 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8592967a1c746553-LHR
GET

https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

msedge.exe

Remote address:

172.67.14.1:443

Request

GET /en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01 HTTP/2.0
host: enlisted.net
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
referer: https://engine.4dsply.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: identity_sid=85dt3tf274fcfcoem2t8595so0
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:57:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.3
set-cookie: language=en; expires=Thu, 20-Feb-2025 22:57:21 GMT; Max-Age=31536000; path=/; domain=enlisted.net; HttpOnly
set-cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568; expires=Thu, 20-Feb-2025 22:57:21 GMT; Max-Age=31536000; path=/; domain=enlisted.net
set-cookie: partner_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=enlisted.net
set-cookie: partner_info=aHR0cHM6Ly9lbmxpc3RlZC5uZXQvZW4vcGxheTRmcmVlLz9yPXB3bmNwcF8yOTU0XzIyNDk0JnRyYW5zYWN0aW9uX2lkPWU1YmExZWViZjQwMzQxODU5NzQ2MGVmNTg2ZGE1ZjAx; expires=Fri, 22-Mar-2024 22:57:21 GMT; Max-Age=2592000; path=/; HttpOnly
set-cookie: ref_name=pwncpp; path=/; domain=enlisted.net; HttpOnly
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 21 Feb 2024 21:57:21 +0000
last-modified: Wed, 21 Feb 2024 22:57:21 GMT
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8592967a8d006553-LHR
content-encoding: gzip
GET

https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/landings/play4free.styles.css?v=bcc4f6d HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/vendor.js?v=bcc4f6d

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/vendor.js?v=bcc4f6d HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/landings/play4free.js?v=bcc4f6d

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/landings/play4free.js?v=bcc4f6d HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/5d1177153fa575e9b2ee4ead86215beb.png

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/5d1177153fa575e9b2ee4ead86215beb.png HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/f5fa49519b7862bed6197f6ecf054110.png

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/f5fa49519b7862bed6197f6ecf054110.png HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/b946878de9a2efe9459be6e75febaca2.png

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/b946878de9a2efe9459be6e75febaca2.png HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/e6a791244e5cce4ec7099eb90b7b577b.png

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/e6a791244e5cce4ec7099eb90b7b577b.png HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/footer-incubator-logo.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/footer-incubator-logo.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/footer-darkflow-logo.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/footer-darkflow-logo.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/sysreqs.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/sysreqs.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/rate-age.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/rate-age.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/rate-esrb.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/rate-esrb.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/rate-usk.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/rate-usk.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/fonts/rate-pegi.svg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/fonts/rate-pegi.svg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/aa49df6140e6686b245b0aadd5abc695.jpg

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/aa49df6140e6686b245b0aadd5abc695.jpg HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/modern-3/en/images/46691d86af35e0251bd1ffa4e173f40e.png

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /modern-3/en/images/46691d86af35e0251bd1ffa4e173f40e.png HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
GET

https://static.enlisted.net/i/lp/back.mp4

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /i/lp/back.mp4 HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
range: bytes=0-
GET

https://static.enlisted.net/i/lp/back.mp4

msedge.exe

Remote address:

93.123.11.62:443

Request

GET /i/lp/back.mp4 HTTP/2.0
host: static.enlisted.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
accept-encoding: identity;q=1, *;q=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: video
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-language: en-US,en;q=0.9
cookie: conntrack=rBMPDGXWf9C51H9SaBXrAg==
cookie: language=en
cookie: afsId=0C0F13ACD07FD665527FD4B902EB1568
cookie: ref_name=pwncpp
range: bytes=9994240-10023124
if-range: "64b76a59-98f0d5"
GET

https://bat.bing.com/bat.js

msedge.exe

Remote address:

204.79.197.200:443

Request

GET /bat.js HTTP/2.0
host: bat.bing.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE19B40269A84F67895071F2CDE6B522 Ref B: LON04EDGE1214 Ref C: 2024-02-21T22:57:22Z
date: Wed, 21 Feb 2024 22:57:21 GMT
GET

https://mc.yandex.ru/metrika/tag.js

msedge.exe

Remote address:

87.250.251.119:443

Request

GET /metrika/tag.js HTTP/2.0
host: mc.yandex.ru
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://consent.cookiefirst.com/banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true

msedge.exe

Remote address:

143.244.38.136:443

Request

GET /banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true HTTP/2.0
host: consent.cookiefirst.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 21 Feb 2024 22:57:22 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Cookie First CDN-UK1-886
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: GB
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
etag: W/"65ccc669-10911"
last-modified: Wed, 14 Feb 2024 13:55:53 GMT
cdn-storageserver: UK-624
cdn-fileserver: 682
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/14/2024 13:55:53
cdn-edgestorageid: 886
visitor-location: GB
cdn-status: 200
cdn-requestid: b2e31c0862fc56536df3a7fc36397812
cdn-cache: HIT
content-encoding: br
GET

https://s.yimg.com/wi/ytc.js

msedge.exe

Remote address:

87.248.114.11:443

Request

GET /wi/ytc.js HTTP/2.0
host: s.yimg.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1519026399.1708556242&url=https%3A%2F%2Fenlisted.net%2Fen%2Fplay4free%2F&dma=0&npa=0&gtm=45He42h0n81TFJVH5Fv79387493za200&auid=1659123785.1708556242

msedge.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1519026399.1708556242&url=https%3A%2F%2Fenlisted.net%2Fen%2Fplay4free%2F&dma=0&npa=0&gtm=45He42h0n81TFJVH5Fv79387493za200&auid=1659123785.1708556242 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

104.21.13.152:443

https://igg-games.cc/redirector?url=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar

tls, http2

msedge.exe

28.3kB
865.6kB
496
695

HTTP Request

GET https://igg-games.cc/3388-command-conquer-renegade-free-download.html

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/css/all.min.css?v1.0.0

HTTP Request

GET https://igg-games.cc/assets/img/logo-1.png

HTTP Request

GET https://igg-games.cc/assets/js/app.min.js?v1.0.0

HTTP Request

GET https://igg-games.cc/assets/img/link.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/img/iggbackground.jpg

HTTP Request

GET https://igg-games.cc/assets/img/home.svg

HTTP Request

GET https://igg-games.cc/assets/img/tag.svg

HTTP Request

GET https://igg-games.cc/assets/img/settings.svg

HTTP Request

GET https://igg-games.cc/assets/img/info.svg

HTTP Request

GET https://igg-games.cc/assets/img/list.svg

HTTP Request

GET https://igg-games.cc/assets/img/question.svg

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/font/font-4c91e794.woff2

HTTP Request

GET https://igg-games.cc/assets/font/font-7e3e66cb.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/js/particles.min.js?_=1708556139813

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/js/particlesjs-config.json

HTTP Response

200

HTTP Request

GET https://igg-games.cc/assets/img/1-4.jpg

HTTP Response

200

HTTP Request

GET https://igg-games.cc/redirector?url=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar

HTTP Response

302
96.17.179.184:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

468 B
1.7kB
7
6

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
172.217.16.225:443

https://3.bp.blogspot.com/-KgBXAHf-fWE/VGj5c_hwNDI/AAAAAAAAAts/Lx3B9vY1ynM/s1600/cover.jpg

tls, http2

msedge.exe

1.9kB
9.0kB
17
19

HTTP Request

GET https://3.bp.blogspot.com/-KgBXAHf-fWE/VGj5c_hwNDI/AAAAAAAAAts/Lx3B9vY1ynM/s1600/cover.jpg
199.232.192.134:443

https://igggames-cc.disqus.com/recommendations.js

tls, http

msedge.exe

3.1kB
57.4kB
31
51

HTTP Request

GET https://igggames-cc.disqus.com/embed.js

HTTP Response

200

HTTP Request

GET https://igggames-cc.disqus.com/recommendations.js

HTTP Response

200
192.243.61.225:443

pennilesscomingall.com

tls

msedge.exe

1.8kB
5.8kB
13
13
192.243.61.225:443

pennilesscomingall.com

tls

msedge.exe

3.2kB
7.1kB
16
17
151.101.0.134:443

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

tls, http

msedge.exe

6.7kB
46.8kB
32
48

HTTP Request

GET https://disqus.com/embed/comments/?base=default&f=igggames-cc&t_i=3388&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download&s_o=default

HTTP Response

200

HTTP Request

GET https://disqus.com/recommendations/?base=default&f=igggames-cc&t_u=https%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&t_d=Command%20%26%20Conquer%20Renegade%20Free%20Download&t_t=Command%20%26%20Conquer%20Renegade%20Free%20Download

HTTP Response

200

HTTP Request

GET https://disqus.com/next/config.js

HTTP Response

200

HTTP Request

GET https://disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

HTTP Response

200

HTTP Request

GET https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=igggames-cc&thread=url%3Ahttps%3A%2F%2Figg-games.cc%2F3388-command-conquer-renegade-free-download.html&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

HTTP Response

200
216.137.44.100:443

https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

tls, http2

msedge.exe

22.1kB
636.5kB
384
480

HTTP Request

GET https://c.disquscdn.com/next/embed/common.bundle.8206e89799ee4181c95ad226ce8a6edb.js

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/recommendations/common.bundle.7cc23efb3b28d49881e87b3f75f6026a.js

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/embed/styles/lounge.20aeaf1ce78e43e05e713a3d26336e90.css

HTTP Request

GET https://c.disquscdn.com/next/embed/lounge.bundle.cfb08e519cc11c5aa744975ff08a4308.js

HTTP Request

GET https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

HTTP Request

GET https://c.disquscdn.com/next/recommendations/recommendations.bundle.c32c8fc7358a20ee5907be6e81b685a8.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/svg-sprite.6d7ccb1c98b314b20422a2c2f0497a7f.svg

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2020%2F10%2FBaldurs-Gate-3-Free-Download.jpg&key=xp7O07KcIdvGD5borD2LZg&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FUNDYING-Free-Download.jpg&key=wb6umhMRgUW9-6vlRMwz0A&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FFetish-Locator-Week-Two-Free-Download.jpg&key=8E7fwaeXnDlx6qIKs32_sg&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FBassmaster-Fishing-2022-Free-Download.jpg&key=-CFqS0ARPGcgsiKqt_iHWg&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FLady-in-Tomb-Free-Download.jpg&key=mCE9GsNbZE5LtGmsaOixGQ&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAlisa-Free-Download.jpg&key=oJloFxRNciJcjRL4UDM64w&h=200

HTTP Request

GET https://c.disquscdn.com/get?url=https%3A%2F%2Figg-games.com%2Fwp-content%2Fuploads%2F2021%2F10%2FAxis-Allies-1942-Online-Free-Download.jpg&key=nx3oTH7e9x-vn7MpQuHA1w&h=200

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png

HTTP Request

GET https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
216.137.44.100:443

https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2

tls, http2

msedge.exe

2.5kB
18.4kB
21
24

HTTP Request

GET https://c.disquscdn.com/next/embed/lounge.load.d6b40c72d6a65395e295d066c35450c7.js

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/recommendations/recommendations.load.ebfb6efa9e61d3e8fa4ba7e418dab15c.js

HTTP Response

200

HTTP Request

GET https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2

HTTP Response

200
151.101.0.134:443

https://disqus.com/api/3.0/threadReactions/loadReactions?thread=7864326885&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

tls, http

msedge.exe

2.0kB
2.8kB
10
10

HTTP Request

GET https://disqus.com/api/3.0/threadReactions/loadReactions?thread=7864326885&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

HTTP Response

200
151.101.0.134:443

https://disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

tls, http

msedge.exe

2.1kB
10.1kB
12
15

HTTP Request

GET https://disqus.com/api/3.0/forums/details?forum=igggames-cc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

HTTP Response

200
151.101.0.134:443

disqus.com

tls

msedge.exe

1.0kB
6.3kB
10
11
199.232.192.134:443

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=229&event=init_embed&thread=7864326885&forum=igggames-cc&forum_id=5934107&imp=7ub8f1v3qt98h5&thread_slug=command_conquer_renegade_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=1&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

tls, http

msedge.exe

2.3kB
6.8kB
11
13

HTTP Request

GET https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=229&event=init_embed&thread=7864326885&forum=igggames-cc&forum_id=5934107&imp=7ub8f1v3qt98h5&thread_slug=command_conquer_renegade_free_download&user_type=anon&referrer=https%3A%2F%2Figg-games.cc%2F&theme=next&dnt=1&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

HTTP Response

200
18.164.68.5:443

https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.6960268122842317

tls, http2

msedge.exe

1.9kB
7.7kB
15
17

HTTP Request

GET https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.6960268122842317

HTTP Request

GET https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.6960268122842317

HTTP Response

200

HTTP Response

200
18.164.68.5:443

cdn.viglink.com

tls

msedge.exe

989 B
6.5kB
9
10
199.232.192.64:443

links.services.disqus.com

tls

msedge.exe

2.7kB
7.8kB
13
16
199.232.192.64:443

links.services.disqus.com

tls

msedge.exe

1.9kB
1.0kB
9
8
216.58.208.106:443

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

tls, http2

msedge.exe

2.8kB
42.2kB
37
40

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
91.209.70.182:443

https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt

tls, http2

msedge.exe

36.3kB
1.1MB
633
854

HTTP Request

GET https://megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/custom.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/colors/flow.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/responsive.css

HTTP Request

GET https://megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css

HTTP Request

GET https://megaup.net/themes/flow/styles/file-upload.css

HTTP Request

GET https://megaup.net/themes/flow/js/jquery-1.11.0.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery-ui.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.dataTables.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.tmpl.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/load-image.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/canvas-to-blob.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.iframe-transport.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.fileupload.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.fileupload-process.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.fileupload-resize.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.fileupload-validate.js

HTTP Request

GET https://megaup.net/themes/flow/js/jquery.fileupload-ui.js

HTTP Request

GET https://megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js

HTTP Request

GET https://megaup.net/themes/flow/js/global.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/fonts.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/stylesheet.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://megaup.net/sw.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/retina/retina.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/custom/custom.js

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/js/gauge.min.js

HTTP Request

GET https://megaup.net/themes/flow/js/clipboardjs/clipboard.min.js

HTTP Request

GET https://megaup.net/themes/flow/images/main_logo_inverted.png

HTTP Request

GET https://megaup.net/themes/flow/images/loading_small.gif

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/raleway.woff

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.png

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff

HTTP Response

200

HTTP Request

GET https://megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff

HTTP Response

200

HTTP Request

GET https://megaup.net/5uer?pt=dZozoKJU18ntmHwGu1yiLjOF3tPgeiI3o%2B%2Fd%2BVlO3AI%3D

HTTP Request

GET https://megaup.net/

HTTP Response

302

HTTP Response

200

HTTP Request

GET https://megaup.net/sw.js?RXBkS3YeUlx4RHNDV2laZ1JIaRB9Q1coRnESSX0TdRJJfxInQElyQn1HSS1AIBUBKBMmEwcoE2dcRnJDIElTLhBzXVd%2BTn1dUHoTdl1cc0J0XVwvFSEVVS1AIUhUflRpUhc8VGlSECMTLREWIgI8GA0nEmsSETEMZ1xGekZrRUZnECQcFy5aIxEIOBNpFgUnBSAt

HTTP Response

304
18.244.140.100:443

ghabovethec.info

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.201.14:443

https://sandtheircle.com/SFJvc3J3MRxOFiMmHiUfAhoMQgovBCoXShBgViIgJhwJKiQJdA4RBnViSQEXLG9eVQElb15FVCNvCxwFJj4AEhZtYF8VGyQ3SkFCKz0CHhMmNkpBQis9AQIHLSBKQUI6NwEWFSk2ClUEdWNBQEZmYVtdQm4hGwBPeHQfARx1YkkWHypvX1UGITZSRER5Y1dFVDoqFk5DempfLEV6YkkaHCtvV1UHdWNeRkpwa1tAR3lnWkdDfmFJEhUtMVJCRXhqWkZEeWdaVRQ7b15VHyo5DU5AeWBBQEN8YF1GQn1hX0RKfWRJFRskN1IwHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtfBlCXHhhWF0AKSBJARcubwcHBjghSkAzbWApVkAOPwoUEz0iQR0XPHddNUc9Nx1WQA4RAB4fKTwLXRMmNkEwHSYjGhYAZgAKHRcvMwsWXD5jQUNBf3wdEgBuPRwBTyE1CF4VKT8KAFwrMUkXATw%2BUhsGPCIcVkEJd101V3oUCxwFJj4AEhZmPwoUEz0iQR0XPHddNVd7FAYXBzo%2BSkA2eD4GCz4pBFo%2FSnEYJBIfKxo3JhAtJl43RBFgBToBEGUsIBxwKlsAKz0KDiNALhArESgDJh4bSg0jOjFXehQ3RwsPKwUAPiMUWUcwGhA7Pj0mKwApQQcRLktHKWErHkcONw4XID4xGgM5Ix0hPld7FkpBRCE2CRoeLTwOHhdtYSswHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtd11GQHh8GUJceGFYXQApIEpBRCE2CRoeLSEGCRdtYStGRn18WEFXemddQz8KdAUABnViSRYcOm9fVR4rJw5OHycoBh8eKXddNUdmYkpBQmAlBh0WJyUcVkB4PBtWQHhjX11CbWEtVkB4JQYdRHx3XDFXemIXRUZhd11DEzgiAxYFLTAEGgZtYClGQX98XEVXemJHGBo8PwNWQAt3XUMeITkKVkB4NQoQGSd7SkFCKzodHB8td101S3h8X11GfGFfXUB5YEpBQjszCRIAIXddNUd7ZUFARG1gXxYWL3ddNUt4fF9dSnlqQUVEbiYVF094dBofHStvSRoUdWJJEAZ1Y0kQBitvW1UtfQYINE95ZV9LR31kXkVBemVXVQc8IF5OPCkcVT0TBmghEjxuJxsBQHUcDj1UPSYdQE89PAsWFCE8ChdUPSYdR089PAsWFCE8ChdUPSYdRk89PAsWFCE8ChdUPSYdRU89PAsWFCE8ChdUPSYdRE89PAsWFCE8ChdUPjMDGhZ1Yw%3D%3D

tls, http2

msedge.exe

9.1kB
22.6kB
39
47

HTTP Request

GET https://sandtheircle.com/RDNMbUIlUS8AfSUOLks3Nl9xSHACFn4rJnZCKl52KF15DDohUnxDIShcOQkkNlwiGWwqVjhIcAJ+GykILVE2LHUcYjsnBj1LLi8uDXsuCgwQZTs3Z3ZxGy8HBWslChIJYhoJCxFpHSUUNwYVFTEgaw44FwJbGjgYFXkJLHMBARo7ew5lGDcQHAJ4Og0Sag04JRYWfi8QLHoNOnASdQoKNiV6IAoaB3UrGwQGUAMpFhJXCywYJ30KIwocaxYZCgJ5BywvI1IKPBghYwpdFAxxGhwDI0QuKxUrcBlceiFSDgkQCGEaHAMsZgs1L3B0Hlw6PVUdLxECRBYeBXQeKAkDAF8PKCUKZQBcIQVxCgYxAgINHQATQAo5BDN0KjwAF2F9HjUWVHQpBBNDND9zdHICKzEOcCQ7MwVUGSYXPn0oPnIrcC0rBw97GlVzEgMoCSYpdg85BHxWLiwYFms0WDMFAg4mAylbDiw1KGEHATYMaxQ3NgVlGi8DdgcUOAR9ZRwrFAxrFDcqBVg0Cwopcgg6KQF0LgUTHGYrKGQuQCMDMnlgJgA7MAE+BiMVSj4BDw

HTTP Request

GET https://sandtheircle.com/OHVQeWlZFzMUVllIMl8cShltXFt+UGI/DQoENkpdVBtlGBFdFGBXClQaJR0PSho+DUdWECRcW35EBhcZVBYHLFh+JCMhPlE8BDg8QBEJLBFvJBZIHn03CRwqQS8YPAMMGB88BgEnFDQmfgwCPyF5NzM8OEs3MUkZfD0BKF1wIzghKHwSCi4sejEeAV1wIRY/HnwdBRwtVQYePDttJRw7KGkzN0kBYDcRKD58BgYxEV8/HxEdeSQpNwNuMwYsPwovAzwBXzkdETxrNDs7AmsSIz84fycbLyx+OQoVUG84YDsCax0ZICoKNx8oLHEbM0kBbjYGNwBtRX07LW4hMzIvakURMDsAPRceHlEtYRpabTIGNzoIPwQaWVAjByhdHUcSPQ5fEQE+OA0kFTc/dx0dNi99NzsqDnEgEhNZbiEWKzFiHTs3KE8aZzFZejEZS1BzJmA/JWEeZS44bQE7KlhcIAZLMHI3EhoscjceODhBOzoqP3ITBhQrXiNgPCh1HWE4OEE7JioCTDcDS1x0LQZAPWEzJyg9fiR2ExpXGyBEHnc2PkkxDSMIFCgMDAY

HTTP Request

GET https://sandtheircle.com/Y0lWMHkCKzVdRgJ0NBYMESVrFUslbGR2HVE4MANNDydjUQEGKGYeGg8mI1QfESY4RFcNLCIVSyU9AwABIAdneQ4qMC5iGzAqOnoeEzgPaBVUCzt+SCkjEGkpIAcueSEUOAxKHioYPAQAJR0cRDQrHGJ/Py0/DwIWFh88R0kAHgRjKScLLlMBJjMYSUxGexBxSjInBnNIACsvaRApJR8ANgoAOGVKMiQaaEACGQVbFS8lJUodDX0TcRcbIzdoOCssP2EVLw8bCTMncDhyLipwGXcaJRA7ekEBCDIDICJ8OHIuKiIcYw4hEzhqXFEPF3IzBBAsYkkieiICHw1kHGcwCgQxekkiehtjGhEYZVQRICc1dSM7eHMCPwcLHFcgURgmaAA6bGRyMCQqEHUhOWxkchoPOmF/Og8nFGcwUwIFdhozESZAGiIqLn8DVz0BWh1RLzFhNjonZwgbIgc7aTEbOhRnNwsoDnExKh0fQTBTHGFUF1cMF10/CBA4dTsHexAIM1IEZ1QXVwwSXTNaLxFHKTp7IlkdIg9mehclM3BaCgwnJg0aKDFiRDMWJTdpCTkr

HTTP Request

GET https://sandtheircle.com/N2FOZ0JWAy0KfVZcLEE3RQ1zQnBxRHwhJgUQKFR2Ww97BjpSAH5JIVsOOwMkRQ4gE2xZBDpCcHERLDEIVgMZMg1nNR8rFV8KeTcudQIZMDZeNn8hDngiJSQBT1A4LgEDMQwkLUExGDJ1fCk5PQpADTgGKUQrCiM1DjQLKgtnJSI2FHISNDclDjgZPxNBJQgAA2cyDyIBZiQ0AXMPCxkvOkYyCAMmUgh+IgFACncrEAIgFlULByYbJSRuDDoDEQZQfQYRDiAWVQtDIw8TIG0PdwIIBwkpBiphNRk/NhJTCD9zYiwHDi11IAwIcXggFyoFbwUhLHN1BBQ/b2UEG1cqUAAlMg11MhdUA2IjKCIaDgcYNgcALB8PA29TB14BdjgJNxp5KBhWck8sJl8JdiUqQnBxOTcpF24PHAMRBg0jBhQGLRZVDFgyCAMmfjU9KwB1WXkBcw8LGSAEQzB/PSBTUyYDA3YKfwFzDwsYIAgHORsTFG5TBCMXBhV+K3N1NGgNMVgPPlo4dAsnHzdnURgd

HTTP Request

GET https://sandtheircle.com/dHFaVjMVEzk7DBVMOHBGBh1ncwEyVGgQV0YAPGUHGB9vN0sREGp4UBgeLzJVBh40Ih0aFC5zATIiDhBxNxMeA0UkCC0dcB4WbxxfMTI/O2EOJhsEQjsbHxJkDgkuHEQcBRY8Byw6awdHORYyHWIgKGowAgMlExJ2BzItPkI6Ii0GcDxAaB9EHCk5AWEfNh8DWTtCYjRiJxZsGXIuMBEsVEUiMRdHFiJiEmcNJGIaVEQgPD5pRyA9AEMtHxATYh0kf2RxPhYUFWNHJy0OdQdFPg5xFzMSLhZGMzk9WDM1NABELDQTOmMaIwMTe0wiAGcHMj8dDAEmIxhzATYoGXt+FyMJFwI6IDYOeQ4aaAViFzoADnUWNmlvXi5AbhBpMAIrEXUTFj4OcgI0EmNUOBYMM3gsJy0OdT0BFy9YMDkdOloXFmMyYx5JLBVhNlRoFHUaBTkRAAxUaBRXGBYdMHtBBgIHVwQoNB9VIjI1Ln41JAswWy5CAiF5HShpBHk2Qi1neRMCCzBbLkYCFEdMFzQmVzAmEDtXMQEbNWQxVzAlXBoBZzNXLBM0A3QVEDgc

HTTP Request

GET https://sandtheircle.com/utx?cb=FavHbrXqmdYn&top=megaup.net&tid=761186

HTTP Request

GET https://sandtheircle.com/utx?cb=oTh39Y2jfXpd&top=megaup.net&tid=876318

HTTP Request

GET https://sandtheircle.com/utx?cb=g6D2eyejOLVH&top=megaup.net&tid=825911

HTTP Request

GET https://sandtheircle.com/utx?cb=tEuX98CS7M4c&top=megaup.net&tid=764141

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://sandtheircle.com/multi?cs=cHJEeXRAQXFBRURHd0hGQUJ1TEU&abt=0&red=1&sm=76&k=download%20file%20command%20conquer%20renegade&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&_1ZZf=1708556154692&crc=1

HTTP Request

GET https://sandtheircle.com/floater?cs=OVc3cHIJZAZDQwxjBkFEDGYDR0Y&abt=0&red=1&sm=83&k=download%20file%20command%20conquer%20renegade&v=0.9.2.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_720&u=1264574189947902&agec=1708556155&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=212.31422505307856&ref=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&osr=igg-games.cc&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F90.0.4430.212%20safari%2F537.36%20edg%2F90.0.818.66&tzd=0&uloc=&if=0&aa=oi1_&_J4nV=1708556154694&crc=1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://sandtheircle.com/OTNBVkUGUDJrFn5pNzUuXQoUOnR7VXIiE2FYD3N3e1ZwGCBrexRwJFtHfGZjS1Yla3QfQCxrdA8VKmshVkQvOipYV2RkdV9aLTNgCwMiOShUUi8yYAsDIjkrSEYkJGALAzMzK1xUIDIgH0V8Z2sKB29lcRcDZyUxSg5xcDVLXXxmY1xeI2t1H0coMngOBXBnfQ8VMy48BAJzbnVmBHNmY1BdImt9H0Z8Z3QMC3lvcQoGcGNwDQJ3ZWNYVCQ1eAgEcW5wDAVwY3AfVTJrdB9eIz0nBAFwZGsKAnVkdwwDdGV1Dgt0YGNfWi0zeHpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyR4MwgdcWVyF0EgJGNLVidrLU1HMSVgCnJkZAMcAQc7IF5SNCZrV1Y1c3d%2FBjQzNxwBBxUqVF4gOCEXUi8ya3pcLycwXEFvBCBXViY3IVwdN2drCQB2eDdYQWc5NksOKDEiFFQgOyBKHSI1Y11ANTp4UUc1JjYcAABzd38WcxAhVkQvOipYV287IF5SNCZrV1Y1c3d%2FFnIQLF1GMzpgCndxOixBfyAAcHULeBwOWF4iHh1sUSQidH0FGGQvcEAZYQZqXXkucUpqNA4kaQEnFAFbaQoiNFELBCcQexZzEB0NSgYvL0p%2FKhBzDXETFBF0fC8vKmMADhUEAQYgZQFUBgczJF1hNzUwSXgqGQt0FnISYAsFKDIjUF8kOCRUVmRlAXpcLDskV1dvNytdHQI5K0hGJCRra1YvMyJYVyRzdwwBcXgzCB1xZXIXQSAkYAsFKDIjUF8kJSxDVmRlAQwHdHhyCxZzY3cJfgNwL0pHfGZjXF0za3UfXyIjJAReLiwsVV8gc3d%2FBm9mYAsDaSEsV1cuITYcAXE4MRwBcWd1FwNkZQccAXEhLFcFdXN2exZzZj0PB2hzdwlSMSYpXEQkNC5QR2RkAwwAdnh2DxZzZm1SWzU7KRwBAnN3CV8oPSAcAXExIFpYLn9gCwMiPjdWXiRzd38KcXh1Fwd1ZXUXAXBkYAsDMjcjWEEoc3d%2FBnJhawoFZGR1XFcmc3d%2FCnF4dRcLcG5rDwVnIj9dDnFwMFVcImtjUFV8ZmNaR3xnY1pHImtxH2wxIg1jDnBhdQEGdGB0DAR4ZXIfRjUkdAR9IBh%2Fd1IPbAtYfWcjMUsBfBgkdxU0IjcKDjQ4IVxVKDggXRU0IjcNDjQ4IVxVKDggXRU0IjcMDjQ4IVxVKDggXRU0IjcPDjQ4IVxVKDggXRU0IjcODjQ4IVxVKDggXRU3NylQV3xn

HTTP Response

302

HTTP Request

GET https://sandtheircle.com/SFJvc3J3MRxOFiMmHiUfAhoMQgovBCoXShBgViIgJhwJKiQJdA4RBnViSQEXLG9eVQElb15FVCNvCxwFJj4AEhZtYF8VGyQ3SkFCKz0CHhMmNkpBQis9AQIHLSBKQUI6NwEWFSk2ClUEdWNBQEZmYVtdQm4hGwBPeHQfARx1YkkWHypvX1UGITZSRER5Y1dFVDoqFk5DempfLEV6YkkaHCtvV1UHdWNeRkpwa1tAR3lnWkdDfmFJEhUtMVJCRXhqWkZEeWdaVRQ7b15VHyo5DU5AeWBBQEN8YF1GQn1hX0RKfWRJFRskN1IwHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtfBlCXHhhWF0AKSBJARcubwcHBjghSkAzbWApVkAOPwoUEz0iQR0XPHddNUc9Nx1WQA4RAB4fKTwLXRMmNkEwHSYjGhYAZgAKHRcvMwsWXD5jQUNBf3wdEgBuPRwBTyE1CF4VKT8KAFwrMUkXATw%2BUhsGPCIcVkEJd101V3oUCxwFJj4AEhZmPwoUEz0iQR0XPHddNVd7FAYXBzo%2BSkA2eD4GCz4pBFo%2FSnEYJBIfKxo3JhAtJl43RBFgBToBEGUsIBxwKlsAKz0KDiNALhArESgDJh4bSg0jOjFXehQ3RwsPKwUAPiMUWUcwGhA7Pj0mKwApQQcRLktHKWErHkcONw4XID4xGgM5Ix0hPld7FkpBRCE2CRoeLTwOHhdtYSswHSU%2FDh0WZjMBF1wLPQECBy0gQSEXJjcIEhYtd11GQHh8GUJceGFYXQApIEpBRCE2CRoeLSEGCRdtYStGRn18WEFXemddQz8KdAUABnViSRYcOm9fVR4rJw5OHycoBh8eKXddNUdmYkpBQmAlBh0WJyUcVkB4PBtWQHhjX11CbWEtVkB4JQYdRHx3XDFXemIXRUZhd11DEzgiAxYFLTAEGgZtYClGQX98XEVXemJHGBo8PwNWQAt3XUMeITkKVkB4NQoQGSd7SkFCKzodHB8td101S3h8X11GfGFfXUB5YEpBQjszCRIAIXddNUd7ZUFARG1gXxYWL3ddNUt4fF9dSnlqQUVEbiYVF094dBofHStvSRoUdWJJEAZ1Y0kQBitvW1UtfQYINE95ZV9LR31kXkVBemVXVQc8IF5OPCkcVT0TBmghEjxuJxsBQHUcDj1UPSYdQE89PAsWFCE8ChdUPSYdR089PAsWFCE8ChdUPSYdRk89PAsWFCE8ChdUPSYdRU89PAsWFCE8ChdUPSYdRE89PAsWFCE8ChdUPjMDGhZ1Yw%3D%3D

HTTP Response

302
18.165.201.14:443

sandtheircle.com

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.201.14:443

sandtheircle.com

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.201.14:443

sandtheircle.com

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
172.67.132.241:443

https://hildrenastheyc.info/cXA5WlVeT1opaBVDXTIEHT5+DmQVQGMPDzAmcS49I0AADzEmNR8uPBVNDmxkQEgPfCUYFARrcwIEWC4gAk0KamVDVlA0Mx5NC3RnREIfLGhAXgpue0JEF2pzBE0Ia2BJSABuZkRBDG9hQEYKfCEBEV5nZFcATS45TEEOam1ERQ9rY0RFCmM

tls, http2

msedge.exe

5.7kB
10.9kB
37
37

HTTP Request

GET https://hildrenastheyc.info/dDZ4QVVbCRsyaCZgHC4bIwcCGDlAdS9yLRluKRsMF2FBIxQyDl41PBALT3dkRQ5OZyUdUkVwcwdCGTUgBwtJZzwaUBd8cwILSW9mQBhLdXtEEA18ZFJCCCAySQdeMSEAWkVwYkQOTXRjRQNLeW1B

HTTP Request

GET https://hildrenastheyc.info/S2FCcGVkXiEDWC82ewQxAysEKCMjURNAIyo5LEEkGSd7EwAeLGQEDC9cekdTeFB6VhUiBX9CXG0SNhERPhJ/QUMiDyQfWG0Xf0FLe090QEt4RzdNVG0VMhECdlBkABE/DX9BUntZd0VTelRxSVV9

HTTP Request

GET https://hildrenastheyc.info/eE1hNDFXcgJHDDY3LAZkLyopdXAcJDZleDAPU3ZUOSood2sUOkdAWBxwWQYEQXxQEkERKVwHA14+FVVFDT5cBRcRIwdbDF47XAQfQWNTGgReOFwFFww9AFMMSWsRQEUUcFADAUB4VAIATX5YBgI

HTTP Request

GET https://hildrenastheyc.info/amF0RnZFXhc1Syc2OTElMgI2EzcsVyYhJDIgLC40KCc9AxABLFIyHw5cTHRDU1BFYAYDBUl1REwSACcCHxJJdEZaVlIvGAwOSXRQHFxEaE9EU1pzUB9cRWACGgATe0dMEQAyGldQQ3ZOX1RCd0NZWEZ/

HTTP Request

GET https://hildrenastheyc.info/cTFhczleDgIABDxpIEJuHVYmIV4zQAMyezBzDAtLM3QGNFsmBUcHUBUMWEcASQdVVUkYVVxCAVdCFRJNBEJcQh8YXwccBFdHXEIXQR9TXQ1XRFxCHwVBABQEQBcRB00dDFBECUkEVEUIRAJYQAA

HTTP Request

GET https://hildrenastheyc.info/YlZiNWZNaQFGWzURNFk1UwQKYCAgbztiVzYADE0LAzo4ZgAlIURBDwZrVQNSU2JTExYLMl8EQBEiA0ETEWtTEw8MMA0IQBRrUxtVVnhRAUhScBcIV0QiElQBX2dERRIWOl8EUVJuVwBQU2NRDFBX

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

GET https://hildrenastheyc.info/WWtCNlZ2VCFFaxRaJmUPawgJbzs9PRdRDDEyFGQAGDwQWgAfU2RCPz1WdQBiaF9zECYwD38HcCofI0IjKlZxBmZoTStYMDZWcgZmaE00C2d3WHYYZW1FchAjZFpyA25oW3oBYWhYdABvYV1kQiY4DH8HcCkfNlpraFxyDmNsXXMDYm9Zcg

HTTP Request

GET https://hildrenastheyc.info/popunder.gif

HTTP Response

200

HTTP Request

POST https://hildrenastheyc.info/ajhNMmtFBy5BVg4IPUY4AHoFVz0SDQxnIU8KD2ojGX8cXB8wXhxjTR5RKQ9TWA10A1pMSCRWVlkKa0EfC0w4QVZYCH0FTQNWK11WWB47D1tEAWMARV8eOA9aWA55B1xeCXULUl4PdAJZTEw9UwxXCWtCHx5UcANcWgB4B11bDXkEUlk

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://hildrenastheyc.info/anhRSVVFRzI6aDAvGycPWTIHHAMwLQB4Fz0uPRMQPz4fHQAvIXc9PA5FaXtgU0lgbyUDHGx6Z0wLJSghHwtse2VaTXcgOwwXbHtlWk5heWVaTnR+FgIMJTkmT0sQbGcsXWMPIg8aISA2AVUyLTtEC2JnNAcZKyY7Cw8iZzYFFXR7ExkWMDkwCRk5PXsaFjZsYikWJCU5T08ScGRbQGFwYFxMYXBjXkFneGJbXid0ZURBf3t7X14kdGRbTWlxbF5LZHhgX0xgf2ZMDCEoMldJdzkhHhRseGJaQGR8Y1tNZ3BmWQ

HTTP Response

204

HTTP Request

POST https://hildrenastheyc.info/YXBzQzJOTxAwDzglSjpXNkEmJgIjOyUVeFkhQytnNB4DB2ZQSFU3WwVNRHUDUEhFZUIIFE5yFBIEEjdHEk1AZVsPFhx+Xw4FACZWDgcdZURcQV1wBk9DR20CRwVOcgNUSEt6BlJFQnYHVUFFcBQVABIkD1BWAzdGDU1CdAJZRUZ1A1RHSnAH

HTTP Request

POST https://hildrenastheyc.info/aWd4bjlGWBsdBCdVPiNtWgQ7OGFcXywZazoBIFt2KyEqV1w8Ml4aUA1aT1gIWF9OSEkAA0VfHxoTGRpMGlpNSFAHARdTHx9aSUAKXUlLWhdZQQ1TCFhSQFYAXVRNXwxcU0lYCk8TCA9eVFZeHk0dC0VfDllfTVsPWFJPVw1Q

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://hildrenastheyc.info/cU1hMm5ecgJBUxUbJ2U6GhcgaDkjdAdZNBgXUgtLQwszXzwfKCljSAUkBQ9ZR3xQClhXPQhWU0BrEkYPBTgSD11BfVMUBx8rDg9aX31UA0gHcFAcXUVjUgZAQWsUD19AeFkKV0V+VANbRHlQBF1XORFTCUx8R0IaBSFcA1lBdVQHWEB7UwJeQQ

HTTP Response

204

HTTP Request

POST https://hildrenastheyc.info/YTFjYWVODgASWDdlCFU/C2sIIDRUYCImNC51NVkgO2AmLzAwYEUVDAUMVFdUUAlVRxUIVV5QQxJFAhUQEgxQRwwPVwxcCA5EEAQBDkYNRxNcAE1SUU8CV09VR0ReUFRUCVtYUVIEUlRQVQBVUkMVQQIGWFAXExURDQxSVlVZBFZXVFcCUVZT

HTTP Request

POST https://hildrenastheyc.info/QkdNcVdteC4CagwAIUANcjALJAIMFSgWAScWC0RycAUPNxEDEgVFcTYuKUxgdHZ8SWFkNyQVanNhPgU2NjI+TGJkLiMXOH9hO0xmbHR5X2R2aX1XIn92fERven55QmJzcnhFZnR0awUnIyBwQHEyMzkdanNwfUlid3F8R2Rwf3o

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://hildrenastheyc.info/cXA5WlVeT1opaBVDXTIEHT5+DmQVQGMPDzAmcS49I0AADzEmNR8uPBVNDmxkQEgPfCUYFARrcwIEWC4gAk0KamVDVlA0Mx5NC3RnREIfLGhAXgpue0JEF2pzBE0Ia2BJSABuZkRBDG9hQEYKfCEBEV5nZFcATS45TEEOam1ERQ9rY0RFCmM

HTTP Response

204
18.165.201.14:443

sandtheircle.com

msedge.exe

190 B
92 B
4
2
172.67.220.203:443

https://pogothere.xyz/

tls, http2

msedge.exe

21.2kB
433.3kB
322
332

HTTP Request

GET https://pogothere.xyz/asd100.bin

HTTP Request

GET https://pogothere.xyz/asd100.bin

HTTP Request

GET https://pogothere.xyz/asd100.bin

HTTP Request

GET https://pogothere.xyz/

HTTP Request

GET https://pogothere.xyz/asd100.bin

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://pogothere.xyz/

HTTP Response

200

HTTP Request

GET https://pogothere.xyz/

HTTP Response

200

HTTP Request

GET https://pogothere.xyz/

HTTP Response

200
172.67.220.203:443

pogothere.xyz

tls, http2

msedge.exe

989 B
5.1kB
9
8
172.67.220.203:443

pogothere.xyz

tls, http2

msedge.exe

989 B
5.1kB
9
8
172.67.220.203:443

pogothere.xyz

tls, http2

msedge.exe

989 B
5.1kB
9
8
172.67.220.203:443

pogothere.xyz

tls

msedge.exe

839 B
4.5kB
7
6
157.240.221.35:443

www.facebook.com

tls

msedge.exe

2.5kB
32.0kB
30
36
108.177.127.84:443

accounts.google.com

tls, http2

msedge.exe

989 B
5.3kB
9
8
108.177.127.84:443

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

tls, http2

msedge.exe

2.0kB
7.6kB
16
17

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
34.195.224.242:443

theharityhild.buzz

tls

msedge.exe

2.5kB
20.2kB
22
29
18.165.196.180:443

d2qf34ln5axea0.cloudfront.net

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.196.180:443

d2qf34ln5axea0.cloudfront.net

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.196.180:443

https://d2qf34ln5axea0.cloudfront.net/pbVJabWUOPTQLWhk7PlBcWWtiW1FLOCkCCx1vIC4PBCovPVU7KHwZHwlvaksJDDw9UEMIPDlQVEszPg9YWXQvDFgAPSAECQEzf18jWHxqSFddei0ECwk9LR5AX2I0GUBfYmtdS113aS9AX2ItBAtbZn9eJ0hgahVTWXt/X1UMIioBABo3OAYMGXdoK1BeZX-ReU0hgakUOBSY3AUBfEX9fVQE7MQhAX2I9CAYGPXNIV10xMh8KADd/XyNUYnRdS1lmaV1LX2NoSFddITsLBB87f18jWGFtQ1Zbd2hdAAk1f18jVGJ0XUtVY2JDU1t0L1BU

tls, http2

msedge.exe

3.7kB
11.1kB
22
27

HTTP Request

GET https://d2qf34ln5axea0.cloudfront.net/MWDJibzA7XQwJDyxbBlIHbgNTVwZ+WBEAXigPMQVdIUZQHVs5YxsdXBUUFhVUZQJEA1E2VV9JVTZRX14WOVYAUgR+RhIAW2VFFgtaIlgXCFgvFBcODTVdGAZcNFNHXXZtHFJKAmgaFQZePF0VHBVqAgwbFWoCU18eaBdRLRVqAhUGXm4GR1xyfQBSFwZsG0-ddADlCEgNVL1cABFksF1ApBWsFTFwGfQBSR1swRg8DFWpxR10ANFsJChVqAgUKUzNdS0oCaFEKHV81V0dddmECTF8ebAZRXx5qA1BKAmhBAwlRKltHXXZtAVVBA24XUF9VPFVHXXZhAkxfHmADWkEGbhQXUgE

HTTP Request

GET https://d2qf34ln5axea0.cloudfront.net/tU0xCN1IwIyxRbSclJgpqYXl7BmN1JjFYPCNxIXwqZzgIQj4yFTJtMHU4OFNvY2ouVjw0cWRSPDBxcxEzNy5/A3QnPC1cbyYiJlI0OiInU3QmLX9aPSklLlszdn4EAnxjaXAHeiQlLFM9JD9nBWI9OGcFYmJ8bAd3YA5nBWIkJSwBZnZ/ABJgYzR0A3t2fn-JWIiMgJ0A3MScrQ3dhCncEZX1/dBJgY2QpXyY+IGcFEXZ+cls7OClnBWI0KSFcPXppcAcxOz4tWjd2fgQOYn18bANmYHxsBWNhaXAHITIqI0U7dn4EAmFkYnEBd2F8J1M1dn4EDmJ9fGwPY2tidAF0JnFz

HTTP Request

GET https://d2qf34ln5axea0.cloudfront.net/1VnplcWU1FQsXWiITAUxdYUxWQF1wEBYeCyZHEj4mOEo9RDMOFyRFHABcEQsBa0pDHQQ4HVhXADgZWEBDNx4HTFFwDhUeDmsNERUPLBAQFg0hXBAQWDsVHxgJOhtAQyNjVFVUV2ZSEhgLMhUSAkBkSgsFQGRKVEFLZl9WM0BkShIYC2BOQEInc0hVCVNiU0-BDVTcKFR0AIR8HGgwiX1c3UGVNS0JTc0hVWQ4+DggdQGQ5QENVOhMOFEBkSgIUBj0VTFRXZhkNAwo7H0BDI29KS0FLYk5WQUtkS1dUV2YJBBcEJBNAQyNjSVJfVmBfV0EAMh1AQyNvSktBS25LXV9TYFwQTFQ

HTTP Request

GET https://d2qf34ln5axea0.cloudfront.net/STFBCbDUvPywKCjg5JlECemRzWARqOjEDWzxtJwhtLj4XK1QtMghKQTY0f1wTIDEsCwhqNSwPCH12IwhXcWRkGEUjO38bQSg6OAZAKzg1SkAtbS8DTyU8Lg0QfhZ3QgVpYnJEQiU+JgNCP3VwXFs4dXBcBHx+ckkGDnVwXEIlPnRYEH8SZ14FNGZ2RRB+YC-McRSA1NQlXJzk2SQcKZXFbG39mZ14FZDsqGFggdXAvEH5gLgVeKXVwXFIpMykDHGlicg9dPj8vCRB+FntcG3x+dlgGfH5wXQdpYnIfVCoxMAUQfhZ3XwJiY3RJB3w1JgsQfhZ7XBt8fnpdDWJmdEpAcWE

HTTP Request

GET https://d2qf34ln5axea0.cloudfront.net/pbVJabWUOPTQLWhk7PlBcWWtiW1FLOCkCCx1vIC4PBCovPVU7KHwZHwlvaksJDDw9UEMIPDlQVEszPg9YWXQvDFgAPSAECQEzf18jWHxqSFddei0ECwk9LR5AX2I0GUBfYmtdS113aS9AX2ItBAtbZn9eJ0hgahVTWXt/X1UMIioBABo3OAYMGXdoK1BeZX-ReU0hgakUOBSY3AUBfEX9fVQE7MQhAX2I9CAYGPXNIV10xMh8KADd/XyNUYnRdS1lmaV1LX2NoSFddITsLBB87f18jWGFtQ1Zbd2hdAAk1f18jVGJ0XUtVY2JDU1t0L1BU

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
18.165.196.180:443

d2qf34ln5axea0.cloudfront.net

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
18.165.196.180:443

d2qf34ln5axea0.cloudfront.net

tls, http2

msedge.exe

1.0kB
6.7kB
10
11
216.239.34.36:443

https://region1.google-analytics.com/g/collect?v=2&tid=G-Z9TE2LW16Q&gtm=45je42h0v9124836801za200&_p=1708556154120&gcd=13l3l3l3l1&npa=0&dma=0&cid=1374742328.1708556154&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708556154&sct=1&seg=0&dl=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&dr=https%3A%2F%2Figg-games.cc%2F&dt=Command.and.Conquer.Renegade.v1.037.rar%20-%20MegaUp&en=page_view&_fv=1&_ss=1&tfd=1570

tls, http2

msedge.exe

2.1kB
6.5kB
14
14

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-Z9TE2LW16Q&gtm=45je42h0v9124836801za200&_p=1708556154120&gcd=13l3l3l3l1&npa=0&dma=0&cid=1374742328.1708556154&ul=en-us&sr=1280x720&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708556154&sct=1&seg=0&dl=https%3A%2F%2Fmegaup.net%2F5uer%2FCommand.and.Conquer.Renegade.v1.037.rar&dr=https%3A%2F%2Figg-games.cc%2F&dt=Command.and.Conquer.Renegade.v1.037.rar%20-%20MegaUp&en=page_view&_fv=1&_ss=1&tfd=1570
72.52.178.23:443

parrecleftne.xyz

msedge.exe

260 B
200 B
5
5
34.195.224.242:443

theharityhild.buzz

tls

msedge.exe

3.4kB
6.0kB
20
21
72.52.178.23:443

parrecleftne.xyz

msedge.exe

260 B
200 B
5
5
52.92.128.33:443

webpick-cdn.s3.amazonaws.com

tls

msedge.exe

2.0kB
9.7kB
17
20
52.92.128.33:443

webpick-cdn.s3.amazonaws.com

tls

msedge.exe

1.2kB
6.3kB
13
17
96.126.123.244:80

http://asdasdad.net/

http

msedge.exe

674 B
925 B
5
4

HTTP Request

GET http://asdasdad.net/

HTTP Response

200
96.126.123.244:80

http://asdasdad.net/?gp=1&js=1&uuid=1708556159.0072398514&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

http

msedge.exe

990 B
1.4kB
5
4

HTTP Request

GET http://asdasdad.net/?gp=1&js=1&uuid=1708556159.0072398514&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

HTTP Response

302
96.126.123.244:80

asdasdad.net

msedge.exe

190 B
132 B
4
3
3.33.243.145:80

http://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

http

msedge.exe

1.1kB
761 B
7
6

HTTP Request

GET http://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

HTTP Response

301
3.33.243.145:443

https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

tls, http

msedge.exe

3.6kB
8.6kB
18
21

HTTP Request

GET https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

HTTP Response

200

HTTP Request

GET https://www6.asdasdad.net/?template=ARROW_3&tdfs=1&s_token=1708556159.0329700000&uuid=1708556159.0329700000&term=Europe%20Dedicated%20Servers&term=Random%20Dedicated%20Servers&term=Custom%20Hosted%20Servers&term=Download%20From%20High%20Security%20Cloud%20File%20Storage&searchbox=0&showDomain=0&backfill=0

HTTP Response

304
142.250.179.196:443

https://www.google.com/adsense/domains/caf.js?abp=1

tls, http2

msedge.exe

3.0kB
62.5kB
41
53

HTTP Request

GET https://www.google.com/adsense/domains/caf.js?abp=1
184.28.198.211:443

https://img1.wsimg.com/parking-lander/static/js/main.6b7ddab3.js

tls, http2

msedge.exe

5.4kB
189.4kB
92
155

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/css/main.37af1632.css

HTTP Request

GET https://img1.wsimg.com/parking-lander/static/js/main.6b7ddab3.js

HTTP Response

200

HTTP Response

200
184.28.198.211:443

img1.wsimg.com

tls, http2

msedge.exe

1.2kB
8.2kB
13
15
142.250.179.206:443

https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=08231&domain_name=asdasdad.net&client=dp-namemedia08_3ph&r=m&rpbu=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Europe%20Dedicated%20Servers%2CRandom%20Dedicated%20Servers%2CCustom%20Hosted%20Servers%2CDownload%20From%20High%20Security%20Cloud%20File%20Storage&type=3&uiopt=true&swp=as-drid-2235535430585190&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C71847096&format=r4&nocache=7701708556160952&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1708556160953&u_w=1280&u_h=720&biw=1263&bih=601&psw=1263&psh=811&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&jsv=607429171&rurl=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0

tls, http2

msedge.exe

3.1kB
16.9kB
19
23

HTTP Request

GET https://www.adsensecustomsearchads.com/afs/ads?adsafe=low&adtest=off&psid=7621175430&pcsa=false&channel=08231&domain_name=asdasdad.net&client=dp-namemedia08_3ph&r=m&rpbu=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0&terms=Europe%20Dedicated%20Servers%2CRandom%20Dedicated%20Servers%2CCustom%20Hosted%20Servers%2CDownload%20From%20High%20Security%20Cloud%20File%20Storage&type=3&uiopt=true&swp=as-drid-2235535430585190&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301383%2C17301431%2C17301433%2C17301436%2C71847096&format=r4&nocache=7701708556160952&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1708556160953&u_w=1280&u_h=720&biw=1263&bih=601&psw=1263&psh=811&frm=0&uio=-&cont=relatedLinks&drt=0&jsid=caf&jsv=607429171&rurl=https%3A%2F%2Fwww6.asdasdad.net%2F%3Ftemplate%3DARROW_3%26tdfs%3D1%26s_token%3D1708556159.0329700000%26uuid%3D1708556159.0329700000%26term%3DEurope%2520Dedicated%2520Servers%26term%3DRandom%2520Dedicated%2520Servers%26term%3DCustom%2520Hosted%2520Servers%26term%3DDownload%2520From%2520High%2520Security%2520Cloud%2520File%2520Storage%26searchbox%3D0%26showDomain%3D0%26backfill%3D0
184.28.198.211:443

https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=1

tls, http2

msedge.exe

2.0kB
9.6kB
19
27

HTTP Request

GET https://img1.wsimg.com/parking-lander/px.js?ch=1&abp=1

HTTP Response

200

HTTP Request

GET https://img1.wsimg.com/parking-lander/px.js?ch=2&abp=1

HTTP Response

200
34.225.150.126:443

api.aws.parking.godaddy.com

tls

msedge.exe

2.4kB
9.1kB
18
19
142.251.36.2:443

https://partner.googleadservices.com/gampad/cookie.js?domain=www6.asdasdad.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie

tls, http2

msedge.exe

1.9kB
6.7kB
16
17

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=www6.asdasdad.net&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
96.126.123.244:80

http://asdasdad.net/

http

msedge.exe

1.3kB
925 B
5
4

HTTP Request

GET http://asdasdad.net/

HTTP Response

200
96.126.123.244:80

http://asdasdad.net/?gp=1&js=1&uuid=1708556164.0084700544&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

http

msedge.exe

1.7kB
1.4kB
6
5

HTTP Request

GET http://asdasdad.net/?gp=1&js=1&uuid=1708556164.0084700544&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2Uvd2VicCxpbWFnZS9hcG5nLCovKjtxPTAuOCxhcHBsaWNhdGlvbi9zaWduZWQtZXhjaGFuZ2U7dj1iMztxPTAuOSJ9

HTTP Response

302
96.126.123.244:80

asdasdad.net

msedge.exe

190 B
132 B
4
3
172.67.192.50:443

https://download.megaup.net/favicon.ico

tls, http2

msedge.exe

23.2kB
210.3kB
139
220

HTTP Request

GET https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB

HTTP Response

403

HTTP Request

GET https://download.megaup.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859294b01c126347

HTTP Response

200

HTTP Request

GET https://download.megaup.net/favicon.ico

HTTP Response

403

HTTP Request

GET https://download.megaup.net/favicon.ico

HTTP Response

403

HTTP Request

POST https://download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44

HTTP Response

200

HTTP Request

POST https://download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/1527490514:1708553496:T9_YohyTLqk_M2U4qfVqeXkzTMoHxFio4TPhNfWhNdw/859294b01c126347/aba0d78f7097d44

HTTP Response

200

HTTP Request

POST https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB/X4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM=&idfilename=Command.and.Conquer.Renegade%20.v1.037.rar&idfilesize=545.72%20MB

HTTP Request

GET https://download.megaup.net/favicon.ico

HTTP Response

403

HTTP Response

200

HTTP Request

GET https://download.megaup.net/openads.js

HTTP Request

GET https://download.megaup.net/images/main_logo_inverted.png

HTTP Response

200

HTTP Request

GET https://download.megaup.net/downloadd.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://download.megaup.net/images/favicon.ico

HTTP Response

200

HTTP Request

GET https://download.megaup.net/downloade.png

HTTP Response

200

HTTP Request

GET https://download.megaup.net/favicon.ico

HTTP Response

302
172.67.192.50:443

download.megaup.net

tls

msedge.exe

897 B
4.1kB
7
6
35.190.80.1:443

https://a.nel.cloudflare.com/report/v3?s=kD857Wpnu2Xyw1eI2zlET%2FwAvJ3VQGvmHqfMjeUuhPN78EhQhgc7GcrwhkA7%2FiL2Dn5XO0vsspFA5f1HoyNObIwC9j%2Bt9dQFp6skEoU82ABDS2xGTi1bkfHybT2IWAWoxBH7ckG2

tls, http2

msedge.exe

1.8kB
6.0kB
14
15

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v3?s=kD857Wpnu2Xyw1eI2zlET%2FwAvJ3VQGvmHqfMjeUuhPN78EhQhgc7GcrwhkA7%2FiL2Dn5XO0vsspFA5f1HoyNObIwC9j%2Bt9dQFp6skEoU82ABDS2xGTi1bkfHybT2IWAWoxBH7ckG2
104.17.2.184:443

https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit

tls, http2

msedge.exe

2.1kB
17.2kB
21
21

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit

HTTP Response

200
104.17.2.184:443

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a

tls, http2

msedge.exe

38.7kB
169.8kB
120
177

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oj61o/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/hEl5hztDgMrsMc%2BrRYLC83cxIufv%2BmUci2forpa%2B7PU%3D

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=859294b318017324

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/859294b318017324/1708556170504/89898f0fbce3bc17a182fb4227252e470ab71d94f72507e6898daee8d442465c/-t5nAi6dIXqo-m9

HTTP Response

401

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/859294b318017324/1708556170504/O0hHK1ty-PNO5lt

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1211451987:1708553518:U_h1eRUJ-w3j1241FWA6fFtVOK94oXlObUASEF5nAis/859294b318017324/c703ee597a78c3a

HTTP Response

200
23.109.170.2:443

altowriestwispy.com

tls

msedge.exe

1.8kB
6.4kB
9
11
23.109.170.2:443

keydawnawe.com

tls

msedge.exe

1.8kB
6.4kB
9
11
104.26.3.107:443

https://imp9.bidgear.com/rec?t=1&z=6192&uuid=3d9e679de16a4aaa9be2d14eb7fe3839&p=36&g=GB&token=4a44335432&tbg=1708556172

tls, http2

msedge.exe

2.2kB
5.6kB
16
17

HTTP Request

GET https://platform.bidgear.com/ads.php?domainid=5593&sizeid=12&zoneid=6192

HTTP Response

200

HTTP Request

GET https://imp9.bidgear.com/rec?t=1&z=6192&uuid=3d9e679de16a4aaa9be2d14eb7fe3839&p=36&g=GB&token=4a44335432&tbg=1708556172

HTTP Response

200
78.46.32.91:443

https://ad.a-ads.com/1811811?size=300x250

tls, http2

msedge.exe

1.9kB
11.5kB
16
20

HTTP Request

GET https://ad.a-ads.com/1811811?size=300x250

HTTP Response

200
172.240.108.92:443

prestigiousdauntdistressed.com

tls

msedge.exe

1.8kB
5.8kB
12
13
104.16.159.17:443

https://engine.4dsply.com/verify?sig=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q

tls, http2

msedge.exe

4.3kB
55.6kB
53
60

HTTP Request

GET https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2

HTTP Response

200

HTTP Request

GET https://engine.4dsply.com/Tag.vrfy?time=0&id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=74690&ver=async&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=601&res=1280x720&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&bp=%7B%7D

HTTP Request

GET https://engine.4dsply.com/verify?sig=BAYAZdZ_jgFl1n-OgAGBAcAAILgHKz8S0tsNeJdmNN5H1K7VPfrb6ym1JtCGVOhOMNukwQAg64vyuIGT3iOmaTMK0wAKza1IsmjxTuHPGPH8VbjHV1Q

HTTP Response

200

HTTP Response

200
172.67.138.13:443

https://adxbid.info/megaupnetdynamic.js

tls, http2

msedge.exe

9.6kB
207.0kB
158
160

HTTP Request

GET https://adxbid.info/megaupnetdynamic.js

HTTP Response

200
172.66.40.43:443

https://dotsply.com/pixel/fetch

tls, http2

msedge.exe

1.8kB
6.3kB
13
14

HTTP Request

GET https://dotsply.com/pixel/fetch

HTTP Response

200
104.17.166.186:443

https://c.adsco.re/

tls, http2

msedge.exe

4.2kB
93.6kB
64
91

HTTP Request

GET https://c.adsco.re/

HTTP Response

200

HTTP Request

GET https://c.adsco.re/

HTTP Response

200

HTTP Request

GET https://c.adsco.re/

HTTP Response

200
162.252.214.5:443

adsco.re

tls

msedge.exe

1.3kB
3.9kB
9
8
162.252.214.5:443

4.adsco.re

tls

msedge.exe

2.7kB
5.1kB
14
12
104.17.167.186:443

https://6.adsco.re/

tls, http2

msedge.exe

1.8kB
6.0kB
14
14

HTTP Request

GET https://6.adsco.re/

HTTP Response

200

HTTP Request

GET https://6.adsco.re/

HTTP Response

200
162.252.214.5:2087

4.adsco.re

tls

msedge.exe

1.9kB
4.5kB
11
11
104.17.167.186:2087

https://6.adsco.re:2087/

tls, http2

msedge.exe

1.6kB
5.8kB
12
12

HTTP Request

GET https://6.adsco.re:2087/

HTTP Response

200
162.252.214.5:443

adsco.re

tls

msedge.exe

4.4kB
4.8kB
13
11
185.200.118.51:443

qkrsvcuaztzl.l4.adsco.re

tls

msedge.exe

1.7kB
3.8kB
12
11
38.132.109.115:443

qkrsvcuaztzl.n4.adsco.re

tls

msedge.exe

1.7kB
3.8kB
12
11
185.200.116.51:443

qkrsvcuaztzl.s4.adsco.re

tls

msedge.exe

1.7kB
3.8kB
12
11
18.165.201.65:443

https://tags.crwdcntrl.net/c/4575/cc_af.js

tls, http2

msedge.exe

2.1kB
21.3kB
23
24

HTTP Request

GET https://tags.crwdcntrl.net/c/4575/cc_af.js

HTTP Response

200
99.80.32.224:443

ad.crwdcntrl.net

tls

msedge.exe

1.9kB
6.9kB
15
18
99.81.54.149:443

bcp.crwdcntrl.net

tls

msedge.exe

2.3kB
7.4kB
21
23
145.239.65.72:443

https://f2.megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar?download_token=2e50d59ef47db6923ab3a90f2ea25ba18469a432335f71003e7276eac25a9016

tls, http2

msedge.exe

20.8MB
595.9MB
351507
428787

HTTP Request

GET https://f2.megaup.net/5uer/Command.and.Conquer.Renegade.v1.037.rar?download_token=2e50d59ef47db6923ab3a90f2ea25ba18469a432335f71003e7276eac25a9016

HTTP Response

200
178.250.1.11:443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1

tls, http2

msedge.exe

1.9kB
5.3kB
13
13

HTTP Request

OPTIONS https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.megaup.net%2F&domain=download.megaup.net&cw=1&lsw=1

HTTP Response

200
185.106.140.19:443

https://s333.adxpremium.services/graphql

tls, http

msedge.exe

3.2kB
8.2kB
14
16

HTTP Request

OPTIONS https://s333.adxpremium.services/graphql

HTTP Response

200

HTTP Request

POST https://s333.adxpremium.services/graphql

HTTP Response

200
2.18.66.162:443

www.bing.com

tls

4.2kB
47.8kB
49
43
20.189.173.9:443

browser.pipe.aria.microsoft.com

tls

3.3kB
7.8kB
21
14
104.16.158.17:443

https://engine.4dsply.com/Redirect.eng?MediaSegmentId=67932&dcid=1_ctx_e3c32b21-e2e7-476e-8beb-cdd88dedec38&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=0&dst=False&v=J-UdGRUfUY_bqtSyQoLO6Nxxy-jNB8bt_WbwHDDxhSWCdQXrcRS2XcpjTJW_2-Q2KI3J-vSH-y6gC7mWFuxO1DdzZKWVaACnIiiOWnJudaTYLvpssd8YmMsmVOMF8SyhMhlzfA2V8uXeTyvrm6QF-K-Awr7yBkxChyqLEuVaxl5GQgC21XcTI3hHsaeOU5jnetXp3XFmbtKiPxVEixmjD2kw5OWQ3u_ZT-k9fFSwf-qbYJ4ByzVWnhg8XiWdElBMpRxJeB_URkdhrF2PjcJHCI5IihYL_XygmLh_dwv5FieQ441US7RWNdDvoruJKozQuQFlwkZuxPTkP1-tBSSLsClxcL4bwjZ7WXMIFn_zYPf1MP2oScgbCXtx0SMqVb9wvxzRv4MDZyvx2sKHib1ZHAlWnjs8S2N0qNDDGpVnum7VuU-9ea29ccZ1sHe_sdGl2wh51rmODeKHzDCPY6Hw_gr2MmjM8vXPqNNnF2L4dMwHnfGe5i8WXvUZ8CocSvM3G_vqD6VCsA-P6hc7WlIgow_hsbki_rxuhU4uHTV74ecGCZClI8K0fjdiIPJdtX5NHmE0lUtJF4P6RLg-bzYJ9utOARnebBYt_OY2T8RKC5g_3PE6ur-kh_Mk8GDbw0ZDhq6mJjXQCXsh5fG5_WnKr8hBu81Vqqnsror5nAxyRnnJo_Qc1A38V1LsfXclQw5b7c3iXkZJRqnxWIZvHZhY0y_jRfDG7p65jB5UBlyr4TaK-pVAvtxZGCqfKUd78sX_WF_hb01cQ-f2Bf2M0nWcRjw8IbPEYUwHLrd1HaD0mCXG2GHQaDq9ya8QX0A7cxQeDNUnbK2tRuJcpTNufjeAPdtISSItMw7TDS2bt_GyKpZr2I9_KxrllfvJTy4KEAvGkmRQaxmBvC13vYy3cFYNnvbKP-3OfOgcSL5Ij9qv8Hh3dhZJRJGC5wTx1tvjqDFO_AgyS54n2fDb4wCYnhRZ5vGqkB5cI-z6SEzCM993uLLFp5dGOOBFZgxcyU3V_U5eX4Rv-7CXXUk4b4uFyJl4_6_H5Ut9CrS8Ms2EefN3VU0JVFikSIXQ5r6myCSh2sh6oR7J4bvksspWptDVyDYeZDxa-kosVVfor6wdgC9MhgV_rN1RcZaMrqATZzlpmbbIV_OsFiOd4yOmWENyHbfb0q0hKZ9CkJbwtljsL2THxnq0bu9-UWqsK5DBCx3pbzj0Vq6fdPS52XrhZQGU2at6K11VODA7Czmx2phufmPXtrUP_htnQvuzOrypRbHXXLNlFqUPWcI-dAvGQfAqkco0dA2&kw=&mw=1024&mh=768&res=1280x720&spt=0&kw=

tls, http2

msedge.exe

4.1kB
11.7kB
16
19

HTTP Request

GET https://engine.4dsply.com/fp.engine?id=86ddec5c-b957-455f-87da-f034ba331fa2&rand=undefined&ver=async&time=0&referrerUrl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB%26__cf_chl_tk%3DDHN4jL.rVSmrpRHPTIm3DE2y_rGpMBlQtmZ4KWMjtUY-1708556167-0.0-4135&subId=&tid=&abr=false&stdTime=0&res=1280x720&fpe=1&curl=https%3A%2F%2Fdownload.megaup.net%2F%3Fidurl%3D0lixLaV5L89JKamcHXUbet1D6Y2jIsX7CSn8x4sYuXaP2fBDbZKtqh8EqUB%2FX4yGyjsLkF64BRBTMOnyoZ3OCA85a3Dm5FeadRvcupKkONM%3D%26idfilename%3DCommand.and.Conquer.Renegade%2520.v1.037.rar%26idfilesize%3D545.72%2520MB&kw=&spt=0

HTTP Response

302

HTTP Request

GET https://engine.4dsply.com/Redirect.eng?MediaSegmentId=67932&dcid=1_ctx_e3c32b21-e2e7-476e-8beb-cdd88dedec38&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=0&dst=False&v=J-UdGRUfUY_bqtSyQoLO6Nxxy-jNB8bt_WbwHDDxhSWCdQXrcRS2XcpjTJW_2-Q2KI3J-vSH-y6gC7mWFuxO1DdzZKWVaACnIiiOWnJudaTYLvpssd8YmMsmVOMF8SyhMhlzfA2V8uXeTyvrm6QF-K-Awr7yBkxChyqLEuVaxl5GQgC21XcTI3hHsaeOU5jnetXp3XFmbtKiPxVEixmjD2kw5OWQ3u_ZT-k9fFSwf-qbYJ4ByzVWnhg8XiWdElBMpRxJeB_URkdhrF2PjcJHCI5IihYL_XygmLh_dwv5FieQ441US7RWNdDvoruJKozQuQFlwkZuxPTkP1-tBSSLsClxcL4bwjZ7WXMIFn_zYPf1MP2oScgbCXtx0SMqVb9wvxzRv4MDZyvx2sKHib1ZHAlWnjs8S2N0qNDDGpVnum7VuU-9ea29ccZ1sHe_sdGl2wh51rmODeKHzDCPY6Hw_gr2MmjM8vXPqNNnF2L4dMwHnfGe5i8WXvUZ8CocSvM3G_vqD6VCsA-P6hc7WlIgow_hsbki_rxuhU4uHTV74ecGCZClI8K0fjdiIPJdtX5NHmE0lUtJF4P6RLg-bzYJ9utOARnebBYt_OY2T8RKC5g_3PE6ur-kh_Mk8GDbw0ZDhq6mJjXQCXsh5fG5_WnKr8hBu81Vqqnsror5nAxyRnnJo_Qc1A38V1LsfXclQw5b7c3iXkZJRqnxWIZvHZhY0y_jRfDG7p65jB5UBlyr4TaK-pVAvtxZGCqfKUd78sX_WF_hb01cQ-f2Bf2M0nWcRjw8IbPEYUwHLrd1HaD0mCXG2GHQaDq9ya8QX0A7cxQeDNUnbK2tRuJcpTNufjeAPdtISSItMw7TDS2bt_GyKpZr2I9_KxrllfvJTy4KEAvGkmRQaxmBvC13vYy3cFYNnvbKP-3OfOgcSL5Ij9qv8Hh3dhZJRJGC5wTx1tvjqDFO_AgyS54n2fDb4wCYnhRZ5vGqkB5cI-z6SEzCM993uLLFp5dGOOBFZgxcyU3V_U5eX4Rv-7CXXUk4b4uFyJl4_6_H5Ut9CrS8Ms2EefN3VU0JVFikSIXQ5r6myCSh2sh6oR7J4bvksspWptDVyDYeZDxa-kosVVfor6wdgC9MhgV_rN1RcZaMrqATZzlpmbbIV_OsFiOd4yOmWENyHbfb0q0hKZ9CkJbwtljsL2THxnq0bu9-UWqsK5DBCx3pbzj0Vq6fdPS52XrhZQGU2at6K11VODA7Czmx2phufmPXtrUP_htnQvuzOrypRbHXXLNlFqUPWcI-dAvGQfAqkco0dA2&kw=&mw=1024&mh=768&res=1280x720&spt=0&kw=

HTTP Response

200
104.16.158.17:443

engine.4dsply.com

tls, http2

msedge.exe

897 B
2.9kB
7
6
104.21.96.72:443

https://www.ovardu.com/cmp/3LJWDLH/HN7SG7/?sub1=22494&sub2=85a93495-e7b5-4a1f-bf03-1f95a4e7d9e3

tls, http2

msedge.exe

1.8kB
6.4kB
12
13

HTTP Request

GET https://www.ovardu.com/cmp/3LJWDLH/HN7SG7/?sub1=22494&sub2=85a93495-e7b5-4a1f-bf03-1f95a4e7d9e3

HTTP Response

302
104.21.96.72:443

www.ovardu.com

tls

msedge.exe

943 B
4.5kB
8
7
172.67.14.1:443

https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

tls, http2

msedge.exe

2.3kB
8.9kB
17
19

HTTP Request

GET https://enlisted.net/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

HTTP Response

302

HTTP Request

GET https://enlisted.net/en/play4free?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

HTTP Response

301

HTTP Request

GET https://enlisted.net/en/play4free/?r=pwncpp_2954_22494&transaction_id=e5ba1eebf403418597460ef586da5f01

HTTP Response

200
93.123.11.62:443

https://static.enlisted.net/i/lp/back.mp4

tls, http2

msedge.exe

331.0kB
8.0MB
5029
5805

HTTP Request

GET https://static.enlisted.net/modern-3/en/landings/play4free.styles.css?v=bcc4f6d

HTTP Request

GET https://static.enlisted.net/modern-3/en/vendor.js?v=bcc4f6d

HTTP Request

GET https://static.enlisted.net/modern-3/en/landings/play4free.js?v=bcc4f6d

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/5d1177153fa575e9b2ee4ead86215beb.png

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/f5fa49519b7862bed6197f6ecf054110.png

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/b946878de9a2efe9459be6e75febaca2.png

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/e6a791244e5cce4ec7099eb90b7b577b.png

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/footer-incubator-logo.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/footer-darkflow-logo.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/sysreqs.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/rate-age.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/rate-esrb.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/rate-usk.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/fonts/rate-pegi.svg

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/aa49df6140e6686b245b0aadd5abc695.jpg

HTTP Request

GET https://static.enlisted.net/modern-3/en/images/46691d86af35e0251bd1ffa4e173f40e.png

HTTP Request

GET https://static.enlisted.net/i/lp/back.mp4

HTTP Request

GET https://static.enlisted.net/i/lp/back.mp4
93.123.11.62:443

static.enlisted.net

tls, http2

msedge.exe

1.1kB
5.2kB
11
10
93.123.11.62:443

static.enlisted.net

tls, http2

msedge.exe

1.1kB
5.2kB
10
9
63.35.126.133:8383

uep.gaijin.net

tls

msedge.exe

3.6kB
6.2kB
12
12
204.79.197.200:443

https://bat.bing.com/bat.js

tls, http2

msedge.exe

2.7kB
22.7kB
24
29

HTTP Request

GET https://bat.bing.com/bat.js

HTTP Response

200
87.250.251.119:443

https://mc.yandex.ru/metrika/tag.js

tls, http2

msedge.exe

3.0kB
79.9kB
40
72

HTTP Request

GET https://mc.yandex.ru/metrika/tag.js
143.244.38.136:443

https://consent.cookiefirst.com/banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true

tls, http2

msedge.exe

2.6kB
34.9kB
30
36

HTTP Request

GET https://consent.cookiefirst.com/banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true

HTTP Response

200
87.248.114.11:443

https://s.yimg.com/wi/ytc.js

tls, http2

msedge.exe

1.9kB
13.5kB
17
17

HTTP Request

GET https://s.yimg.com/wi/ytc.js
142.250.179.130:443

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1519026399.1708556242&url=https%3A%2F%2Fenlisted.net%2Fen%2Fplay4free%2F&dma=0&npa=0&gtm=45He42h0n81TFJVH5Fv79387493za200&auid=1659123785.1708556242

tls, http2

msedge.exe

1.9kB
6.5kB
13
15

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5&rnd=1519026399.1708556242&url=https%3A%2F%2Fenlisted.net%2Fen%2Fplay4free%2F&dma=0&npa=0&gtm=45He42h0n81TFJVH5Fv79387493za200&auid=1659123785.1708556242

8.8.8.8:53

igg-games.cc

dns

msedge.exe

1.6kB
3.4kB
25
25

DNS Request

igg-games.cc

DNS Response

104.21.13.152

172.67.132.231

DNS Request

login.live.com

DNS Response

20.190.159.68

20.190.159.71

40.126.31.69

20.190.159.73

20.190.159.64

20.190.159.4

40.126.31.73

20.190.159.2

DNS Request

apps.identrust.com

DNS Response

96.17.179.184

96.17.179.205

DNS Request

pennilesscomingall.com

DNS Response

192.243.61.225

172.240.253.132

172.240.108.76

172.240.108.68

172.240.108.84

172.240.108.92

DNS Request

disqus.com

DNS Response

151.101.0.134

151.101.192.134

151.101.128.134

151.101.64.134

DNS Request

68.159.190.20.in-addr.arpa

DNS Request

x.ss2.us

DNS Response

99.84.9.46

99.84.9.123

99.84.9.79

99.84.9.125

DNS Request

www.google-analytics.com

DNS Response

142.250.178.14

DNS Request

secure.globalsign.com

DNS Response

104.18.21.226

104.18.20.226

DNS Request

40.36.251.142.in-addr.arpa

DNS Request

sandtheircle.com

DNS Response

18.165.201.14

18.165.201.3

18.165.201.37

18.165.201.103

DNS Request

d2qf34ln5axea0.cloudfront.net

DNS Response

18.165.196.180

18.165.196.177

18.165.196.85

18.165.196.70

DNS Request

203.220.67.172.in-addr.arpa

DNS Request

img1.wsimg.com

DNS Response

184.28.198.211

184.28.198.177

DNS Request

www.adsensecustomsearchads.com

DNS Response

142.250.179.206

DNS Request

challenges.cloudflare.com

DNS Response

104.17.2.184

104.17.3.184

DNS Request

ad.a-ads.com

DNS Response

78.46.32.91

DNS Request

4.adsco.re

DNS Response

162.252.214.5

DNS Request

186.166.17.104.in-addr.arpa

DNS Request

engine.4dsply.com

DNS Response

104.16.158.17

104.16.159.17

DNS Request

186.109.132.38.in-addr.arpa

DNS Request

180.178.17.96.in-addr.arpa

DNS Request

ocsp.digicert.com

DNS Response

192.229.221.95

DNS Request

static.enlisted.net

DNS Response

93.123.11.62

DNS Request

s.yimg.com

DNS Response

87.248.114.11

87.248.114.12
8.8.8.8:53

225.16.217.172.in-addr.arpa

dns

1.4kB
2.8kB
20
20

DNS Request

225.16.217.172.in-addr.arpa

DNS Request

134.0.101.151.in-addr.arpa

DNS Request

referrer.disqus.com

DNS Response

199.232.192.134

199.232.196.134

DNS Request

links.services.disqus.com

DNS Response

199.232.192.64

199.232.196.64

DNS Request

35.36.251.142.in-addr.arpa

DNS Request

megaup.net

DNS Response

91.209.70.182

DNS Request

www.facebook.com

DNS Response

157.240.221.35

DNS Request

100.140.244.18.in-addr.arpa

DNS Request

webpick-cdn.s3.amazonaws.com

DNS Response

52.92.128.33

52.92.206.225

52.92.186.57

52.218.133.97

52.92.240.113

52.92.164.193

52.92.180.89

52.218.178.131

DNS Request

211.198.28.184.in-addr.arpa

DNS Request

partner.googleadservices.com

DNS Response

142.251.36.2

DNS Request

challenges.cloudflare.com

DNS Response

104.17.3.184

104.17.2.184

DNS Request

prestigiousdauntdistressed.com

DNS Response

172.240.108.92

192.243.59.13

192.243.61.225

192.243.59.20

172.240.108.84

192.243.61.227

172.240.108.76

192.243.59.12

DNS Request

107.3.26.104.in-addr.arpa

DNS Request

qkrsvcuaztzl.s4.adsco.re

DNS Response

185.200.116.51

DNS Request

51.116.200.185.in-addr.arpa

DNS Request

ctldl.windowsupdate.com

DNS Response

96.17.178.180

96.17.178.194

96.17.178.209

DNS Request

fp.msedge.net

DNS Response

204.79.197.222

DNS Request

1.14.67.172.in-addr.arpa

DNS Request

consent.cookiefirst.com

DNS Response

143.244.38.136
8.8.8.8:53

134.192.232.199.in-addr.arpa

dns

1.3kB
2.2kB
20
20

DNS Request

134.192.232.199.in-addr.arpa

DNS Request

46.9.84.99.in-addr.arpa

DNS Request

fonts.gstatic.com

DNS Response

142.251.36.35

DNS Request

14.178.250.142.in-addr.arpa

DNS Request

226.21.18.104.in-addr.arpa

DNS Request

pogothere.xyz

DNS Response

172.67.220.203

104.21.24.208

DNS Request

parrecleftne.xyz

DNS Response

72.52.178.23

DNS Request

84.127.177.108.in-addr.arpa

DNS Request

www.google.com

DNS Response

142.250.179.196

DNS Request

126.150.225.34.in-addr.arpa

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1

DNS Request

platform.bidgear.com

DNS Response

104.26.3.107

172.67.74.36

104.26.2.107

DNS Request

6.adsco.re

DNS Response

104.17.167.186

104.17.166.186

DNS Request

crt.usertrust.com

DNS Response

104.18.38.233

172.64.149.23

DNS Request

186.167.17.104.in-addr.arpa

DNS Request

90.118.200.185.in-addr.arpa

DNS Request

19.140.106.185.in-addr.arpa

DNS Request

enlisted.net

DNS Response

172.67.14.1

104.22.42.210

104.22.43.210

DNS Request

www.google.com

DNS Response

142.250.179.196

DNS Request

119.251.250.87.in-addr.arpa
8.8.8.8:53

225.61.243.192.in-addr.arpa

dns

1.3kB
2.4kB
20
20

DNS Request

225.61.243.192.in-addr.arpa

DNS Request

disqus.com

DNS Response

151.101.128.134

151.101.64.134

151.101.192.134

151.101.0.134

DNS Request

cdn.viglink.com

DNS Response

18.164.68.5

18.164.68.102

18.164.68.16

18.164.68.65

DNS Request

42.36.251.142.in-addr.arpa

DNS Request

ajax.googleapis.com

DNS Response

216.58.208.106

DNS Request

ghabovethec.info

DNS Response

18.244.140.100

18.244.140.102

18.244.140.79

18.244.140.110

DNS Request

theharityhild.buzz

DNS Response

34.195.224.242

54.225.185.110

DNS Request

241.132.67.172.in-addr.arpa

DNS Request

33.128.92.52.in-addr.arpa

DNS Request

api.aws.parking.godaddy.com

DNS Response

34.225.150.126

18.210.111.172

DNS Request

download.megaup.net

DNS Response

172.67.192.50

104.21.57.204

DNS Request

altowriestwispy.com

DNS Response

23.109.170.2

DNS Request

c.adsco.re

DNS Response

104.17.166.186

104.17.167.186

DNS Request

92.108.240.172.in-addr.arpa

DNS Request

233.38.18.104.in-addr.arpa

DNS Request

90.116.200.185.in-addr.arpa

DNS Request

s333.adxpremium.services

DNS Response

185.106.140.19

172.255.100.116

DNS Request

www.ovardu.com

DNS Response

104.21.96.72

172.67.174.4

DNS Request

133.126.35.63.in-addr.arpa

DNS Request

136.38.244.143.in-addr.arpa
8.8.8.8:53

64.192.232.199.in-addr.arpa

dns

1.1kB
2.1kB
16
16

DNS Request

64.192.232.199.in-addr.arpa

DNS Request

182.70.209.91.in-addr.arpa

DNS Request

accounts.google.com

DNS Response

108.177.127.84

DNS Request

14.201.165.18.in-addr.arpa

DNS Request

asdasdad.net

DNS Response

96.126.123.244

45.33.23.183

45.33.20.235

72.14.185.43

45.79.19.196

173.255.194.134

45.33.2.79

45.56.79.23

45.33.30.197

72.14.178.174

45.33.18.44

198.58.118.167

DNS Request

www.adsensecustomsearchads.com

DNS Response

142.250.179.206

DNS Request

3.214.58.216.in-addr.arpa

DNS Request

184.2.17.104.in-addr.arpa

DNS Request

cdn.engine.4dsply.com

DNS Response

104.16.159.17

104.16.158.17

DNS Request

2.170.109.23.in-addr.arpa

DNS Request

tags.crwdcntrl.net

DNS Response

18.165.201.65

18.165.201.18

18.165.201.38

18.165.201.12

DNS Request

65.201.165.18.in-addr.arpa

DNS Request

11.1.250.178.in-addr.arpa

DNS Request

95.221.229.192.in-addr.arpa

DNS Request

uep.gaijin.net

DNS Response

63.35.126.133

DNS Request

200.197.79.204.in-addr.arpa
224.0.0.251:5353

msedge.exe

1.5kB
14
108.177.127.84:443

accounts.google.com

https

msedge.exe

3.9kB
13.0kB
22
25
8.8.8.8:53

242.224.195.34.in-addr.arpa

dns

938 B
1.8kB
14
14

DNS Request

242.224.195.34.in-addr.arpa

DNS Request

196.179.250.142.in-addr.arpa

DNS Request

www.google.com

DNS Response

142.250.179.196

DNS Request

50.192.67.172.in-addr.arpa

DNS Request

dotsply.com

DNS Response

172.66.40.43

172.66.43.213

DNS Request

13.138.67.172.in-addr.arpa

DNS Request

c.adsco.re

DNS Response

104.17.167.186

104.17.166.186

DNS Request

bcp.crwdcntrl.net

DNS Response

99.81.54.149

52.212.53.200

54.155.211.205

54.77.245.72

52.213.118.200

108.128.158.24

34.246.36.174

63.35.74.224

DNS Request

149.54.81.99.in-addr.arpa

DNS Request

f2.megaup.net

DNS Response

145.239.65.72

DNS Request

browser.pipe.aria.microsoft.com

DNS Response

20.189.173.9

DNS Request

17.158.16.104.in-addr.arpa

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200

DNS Request

130.179.250.142.in-addr.arpa
8.8.8.8:53

36.34.239.216.in-addr.arpa

dns

825 B
1.4kB
12
12

DNS Request

36.34.239.216.in-addr.arpa

DNS Request

145.243.33.3.in-addr.arpa

DNS Request

www.gstatic.com

DNS Response

216.58.214.3

DNS Request

14.227.111.52.in-addr.arpa

DNS Request

imp9.bidgear.com

DNS Response

172.67.74.36

104.26.3.107

104.26.2.107

DNS Request

17.159.16.104.in-addr.arpa

DNS Request

qkrsvcuaztzl.n4.adsco.re

DNS Response

38.132.109.115

DNS Request

51.118.200.185.in-addr.arpa

DNS Request

72.65.239.145.in-addr.arpa

DNS Request

9.173.189.20.in-addr.arpa

DNS Request

72.96.21.104.in-addr.arpa

DNS Request

mc.yandex.ru

DNS Response

87.250.251.119

87.250.250.119

77.88.21.119

93.158.134.119
8.8.8.8:53

180.196.165.18.in-addr.arpa

dns

875 B
1.5kB
13
13

DNS Request

180.196.165.18.in-addr.arpa

DNS Request

244.123.126.96.in-addr.arpa

DNS Request

2.36.251.142.in-addr.arpa

DNS Request

1.80.190.35.in-addr.arpa

DNS Request

adxbid.info

DNS Response

172.67.138.13

104.21.48.215

DNS Request

91.32.46.78.in-addr.arpa

DNS Request

qkrsvcuaztzl.l4.adsco.re

DNS Response

185.200.118.51

DNS Request

ad.crwdcntrl.net

DNS Response

99.80.32.224

54.155.211.205

52.212.53.200

34.246.36.174

99.81.54.149

63.35.74.224

108.128.158.24

52.211.215.251

DNS Request

224.32.80.99.in-addr.arpa

DNS Request

id.crwdcntrl.net

DNS Response

54.155.211.205

63.35.74.224

52.213.118.200

99.81.54.149

52.211.215.251

108.128.158.24

34.246.36.174

52.212.53.200

DNS Request

engine.4dsply.com

DNS Response

104.16.158.17

104.16.159.17

DNS Request

uep.gaijin.net

DNS Response

63.35.126.133

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.179.130
142.250.179.196:443

www.google.com

https

msedge.exe

7.3kB
23.8kB
20
26
142.250.179.196:443

www.google.com

https

msedge.exe

8.0kB
39.2kB
25
40
142.250.179.206:443

www.adsensecustomsearchads.com

https

msedge.exe

5.0kB
12.4kB
12
15
216.239.34.36:443

region1.google-analytics.com

https

msedge.exe

4.0kB
6.5kB
8
10
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

2.8kB
5.2kB
7
9
38.132.109.186:3478

msedge.exe

432 B
9
185.200.116.90:3478

msedge.exe

432 B
9
185.200.118.90:3478

msedge.exe

432 B
9
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

4.4kB
2.5kB
10
9
142.250.179.196:443

www.google.com

https

msedge.exe

2.5kB
3.0kB
9
9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c65e704fc47bc3d9d2c45a244bb74d76

SHA1
3e7917feebea866e0909e089e0b976b4a0947a6e

SHA256
2e5d6a5eeb72575f974d5fa3cdff7ad4d87a361399ffdd4b03f93cdbdec3a110

SHA512
36c3be0e5fbc23c5c0ad2e14cfb1cf7913bea9a5aeb83f9f6fcf5dbc52a94d8ccb370cef723b0cda82b5fba1941b6a9ff57f77ff0076a2c5cf4250711e3dd909

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c3ea95e17becd26086dd59ba83b8e84

SHA1
7943b2a84dcf26240afc77459ffaaf269bfef29f

SHA256
a241c88bb86182b5998d9818e6e054d29b201b53f4f1a6b9b2ee8ba22dd238dc

SHA512
64c905e923298528783dc64450c96390dc5edbda51f553c04d88ee944b0c660b05392dc0c823d7fb47f604b04061390b285f982dfcc767c8168ccb00d7e94e21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
33KB

MD5
fd2b58574f9637ba7ef639267349d848

SHA1
6eda5ea93f549ceb5693f6f1c038893fa56a510d

SHA256
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

SHA512
9de7eb0ddaea236cbf912f4b87fa94c424cdea041e756200926c7e28bac860f69e0d9104a790678d1858cdd7101b25d1e25164a89f81a758f35bada3765c6893

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
38KB

MD5
f208b7dd4c3e234e0f854f804d6b364e

SHA1
921b82204cb51d7c012838fc324fa9b0a9a0fe12

SHA256
ce5b45bea1fccf89400bd0c0961d19381ee84e4bd40a9eafe2aec1f5fc88b561

SHA512
110826b703d276d1972d7e55110752f321730445e38036fea320488e0817549a8f720c43c8e5040b4d55c2e3a179fcda9509d90a60829c3f304424fdab424562

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
26KB

MD5
191cd87d59bcfbb734fca7bb92bbc245

SHA1
30514c4b000361fe9319ebbb84d5cf93b9b0a82f

SHA256
cf07e157a37761abad2d2ccf9385f5023fca4dad5a3594c6832274a1b5823c9b

SHA512
a72b2bfe8e6ba1fb307f4d89c1a38070261d315d36f12726c22b77fa90171fb28d6f62b112dcaad521aa09e89990ff810c363fa79e2e75b48329ddded879dc4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\66bcdb61a33350de_0

Filesize
272B

MD5
731a0255745fdcd840cf63c1e38d7831

SHA1
e8850b3817aeefdd86f4097c13e02460b21311af

SHA256
aab667c2c02f832f158ae45c353d925418dc5df844460757a1ab19265d564689

SHA512
28facce9a6b1b838a0d0d53888f3f5adcbba769073f7d25258d1024619b4262e1223a168684a1e9c5f37b7304fd855c2831e8419fd1a73b448b46651dec82ff3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\78999619c12baa63_0

Filesize
96KB

MD5
51b6ddcabe891eacef559325302570d3

SHA1
871bb9ea85ec8dc96a78d36843c87b06258235ed

SHA256
0cce24490a839bf3918ee33792a0badc25c6fb682b574fb5c4ffd48c8929038a

SHA512
ce2accc81e173178a76e4584216a504b78a446dc9bafd3d459dcdb6187afef0f3585f42d7f86176482122d07ea3fd364cd6651fa6a196c0fc6bf1e32320ed413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
4469b40538c1a8dfabb3020ae7ece386

SHA1
180026486ca04d310c1bd033ddbf27f6988dc3d9

SHA256
7ff873e6d6539f8f17ef2635d798a82cb92d81b7d0984edc33c27181116ca037

SHA512
c7ff4a3d35b52e3151cf0033db7e6c010eec9c66dd6b4b3f30b1212ba1f80f9bb78c07a1d773d2d2378b629c09fb17fc4c9d878ae5b9d8d11db1aac16b081605

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2627d82889fc29475b90554e1d0b4523

SHA1
a855b5a904c58e244ea36c35d3d608ec99b672ef

SHA256
3b235a6040f90d94bcf031b20b127b456da6dd3060168e46dcc5977dc03f4d2a

SHA512
404c4bfebf2b0079e6b5a3e253395de011d7227052b1fc2eee87e72cba01eda8abfcbef4b9938199e5d2d97e85166530b0475414011be2b02b395ec2c244b06f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c87ba641b80cc41d24914ef9cd561676

SHA1
32913203a53d47a9eb085f85c66615ad37dc9cbb

SHA256
8f537d237df3a7a68dab17473c2a3d3c603c33ef44f44c87ca3ca89d3f4140bd

SHA512
751cb669fb4427d73d30348f63abb3919ff0c5c249952265d056f1393c6ea00583fc0dc55bac977c03af338b25c4dd2f59d4bf2cd5d6eb16227cee4704d2bee5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
d490e925afa9d4c4245d41d76ccd948c

SHA1
66bc6717786f249b102f79ed1c680f7016f7fd43

SHA256
f7f39d271abb2853353663f42c82d3a22516f56da0a05c5e978c5973943d415b

SHA512
3faf9458164c37fe29b9de0d43cbceb2d37f836ad579f46bfc2ee11d5ead960af2574c5142979f43baf1d12ad69445112a4a9810d0bf72748221794f5bd76545

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
987247260e015830a88e913c0a2006f6

SHA1
f842f040f71702d73da4cc4470b6cddd0214c062

SHA256
4faf3f4c015906b75162270b9ed540c110255cff33203a81eac17242ea9fea56

SHA512
86dde8e3de8be2bc1a5142cd96c31f30b99124c34e35e19adc829c184fc27cdc359ca65b3b0ee13b9392d7004bd59ad5988ff0a124d9e9d264e95ecd43a1fae9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4ff57e7148814996c75e5c70b88243f8

SHA1
14cada2a7623021e9d28781def2d26b1e9d3d138

SHA256
fbc6535afdfa87ec5d2a5977b931e88186263c479495eab2029b0a771a775dae

SHA512
058cd8113d15ab897d9f9818a74fa4ad11123c0fde2c586e3050f67c683b937b0b27c6d6a661948f0f302f000022f84261d0ae870c29c400bba7619bd0f28c5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
91ee4fdc92249f980443b53454272ef8

SHA1
0e5e0a03fab9c8624791cd5a2c43f1904ef63ce2

SHA256
6701c59c86af1ddf9c66f5fed8a764bd746f252b5dedadf5c5274b7ca8402345

SHA512
9f52134eb5391a8509fe564e5fdbe9b8829ac0953df767e7c94da94ff473aeb718d5357699f2f144b8dbdf1fe728ecc498c46ce2c863a4a7e0bfe63affedf684

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5adf48f411fe655640377c3a298ae27a

SHA1
f1f38b8be1e41542a02cd839e9d9ee23ecb11833

SHA256
e806dc1aa43bdb1110366bb6e480390d8670278a58ce0d83f0d7dd91a16c5db9

SHA512
fac0373b3555e467142e5c1c4fe08ddeb5057fab7bd91279ec2c273f113868c8277c2d6d3c47ed9ea6e090996b5dbd22048a3c52069aa4cc66c5bf70798b5adb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
fc39f9f15d320ca6764f1d19e8ce114f

SHA1
041405b46ba0ddf8d7cf568084642a580d184f9f

SHA256
519230ff253bbf01f5cf5f760684629e3f2733ba4f3f3a9db7711a8f380fa96e

SHA512
813839ac304fdefb6c1f861e9ebe7e72a499b8f9f12ea5b351ec9d420ec78ae76060e4e8683ddd099ea0175ee4e1dadfb1af635c9cfd031b28818d352a6d3e74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
bfd6fdb3dbf7c4fcd33af40ac674fe52

SHA1
00b2f50d1ad2c875d473c163f6e7d9e0aa9a4f51

SHA256
50a7108f2b084c14364dc25bdb1c0cb4c30d5b733500e336221a4f1ce6e96f1e

SHA512
e59ad96f94f48a50c529b57492394069c83d38c49707cbb3d8b914dd0f84e2cde9f3489248e97b5517b69dad824a417d43731a70458b87920a4125e5b0158f01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
27c2c1521cd6c414c2e48713b473486e

SHA1
674f350a2539ec054845c8fc7dd34ff90dce79b4

SHA256
def19af5809d7aad4a98577bfb80da5b77ce40dc3675159575d2a1b5c668736e

SHA512
6e06ce25d849875754041f6a8bf986e070b90afc9cfb451d9eec55313038ecdbec383b6b4c3c0e28411c52cf91fa2a6993cdcf2474ef6f055c8ef452fa2aee20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
31fbbc230f97d37d30fed1be32575483

SHA1
97713cb48949e089ff72cf37a5d64d249765b741

SHA256
47cce92c67edd79985045ea9e70dd8d0b2f175d1beae5fa18b039889812a3011

SHA512
5a80ecd324a2d3dd2ec69f4daafeaf194ef2cede6a533cc3485133c2399ab3da93da16cf142fd883dd0d72c0b7c7abcd6c1a37cbfdad83a9a456388a0a804b65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
38ce6f1cfec96600f4d1db6be2227226

SHA1
91845c2584da22d710dacf667db5d3e78604e7ed

SHA256
b75514de348d9c2ee5d692271d2f0e80317d424d3ae69b28695dd1134c968ff7

SHA512
2787b19ec1a6d0a389de4f72cf7a9a8a93a6e88e8c595e3c6c729e366fcc06c05d19dfe2e75f6a70bb0dade0a13f5b4b29cd80fd9a7c8314fd14378bea2d396f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f00d.TMP

Filesize
48B

MD5
c204d3209a4774b1869bc9adfb98d626

SHA1
4087fb3b99745b8ae31a6ff9648b17a98665b4c6

SHA256
aad2072d483b73617eb0937edcdb02666abef25e6a32021c496977637bd2c031

SHA512
50575655366a406b7490e78563884ef47d7559a46dd9f90cc9ec5dd79e19370dee2c8eed37cca5fa98ed3f328f18f230c7924b529b50c37b41f4e7e8e9c5ea3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
abde217064678cc41b4a53c3f881959d

SHA1
b71630557251942ce7ca2d926c0c8f64f8312cd5

SHA256
c75f842564dc2e2e7e60af6f4df9f314c0515b73bdd8f7963132b2649002579b

SHA512
d50de9eeb41c7bb09b168b9e17342ded89e5b2e5d478f0c33520713aab5e1341350f0a43b767f39ec44c8e8bc966cf176781521901ce0011f6416728edf6513c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
bb7eae9b2303c34f6db1133e0ae52c3f

SHA1
bf22eff667ee6def0870a71d792bb92ead43ee6b

SHA256
0c6976d77694ff85cb7633b6c88702620c6146b9d786d6c5a5ecac5cc08b13b0

SHA512
17395b0749693b1d4c8932110ce99fe0cf3f3df2034a913fd7b3a48a0e0dd194d26908298bb1bb828a28388c7842f921cc0d965e33354092ed0d82c117650a3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
6f9d36ea727c41cf394185d6442e1883

SHA1
957bfaf5a24f96c69e63c68e259e5f909f401cd7

SHA256
f8e92a158d633a5fee7d260c5ef745f7831a3145316e77b0594a66bed6401f3c

SHA512
8f9d72f7bb4421d1faa5146a881369427c69e9f3623ec4660c0bc5d355a51285b56fe18861095f1d99c0be7812b5b4a3f8e4e009f930bb1e1f7657b724a8d057

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d2cee8daa55459826387ecb0c303dfba

SHA1
071e44a5d289936c2dd2e516cd71678a6095e120

SHA256
b4140f4e929ef97446da5b4febb9bce191c9d081b42ce1c2265bdd65728e9a46

SHA512
74e416a83f52cd87fe12360168cbe634cfe3b0fb119f0055e1ab2ee4d1570445bcdebca99301943b403175ecc1798ee4280e27e0c06ebf7e1ad71602840a4162

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c544.TMP

Filesize
868B

MD5
ef4874c5d8ba90e0787dfa9896942ea0

SHA1
e8cfd4023d1e4756d3613a9cd5e41e9792f7bc38

SHA256
a4bb6b13d64115723195aec28a4f289f905ab563dac847837d69a4bee6f59df0

SHA512
d00d733fae3a0fbd7591da4e8cae7b38bb8fd272eba9348866251620aa65ebd633180c7b3d2cc0a569f4b6dd33dc3b57bf24de13693d5909da485604959f0544

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
69219f707137b47402d668a51b790ad6

SHA1
6ea9f3d855446f63a7ac7b1dd121fe59c9b208d0

SHA256
1da0b8d098d139c1e91744c85733cc0aa26c0aa8e127f5c679d8f9d957e64832

SHA512
1cec71a45d9753fefe6229ab64e3cab8203db2d67442096c9574f98baebee72c5335a12da32f7bb0c19b4dd897b4b3cd481c411f059086578af6d441f7f0ca2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
19f8e95f5ed8dddbe886c63a22ec14c6

SHA1
3e1d0b2b6b69b77a7bfc590a984d81bfe3dd8101

SHA256
8120ad80a128111c714075d3abadbd05f7d93bcafa13fd9b70b64db8f73226d4

SHA512
340cf4b281aa908626d6acc0b15113a7d43ab63c9c8f0fa120e9e7b9e31adca957b72e75e033c6f0a017f81094064fb6874e6a8921e98959412ac4eff47a2ba1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
14047b339e96d515ebd0d72cc99b343b

SHA1
5ad919e193146b328db8171b849f2dffa480daf4

SHA256
8de25041f98ce747a05a76cb27c7b3b25194d932c355750e6256f71c90103d27

SHA512
3332c6a0c6d31a1ecb4f5122f5ed527e672c9b32831c7ea1eb233b2c57675b62fa03079afb0c8dbfbfe2f15751f648af83a9ef03b98a9eb2e8be09233dc66ca6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
7c06f3da4de20bacf719e3eeb3635a35

SHA1
41ea3a8c8ec0ac5059fe0682b86a3ad8a48a9912

SHA256
d1ec45cc1fb1ed7b2192464f61bb1da3647653385b997fc0e4e88dee34beb432

SHA512
620da4b405cf7a79183e9304ceea52a3db7ca55565f39731e5e740c88317d0083380741a99286fd2f067f319996c1aa4512da5b3e7001a449f5a2a4dc566211e

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037.rar

Filesize
15.6MB

MD5
20610b643b324b8eef61bc75572af455

SHA1
81f57a99c72511f97f6fde0416db992b5e220bb2

SHA256
044960c9e75151aaa484189c519ed12d582ee2830d405175e9d4dcebffbe0305

SHA512
f5ec64f902d27697eed7e39b90e9cb863025efd4b8e0956b89d2a3261938e7467a07a41665279bd65165fd9cbe690be41a8586fcd24f8e02155b2c6fa473d7a6

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\BandTest.dll

Filesize
140KB

MD5
8c8b55d640ffcf77e04bbe3ef6a31098

SHA1
12772f7ae2f474690da07679f026d89462eee85d

SHA256
f40b962488c706a3ce7dcc7aa0d1ba0e166c1ccd6b00422e1c55bdd6698aabe6

SHA512
bc787877df1afa15e44a2eaf2de2df28f15f517329772bc8dc45e97c58ecd3132069f34c68eb407c03743aef799b26e7c5193682ef7d46e4cb8c684040973f7d

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\Always.dat

Filesize
5.2MB

MD5
3013e600b61c6a150560b1e12df9bcd7

SHA1
021d22f902052fdf8b3ed04d6c84b94545159fa8

SHA256
02049381fb58b27edc0766ffc3f3ff9e4173e643970d6eb96ff01ce22e5140e9

SHA512
285a82e9b7d86c5d8e1fac28676572a17739c452ee66f287ead26840b6d74448289b498dfc8a34e3b923b5ab7cd145531d6a11b0e89aae13a2ebc5e403e3fa38

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\Always.dbs

Filesize
5.0MB

MD5
80e9f98242246ccf76a1851e46312a9f

SHA1
396972cc3f65354a94b3e2880b8ad5c3288af344

SHA256
a28d5a3e1fbd48bdd498fae8324b496c713e2888fce2e8d5824fa8917570bac2

SHA512
74b8699d8bc1d993d39df14c5d80eaf1fa262a40fff70912089e9dbb049970d617d45cca7ccd196869ba82bafbd24e693731e1b91d244533b1450dc67f9833be

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\Always2.dat

Filesize
192KB

MD5
fa399ef4b949cd854cfa8378171e1e57

SHA1
79c9a440023edb33af65ca53098cae86feaeb284

SHA256
5db99f8a7be166a6389478b267ee3406d4c732f7f339f8055f03909276d1cb73

SHA512
a15519b175b32a66827b4a00574bb45b00b6094550b72c1ad8cdc9a4cfb54fe819a92a3eea7ff8157ab73bcfe1ec2790d9cc6199c9402871a6be24de84e66496

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Canyon.mix

Filesize
4.9MB

MD5
c5ee370efa3e99dbad212afdd1b837d2

SHA1
a65f6b2f14a79551b54031c4c8f9ba84abf81e55

SHA256
70818364951df574eb6561a5464c65cf7c520e3435bc30ef1bdce696340926bd

SHA512
6b5b0b970375aa850438a83bb57b2c519f3cab3be0e1c1c3a5fcc40141eb187cdb5bd5cc07912024447f7c46dc057e625a1e2a3cae6c86ff5c17c139accd02a6

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_City.mix

Filesize
4.7MB

MD5
886227bd2e1b065a4533c0f49cf4fb0e

SHA1
2a05a52447c8c90059713909801e1007e5066da2

SHA256
a68b2af2ebc385ae10fa989734e2054d3d9d915825d71a90e1a707091a2c7736

SHA512
c14dc83259081e98dfe10bccc4ed81bdcfb415be58c4494be2ddd3b52999d45dae39e93aec19f50e8b4851ede6165d9038831baef12fbfe649ed2bd9019cbb9a

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_City_Flying.mix

Filesize
4.8MB

MD5
6127f75a5006f5ebd5abbe574ba3dab9

SHA1
cd49d9db9f0581fcf107618366eb228be70e14ce

SHA256
01ce72351c7cc5fdc10e2271069cc309e69ad400c6c609f8e5a4de9fe9ec4c5d

SHA512
aebb9455baac01da550231e1190e070a01aa1a07683d9e4d0338e49e70b1c3a59e9a05bdb20f85233fcd369bb1f35080f6b9edbe3a8085f4a4b2a03eab8397c9

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Complex.mix

Filesize
4.7MB

MD5
3cbd2dfc2d81d5088c3842e91ae2f98f

SHA1
097acc61b347e73eb028e9123f50806a76f54301

SHA256
82ee81293c4a07912f0e1a46a429327efa851eb51aa708ce40e772680ae6bff9

SHA512
91251601c91772030fe81578b63f0a4497a49f7dd7ee867e3b0e813a9585bd027669d49cb1ef6515ad352aa40814eb139771be7c75712a60745cf1e62a89930d

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Field.mix

Filesize
4.9MB

MD5
f0e49e4e373d3293d4745e0eade608f4

SHA1
7d76c14de53ebacb619dd14e1b9cb1350ae2d5b7

SHA256
0010a41e8b965761eb99198d9985b0a4f4e37d7a253974f10e3b14242aa5ea09

SHA512
96149c42086316eaa55e1c9106551cde143729608fa8cd288f2b6d6f757149429b277f7da32e1b1601d94f233c86745b6caaba67227da3bf1a7f9390f8564a5d

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Glacier_Flying.mix

Filesize
4.8MB

MD5
94a6412bd5b29b29ec594def4a2df41a

SHA1
a8f3ffb48bae5d26c1a80b1b011a725dae54745e

SHA256
103378da65cba1dcc184198f4a09b8a0bbbdffc909e169b6782e19bd5353b512

SHA512
efe81736290b7c12fec9beed993df4832a55a27afc50351668c0bc462df6517c3ec86c9d0a7c3fc7ea6d11a6fd36c41abe968a122b9078834baed9a2537fefef

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Hourglass.mix

Filesize
4.3MB

MD5
c62c36615bb66078949888557bc3eb09

SHA1
2e16d950fe8625b2d385a80086c1659de1b3372b

SHA256
2a7cf73b60601192dc010384049e9be5419af968df90fff8f6174b23626c368c

SHA512
bcd85424604c456d73bb2c384c745914cc3391a6bf41e1605ab1c75b706ca33e21870b6d366d35d50201050df43342b9c2e462fca45880146b289f5eab0bb690

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Islands.mix

Filesize
3.8MB

MD5
a78ecd613dbe330d200b10a3595770a0

SHA1
ea28e15afaa5292c043324519b2241a23fe0f12c

SHA256
f88e4d9e60c9d041b1fc1ed4af1704d5d4601b5b0927e0e196ff05dee5fe291e

SHA512
e20d879e85e379465a0bea5fbe9ff5f4007244ad26824f55099349f7e8198e55583af5164f872074b7541895999c3dfa6b420d5f91d6d706bd72ccd2bbfaea3a

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Mesa.mix

Filesize
3.6MB

MD5
60549fdc2ebc9bf51718a1d5a44d955c

SHA1
179fa50e23c20222703bf0b42904f84eb26c1727

SHA256
dfe78d7d96af79b730982dbe61b2155965d9b517df402248d3a599d1b62fae02

SHA512
33bb3c2097e475a2e6ab765bcab683e5d50e54fc178c40365aef75ff04b7a60ff383a61357d1bba6bae21b96947cb4c38b9515773ae8a20c1901df7e2bcd7a6e

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Under.mix

Filesize
2.3MB

MD5
e2e5316f0d7d81f2d7468fb7cd3cd7bc

SHA1
46ec9713c934825f839bbb88f6b486697760190c

SHA256
aff294db2106713d3e68f0ae46b722b8fd73f075260ad1238d3ac5168dd95b08

SHA512
97aebd608163719184870c8c66b75c8cef2d67a5c0024a461831714ac3bfb6fa42be624293d9e5584a85ba58a8ec921b068d3e5919060ea98956c643aa2e0a10

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Volcano.mix

Filesize
3.4MB

MD5
1a338f0d8ab6a13fa8b5f8bfa15a4939

SHA1
3570eb5c7309a8e7f4fe2937f7f0e2b6954eee97

SHA256
fba9c80d79852443211c9e7ecaa516046fdc2ab21c46c56002e9755540c9a9ac

SHA512
266db2b2f6cd6ded62c02a64596ca8c19cc34ebb893cffc6cd1b5b994b2efe7d048aff0ce0ec8d561b5767699f3b8a44012d8088f7455c856a0456b986a48504

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Walls.mix

Filesize
3.1MB

MD5
bc240f77929f87462b955d1ebd0b74b0

SHA1
5539d7f08b0455f77ad772d5f155d1d7a29206f0

SHA256
9992488c8628882e4b433f489fb4b0f0859c5479a58a50cc18e28729041fbd54

SHA512
5bf031617fd40df585c741523eae36c8608479a8ed17d4d668f4deabb272c567685ef84ca838b4976e33cdc719c6992ecc631d8c4a22792405f4c7cf41a394fb

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\DATA\C&C_Walls_Flying.mix

Filesize
2.9MB

MD5
d4558ee567e364470bc44796b1b98c57

SHA1
22136ea1cd4355d2b1686885ae6269785fde7170

SHA256
ae30b4cbfcd7ac56c5f60d9db81a5b14f649fd5c5f89f7fae83dd31bc77f01a1

SHA512
a83294b90e2bfbb8821dbc4f3b35683a519198f1fe005d1c99317566a29df045462ea071a540c49656ea2c7514007f7ef262e12e3fb3da60662ad4e16b26dede

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\Game.exe

Filesize
4.2MB

MD5
8207dfcd9b83bb4acc10737b48cf5636

SHA1
d469bd9f56127c55163e94fd6346aa35a2e58cef

SHA256
fa36db94d2ffbdf33c2198472142eaf798db83af74ec76b445f34c9107aa8d16

SHA512
e516447907c0363bbbddb7ea9c233a2d20fddedc707650da0583494a267ec022349f7228affc8ace4e9a037679a911a9e68e3aa3cd727c994a4a8fe8fa0103bb

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\binkw32.dll

Filesize
298KB

MD5
c6deff3cacf529b3174ebe6fb9669544

SHA1
d8ff51ba54566af260eb358beda1529f3cb4ec04

SHA256
8a7afe9b64ff862cf61d7051af7275ff43140c3a2fe5b2956131912a09a5f647

SHA512
06aacd1904e6d7c394eeb97954d063cb478139dc9056f0222f3e8e6465ae2bad202e3da7358a69f88f4734e6084ca9730114336fdf3f6b25503cbae87a643d8a

Download Submit
C:\Users\Admin\Downloads\Command.and.Conquer.Renegade.v1.037\Command And Conquer Renegade V1.037\mss32.dll

Filesize
342KB

MD5
a60933a3e0b68d6deb0b5833398d4d6a

SHA1
f31351b95fe1485468d1adc94d39a0b860e4b3aa

SHA256
b4adfadcd8b873cd8f1117c4f6f160e3a925688096d4d2969ff83e5dbd502360

SHA512
2ae76761dfd92bd7e8c567639d59f8e4b86a4671da6327ee341c33df520c1d958fe4f090838449c05dace4ed50ca4e9af4689068989f383b542005968c116625

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response